Solved

Web Service Security

Posted on 2006-07-08
4
201 Views
Last Modified: 2010-04-16
Hello, Once i build a web service, i built a windows app that will connect and interface with it.... Now that i have the web service, how can i make the web service application secure?
0
Comment
Question by:kwickway
4 Comments
 
LVL 6

Expert Comment

by:MuhammadAdil
ID: 17067168
0
 
LVL 22

Expert Comment

by:Mohammed Nasman
ID: 17068561
0
 
LVL 96

Expert Comment

by:Bob Learned
ID: 17068976
Use the https: protocol with SSL.

Bob
0
 
LVL 7

Accepted Solution

by:
whatsit2002 earned 250 total points
ID: 17084944
kwickway,

There are two main things you probably need to be concerned with when it comes to web service security. Those are: authentication, and secure transfer of data across "the wire."

The easiest way I have found to implement security on a web service is to use the security features built in to IIS. If you disable anonymous access to the virtual directory that your web service is housed in, and enable basic or integrated security, that will take care of the authentication step. After that, you can achieve secure data transfer by using SSL (also a feature of IIS).

Then, your web service client would create a reference to the web service class like so:

_Ws = new MyServiceWs();
System.Net.CredentialCache cache = new CredentialCache();
System.Net.NetworkCredential cred = new NetworkCredential(username, password, nt_domain);
cache.Add("https://myurl/virtualdirectory/MyServiceWs.asmx", "NTLM", cred);
_Ws.Credentials = cred;

Please note that there is also a third security concern: Authorization. Your application should check to make sure the user is authorized to use the resources they are accessing. However, I don't believe that is what your questions was about. If you would like more information about authorization, please let me know.

Jason
0

Featured Post

Live: Real-Time Solutions, Start Here

Receive instant 1:1 support from technology experts, using our real-time conversation and whiteboard interface. Your first 5 minutes are always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article introduced a TextBox that supports transparent background.   Introduction TextBox is the most widely used control component in GUI design. Most GUI controls do not support transparent background and more or less do not have the…
This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question