troubleshooting Question

Does my Silverlight/Web Service solution have a security vulnerability?

Avatar of Sandy Westman
Sandy WestmanFlag for United States of America asked on
.NET ProgrammingWCFWeb Services
2 Comments1 Solution617 ViewsLast Modified:
I'm building one of my first silverlight applications.  The silverlight will be hosted within Microsoft CRM 2011 Online.  It will need to access a web service that I am creating that is hosted on the clients server which is a different domain than the silverlight application.  

Users who access the silverlight application via CRM 2011 have already been authenticated by CRM and have permission to access the data in the web service.  The webservice doesn't need to know which user is making the request, just that it is an authenticated user of CRM.  

I am planning on setting up SSL on the server that hosts the web service and adding the domain of the crm system to the crossdomain.xml file.

Because this is my first silverlight application I'm concerned that I may accidentally be leaving a security vulnerability.  I would appreciate a response on whether.

1.  My solution is vulnerable to data being intercepted when it is communicated between Silverlight and the webservice.

2.  My solution is vulnerable to impersonation by a malicious user trying to query the web service.

3.  If there are any other security vulnerabilities I need to be aware of.

Thank you for your consideration.
ASKER CERTIFIED SOLUTION
Kyle Abrahams
Director of Information Technology

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 2 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros