Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / March 2005

Tip: Looking for answers? Try searching our database.

Web Method Level Security

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
John Jenkins - 19 Feb 2005 17:37 GMT
Hi,
   I have a web service that has ten web methods associated with it. It
uses WSE2.0 implementation. I have a custom usernametoken manager. I want to
restrict which users use which method, without using WS-Policy (unless it is
simple to use). Any help greatly appreciated.

many thanks.
Reply to this Message
William Stacey [MVP] - 19 Feb 2005 21:48 GMT
Are you using a custom user database or AD?  Either way, you would want to
verify via group membership.

Signature

William Stacey, MVP
http://mvp.support.microsoft.com

> Hi,
>     I have a web service that has ten web methods associated with it. It
[quoted text clipped - 3 lines]
>
> many thanks.
Reply to this Message
Ronnie - 21 Feb 2005 16:20 GMT
WS-Policy is easy to use if you are going to be restricting access to
the methods based on roles/groups.    Of course in your UsernameToken
manager you will need to create a GenericPrincipal and attach it to
your UsernameToken, but this is very simple.
Reply to this Message
John Bristowe - 23 Feb 2005 17:25 GMT
John,

I would recommend using the WSE Security Settings Tool (in the Configuration
Editor) to construct a policy document. It will allow you to specify
role-based authorization for services.

John

> Hi,
>    I have a web service that has ten web methods associated with it. It
[quoted text clipped - 5 lines]
>
> many thanks.
Reply to this Message
Sidd - 16 Mar 2005 18:41 GMT
Hi John,

   Have you received the answer to this question, or are you still
struggling with this scenario?

   Thanks,

Sidd [MSFT]

> Hi,
>     I have a web service that has ten web methods associated with it. It
[quoted text clipped - 3 lines]
>
> many thanks.
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.