Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / September 2006

Tip: Looking for answers? Try searching our database.

Best way for webservice security for a public application

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
news.demon.nl - 15 Sep 2006 14:11 GMT
Hi,

I hope someone can give me some advice on which form of security i can use
best in this scenario:

I have a free application that everbody on the internet can download.
It calls a webservice retrieve it's data. Currently it's not secured, so
anybody can use it.

I want to secure it, but the guy who owns the server does not want to make
use of windwos authentication, so that's not an option.

I would only like that my application can access the webservice. Which do
you think is the best way? (and perhaps i also need to use this for a
windows mobile application, is that also possible in your suggestion?)

I hope someone can give me some useful advice.

Greetings,
Jeroen
Reply to this Message
Pablo Cibraro [MVP] - 15 Sep 2006 15:03 GMT
Hi Jeroen,

I recommend you to take a look to the "Security Patterns for Web services"
guide. It was published by Microsoft, and it is available here
http://msdn.microsoft.com/library/en-us/dnpag2/html/WSSP.asp

I think the simplest configuration for your scenario is the following:

1. Authentication :HTTP Transport authentication - Basic Authentication
2. Confidentiality: HTTPS Transport security

Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax

> Hi,
>
[quoted text clipped - 16 lines]
> Greetings,
> Jeroen
Reply to this Message
news.demon.nl - 15 Sep 2006 20:29 GMT
thanks, i'll read that.

> Hi Jeroen,
>
[quoted text clipped - 31 lines]
>> Greetings,
>> Jeroen
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.