-
Securing Web Services
I'm a newbie when it comes to web apps. I have created some web services methods, and I'm wondering how to make sure only valid users can access them.
For example, one web method is InsertLogon. Obviously I don't want just anybody to be able to do this.
Can anyone suggest some links/techniques - for making sure only users I want can access my methods?
TIA,
Mike
-
How have you checked the users credentials?
-
I saw that was an option, but in this case, my web services live on a hosted site - Brinkster - so I can't set up Windows permissions or anything like that. I asked this same question on another forum - http://www.dotnetforums.net/showthread.php?t=88131 - and got a good response. Not that I understand it all yet.
Mike
-
Perhaps what you might do is have the client app call a login method when it first initiates the processing and you can maintain the login database in the app.
-
I think that's a good idea. But then I'd have to create something like a session variable, and pass that to my web service, right? So I know it's a valid user.