I have a set of Web Services that is called by jquery in ASP.NET pages. They are only used from these pages (which are basically HTML pages except that they share a master page).
The site is protected by Windows Authentication and only users with the correct roles are allowed access.
Does the protection that works for the ASPX pages also protect the ASMX pages or will any user be able to access the Web Services?
soerenkbhg
Member
134 Points
75 Posts
ASMX and ASP.NET Authentication
Jan 24, 2013 12:54 PM|LINK
Hi,
I have a set of Web Services that is called by jquery in ASP.NET pages. They are only used from these pages (which are basically HTML pages except that they share a master page).
The site is protected by Windows Authentication and only users with the correct roles are allowed access.
Does the protection that works for the ASPX pages also protect the ASMX pages or will any user be able to access the Web Services?
TIA
Soren
kushalrdalal
Contributor
7200 Points
1288 Posts
Re: ASMX and ASP.NET Authentication
Jan 24, 2013 02:36 PM|LINK
I think so form authentication does not secure web service.
You have to have some authentication for web service like passing username/pwd in order to access the methods or pass some kind of security token.
My Blog
LinkedIn Profile
soerenkbhg
Member
134 Points
75 Posts
Re: ASMX and ASP.NET Authentication
Jan 25, 2013 08:02 AM|LINK
Hi, thanks for your input.
These web services can operate on the Session object and thus is called in a session context, so I would have thought so.
I assume that web services implemented as page methods are protected then?
I have not marked your input as answer, since you express some uncertainty and it is important for me to get a clear answer :)