I am building an application using webservices, for example on my website there is a form, used to obtain data from webservice, I have already finisher the data providing, but I have to think about security too. Sou can you tell me some advices, what things
I should do? How should I for example find out, whether the ws call comes from my form or not, or how often is the ws called, to protect it from bots?
I'd be very grateful for all advices, even theoretical.
The simple way to authenticate .NET web service using custom SOAP header. in the web service you can check the username and password credential before call other web method. Here is a article about it.
In the web method you can protected it with SOAP header, if you want to call it and pass user credential, then create a request object in SOAP format with header value in it and then send it to the server. For more about this, please check the following
article.
medivo
Member
48 Points
41 Posts
webservice security
Apr 09, 2012 05:04 PM|LINK
Hi,
I am building an application using webservices, for example on my website there is a form, used to obtain data from webservice, I have already finisher the data providing, but I have to think about security too. Sou can you tell me some advices, what things I should do? How should I for example find out, whether the ws call comes from my form or not, or how often is the ws called, to protect it from bots?
I'd be very grateful for all advices, even theoretical.
Thanks
webservice
Peter pi - M...
Star
12871 Points
1786 Posts
Re: webservice security
Apr 11, 2012 02:24 AM|LINK
The simple way to authenticate .NET web service using custom SOAP header. in the web service you can check the username and password credential before call other web method. Here is a article about it.
http://www.codeproject.com/Articles/27365/Authenticate-NET-Web-Service-with-Custom-SOAP-Head
webservice
If you have any feedback about my replies, please contact msdnmg@microsoft.com
Microsoft One Code Framework
medivo
Member
48 Points
41 Posts
Re: webservice security
Apr 11, 2012 04:14 PM|LINK
Thank you and what about if I want to call the webservice from javascript?
webservice
Peter pi - M...
Star
12871 Points
1786 Posts
Re: webservice security
Apr 16, 2012 03:55 AM|LINK
In the web method you can protected it with SOAP header, if you want to call it and pass user credential, then create a request object in SOAP format with header value in it and then send it to the server. For more about this, please check the following article.
http://www.aspnetajaxtutorials.com/2010/01/how-to-call-webservicescriptservice.html
webservice
If you have any feedback about my replies, please contact msdnmg@microsoft.com
Microsoft One Code Framework