Last post Jan 25, 2013 04:02 AM by soerenkbhg
Jan 24, 2013 08:54 AM|soerenkbhg|LINK
I have a set of Web Services that is called by jquery in ASP.NET pages. They are only used from these pages (which are basically HTML pages except that they share a master page).
The site is protected by Windows Authentication and only users with the correct roles are allowed access.
Does the protection that works for the ASPX pages also protect the ASMX pages or will any user be able to access the Web Services?
Jan 24, 2013 10:36 AM|kushalrdalal|LINK
I think so form authentication does not secure web service.
You have to have some authentication for web service like passing username/pwd in order to access the methods or pass some kind of security token.
Jan 25, 2013 04:02 AM|soerenkbhg|LINK
Hi, thanks for your input.
These web services can operate on the Session object and thus is called in a session context, so I would have thought so.
I assume that web services implemented as page methods are protected then?
I have not marked your input as answer, since you express some uncertainty and it is important for me to get a clear answer :)