Reputation: 19158
what authentication should I use for my web service in this case?
Hi I am going to do a web service. Now our customers are going to be able to call the method from their interface. I been thinking what I should do for authentication, I been reading and can not really decide. I want to pass username and password to the method.
Do you got any advice?
Upvotes: 0
Views: 108
Answers (1)
Reputation: 7480
Common authentication schemes are well-defined and, while not perfect, are known entities. The worst thing you can do is "roll your own" in security.
I assume by your comment "pass username and password to the method", you mean you would like to have access to the credentials used to access your web service. This is fine, but don't pass credentials as parameters to your method.
Based on your description, basic authentication over SSL should provide you sufficient protection for your application. This would work in a non-trusted environment (i.e. across unknown networks) and should be easy enough to implement on the client-side.
Upvotes: 1
Related Questions
- .NET web service secure
- How to authenticate user while calling a webservice (in ASP.Net)?
- Authenticate a web service
- asp.net webservices authentication/authorization
- how to authenticate user in web services
- Basic authentication for the web service
- What is the most efficient/secure way to authenticate a web service in ASP.NET?
- What should we implement to authorize clients to use our web service?
- What is the best way to have Authenticate for a Web Service
- How to effectively authenticate the user calling a webservice?