I am running MS VS 2003 with WSE 2.0
I am trying to build a user authentication scheme for my webservices.
Below are the steps I am trying to follow:
1) Initially the user must provide a valid username/password and authenticate to a WebService/TokenManager at which point the user will be issued a unique token (Guid).
2) This unique token (Guid) will be stored in the Context.Cache of the Webservice (with a back up in the DB)
3) All subsequent calls to web services will require the unqiue token to be passed with it.
I wanted to use WSE 2.0 to handle all authentication. I am able to get the Username/Password to authenticate against the DB without a problem.
I CANNOT figure out
1. What type of token i should use to store the Guid
2. How to authenticate against the Guids stored in the Context.Cache
Is there a better way to handle authenticating repeated calls to webservices
Thanks
WSE 2.0 Authentication Scheme For WebServices
Hot Topic
- Class Library Protection
- PInvoke HIWORD/LOWORD LParams and WParams in 64-bit
- TableAdapter Update problem
- Editing XML File
- WNetUseConnection in .Net
- How an assembly in VB can use in Visual C#
- How to use Process.OnExited()
- "Unauthorized" when calling a Web Service from ASP.NET in the same solution.
- Open SELECT list with script
- How to implement GetFunctionPointerForDelegate function in .NET 1.1
.NET Development
- How to update/insert/delete from mulitple tables with SqlDataAdapter?
- Help plz!
- Code conversion: asp VB ->asp.net 2.0 C#
- vertical label control (default values and autosizing)
- runtime error
- Syntax error in UPDATE statement
- How to force build in Framework 1.1 environment
- Help: DotNet Tcp Client Bound
- Single .NET executable - linkers
- Can't update database from datagrid
WSE 2.0 Authentication Scheme For WebServices
Yogesh Kumar Dhiman
Hello Empire29,
the best way to handle repeating calls is using WS-SecureConversation. It has clear performance advantages over other methods, by establishing a session and using symmetric encryption. Take a look to mgudgin article on the subject.