How can .NET web services be made more secure? Something like HTTPS?
A:
Again - check out WCF. It has a very rich, flexible and extensive security model, both on the transport security (https) side as well as message-based security.
See the
for an intro (fundamentals) and an overview (guidance) of all things possible.
marc_s
2010-01-18 12:41:59
A:
If you don't have alternative of going with WCF service, the you can make use of GUIDs while calling web service. So you may define some white listed GUID which you will pass as a parameter while calling web service and you can check validity of each call to web service.
Manoj
2010-01-18 15:02:10
A:
WCF is definitely the way to go in terms of creating .NET web services these days. For a good way of protecting WCF web services, check out incorporating the [UsernamePasswordValidator], which when combined with HTTPS endpoints provides a very good protection mechansim. The following link gives an example of it's usage:
arabian tiger
2010-01-18 16:28:26