hi ,
i want to implement a web service which is both in java and .net.but i will first create a wcf service and later convert the code to java . for securing the webservice , i have this in my mind. i shall be implementing asp.net form authentication type of stuff . i intent to sent a token to the client on providing valid userID and password to the login method. in return i would send a token. on all other service operations i shall check the token .
Now i have a wcf client and a wcf service . what should be the shortest way forward ?should i use soap auth header to send the user ID and password and how should the token be transported ( in which field ? http or soap's ?) .
P.S: of course i shall enable ssl later.