Hi Gurus
I'm developing an application for Blackberry that consumes .NET Web Services that are hosted on our public web server.
We are using JSON as our data interchange format.
So far we have been testing the application and everything is working fine but there is one big thing to solve: the .NET web services are public. If you go to the service URL: http://www.whatever.com/myservice.asmx you can assign values to the parameteres and invoke the service.
Obviously we don't want to have them publicly available and we want them to be secure.
I've been reading some questions here at stackoverflow but I haven't found a good answer.
I was thinking of adding a "password" parameter to every web service that I have and there sending a password to the server so that it can verify that it's the Blackberry trying to consume the service and not some spammer. That password would go as a String in each JSON request that the Blackberry does.
Another thing that is important to mention is that we have a simple web hosting solution from GoDaddy so our hosting is shared, we don't have full control on the computer.
Is this a correct approach?
Thank you all for you help