My question is a bit specific. I am currently hosting WCF services that provide data to a website (JQuery) and a mobile application (iphone).
I want to secure this communication using a Membership Provider. I know how to setup the membership provider to secure the services so the Jquery part of the story is complete.
However I need to access the services using the mobile device as well.
I'm planning on using either message authentication (username and password in header) or transport + message authentication (SSL + username and password in header).
How would I go about setting this up in the web.config? Would I need two endpoints for the services? One for the mobile device; one for the website? Or is there a way that both can use the same endpoint? Can someone provide me with an example?
Btw, I transmit the data to JQuery and the mobile device using JSON.