Is there a way to find out if a web service has security?

Question

I've got a web service: http://machine001/Services/conversionService.asmx

This web service has one method in it called convert(string pInput).

I am trying to find out if there is a way to figure out, without logging into machine001 and without actually calling the convert method, if this web service has security applied.

If I am able to reach http://machine001/Services/conversionService.asmx, see the service description, create the proxy class and instantiate the web service object from any client does that mean there is no security?

Answer 1

Use your browser and go to:

http://machine001/Services/conversionService.asmx?wsdl

And see if the description contains WSE Security declarations. And to you're last paragraph, yes if you can do all of that and you did not do anything else to authenticate, it is unsecured.