|
-
September 30th, 2010, 10:39 PM
#1
 WCF Rest Security
I am developing a Restful WCF service that will be accessed by URL. Clinet sites might be built in php,java,.net ..anything. How to implement security for this kind of situation. Common solutions found in net for WCF suggests Membership provider or Windows Permission principals. But would that cater for a Restful service which allows http requests?
-
October 1st, 2010, 03:32 AM
#2
Re: WCF Rest Security
Hi Shuvo,
I worked with several APIs, and two of them from (large) professional companies.
They both had a similar principle: First make a call to login and return some kind of login token, next use this token to all calls. It will look something like:
Code:
string token = someService.login("user", "pass");
object someObject = someService.getObjectById(token, someId);
someService.updateObject(token, someObject);
Another idea would be to give each client a key (perhaps each client his own id), and this key should be passed to each call. It's the same idea as above, only you don't need to login to get a token.
-
October 1st, 2010, 11:56 AM
#3
Re: WCF Rest Security
Another way to do this is to use client certificates.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
