What is the best way to secure Web Services -- dotnet web services

Anthony Biondo Jr
7/20/2006 11:47:03 AM

Hi Everyone:

We are looking to start writing some web services and I was wondering what
the standard practices for securing web services out there. I was thinking
that we could create a business partner id and password and authenticate
against a sql database. Can anyone tell me what they are using out there.
The services would be public internet, so WinNT Authentication won't work in
the situation.

thanks,
Anthony

Anthony J Biondo Jr
Product Manager of Web Services
Keystone Mercy Health Plan

linhardt NO[at]SPAM aol.com
7/20/2006 1:29:52 PM

Take a look at the UserNameTokenManager example of samples for WSE 2.0
(if you're on .NET 1.1) or WSE 3.0 (if you're on .NET 2.0).

-Paul

[quoted text, click to view]

Pablo Cibraro
7/21/2006 10:59:38 AM

Hi Anthony,

Yes, there are some standar practices for securing web services. You will
find anything you need in this link,
http://msdn.microsoft.com/library/en-us/dnpag2/html/WSSP.asp
It is a document that describes the best security practices for web
services, it was written by the Patterns & Practices team. It also includes
excellent code samples.

Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax

[quoted text, click to view]

Got something to say? Click here to post a reply to this thread.

Don't see what you're looking for? Try a search.

View other messages about dotnet web services

dotnet web services : What is the best way to secure Web Services