ASP.NET Developer's JumpStart By Paul D. Sheriff, Ken Getz
Table of Contents
Part IV. Web Services
OBJECTIVES
Learn to secure a Web Service
Learn about Windows Authentication
Learn to use SOAP headers
Securing a Web Service is very similar to securing an ASP.NET application. The programming will be slightly different because there is no user interface to prompt the user for a login ID and password. You will need to call a method that allows you to pass the login ID and password to the Web Service in order to authenticate the user. How you do this depends on the technique you opt to use for authenticating and authorizing the user of the Web Service.
This chapter describes different ways in which you might administer authentication and authorization. (For more information on authentication and authorization, refer back to Chapter 24, "Introduction to Web Security.") You will first learn to use Windows Authentication to secure your Web Service; then you will learn how to use SOAP authentication.