I am going to create a web service that is passing confidential information on the network.
What would be the best way to secure the web service? How do I know who the information requesting information is, what it is, and this is not another application that is using another username and password?
Use WCF for your web service! There are several safety capabilities in it:
You can
-
secure your customers through the certificate - only those people have the right certificate Calls will be allowed to be processed
-
Protect your customers by viewing them in your internal Active Directory domain - Only those AdWords accounts will be allowed to process their request along with < / P>
-
Custom User / Protect your client with password, you can see against anything you want (this is the most flexible, but also the most complex choice, and if you get some disturbances then provide the most probability for failure )
Plus, with WCF, to secure the transport between your customer and the service, or to encrypt and sign messages forward and forth Wikal As one.
See all things as a great starting point for WCF.If you are serious about programming WCF safely and safely, then hold a copy of the book by Juval Lovie - this is Bible F or WCF.
No comments:
Post a Comment