Home Library Learn Samples Downloads Support Community Forums
Microsoft Developer Network >
web service security

Locked web service security

  • Saturday, April 21, 2012 8:39 AM
     
     
    Sign In to Vote
    0

    Hi every one,

    I want to create an webservice for access data from remote.

    How do i hide the request information if the client using SOAP?

    example, in my webservice have method:

    [webmethod...]

    public DataTable  RequestListOrder(String userID, String passWord)

    {
    }

    The client will send the xml request with the field userID and passWord. But it easy stolen

    How do i secure my info?

    thanks

       

    All Replies

    • Monday, April 23, 2012 7:45 PM
      Moderator
       
       
      Sign In to Vote
      1

      You should not be using ASMX web services at all. You should be using WCF, which permits you to use the WS-Security protocols to encrypt and/or sign your web service messages.

      If you must use ASMX, then you should  use an HTTPS connection.

      John Saunders
      WCF is Web Services. They are not two separate things.
      Use WCF for All New Web Service Development, instead of legacy ASMX or obsolete WSE
      Use File->New Project to create Web Service Projects

         
      • Thursday, April 26, 2012 11:25 AM
         
         
        Sign In to Vote
        0
        Hi, I am sharing one document of about Web Services Security Implementation http://www.omg.org/news/meetings/workshops/DOCsec-2003/00-6_Tutorial2_Thelin.pdf
           
        © 2013 Microsoft. All rights reserved.