I
Ian B
I'd really appreciate some pointers on web services etc. I'm a VB6
developer with a growing knowledge of vb.net and asp.net but I'm in
need of some direction!
Firstly, sorry about the X-posting but I've kept it to a minimum (2
groups).
I have a asp.net web application that uses a combination of SSL (for
anything in the secure folder) and forms authentication (for certain
pages in that secure folder). This has been developed using VS.Net
2003.
I now want to add a web service to the application. This web service
will require SSL and (probably) basic authentication (as forms
authentication cannot be used for web services).
How can I achieve this? Is it possible to have different
authentication modes within the same application? From what I've read
it is not - so how can I host this web service in the asp.net app and
still provide some kind of authentication for it?
I also considered simply creating a remoting object rather than a web
service. Might this be a better option? I presume that I can host
this in the secure folder (or a sub-folder off that) and it can have
its own authentication mode?
Also, I know how forms authentication works by sending a ticket in an
encrypted cookie but how does a web service deal with this? Can it be
done in the same way? - how? To make it truly stateless, would I be
better to require that the credentials be sent with each request?
(safe enough with SSL but is it necessary?).
How easy is it to call a web service or a remoting object that uses
SOAP from non-ms.net platforms? (This will be required by the web
service consumers)
Thanks for any help
Ian
developer with a growing knowledge of vb.net and asp.net but I'm in
need of some direction!
Firstly, sorry about the X-posting but I've kept it to a minimum (2
groups).
I have a asp.net web application that uses a combination of SSL (for
anything in the secure folder) and forms authentication (for certain
pages in that secure folder). This has been developed using VS.Net
2003.
I now want to add a web service to the application. This web service
will require SSL and (probably) basic authentication (as forms
authentication cannot be used for web services).
How can I achieve this? Is it possible to have different
authentication modes within the same application? From what I've read
it is not - so how can I host this web service in the asp.net app and
still provide some kind of authentication for it?
I also considered simply creating a remoting object rather than a web
service. Might this be a better option? I presume that I can host
this in the secure folder (or a sub-folder off that) and it can have
its own authentication mode?
Also, I know how forms authentication works by sending a ticket in an
encrypted cookie but how does a web service deal with this? Can it be
done in the same way? - how? To make it truly stateless, would I be
better to require that the credentials be sent with each request?
(safe enough with SSL but is it necessary?).
How easy is it to call a web service or a remoting object that uses
SOAP from non-ms.net platforms? (This will be required by the web
service consumers)
Thanks for any help
Ian