WCF vs Web Service Security

B

BeerBoy

In the past I have developed a web services application where each
service authenticated a user by examining a token. It worked like
this :

A user calls a 'login' web service - this web service looks up the
supplied username and password, if they are valid it creates a token
by encrypting the username and a timestamp, it passes back the
timestamp and the encrypted token.

Now, every other call to any of the web services need to pass this
timestamp and the encrypted token and the username. The web service
will generate a new token from the timestamp and username it will
compare this token with the one passed, if they match (and the
timestamp has not expired of course) then the web service will
continue with execution.

Now, my questions are this:

I am now developing a similar WCF solution but I don't know what this
type of security is called. I also was wondering what is built into
WCF in order to help me do this, if anything ?

There seems to be a load of binding and security options but the
documentantation all seems a bit abstract to me.

I would be grateful if anyone could explain them to me in simple
terms.

Thanks in advance
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,981
Messages
2,570,188
Members
46,731
Latest member
MarcyGipso

Latest Threads

Top