Harris Boyce III
1/9/2003 2:40:00 PM
I'm looking to expose a system within my business out on the web via Web
Services. I'm skeptical regarding the security aspects of this project.
For example, I don't want the public trying to consume the service because
they stumbled across its location. Therefore, I think some sort of
authentication/authorization is necessary to allow access to the system
itself. In ASP.NET, this is straight-forward: Forms Authentication or some
variation there-of. How would I go about implementing a similar security
scheme with Web Services? Is .Net Passport an option? The major caviat is
that it should be a interoperable as possible since I'd perfer not to
restrict the system to strictly .NET customers.
Thanks for any input,
Harris