How to make web services secure in asp.net both the asmx and on WCF. Currently we have web services and now are in process of converting them to WCF in some modules in our application. Now as upgradation is in process we like to incorporate security on the web services as we intend to open some of them to all our clients via web (they contain both asmx and WCF as well).
View 1 Replieswant to create Secure and Fast email service with chat tool like gtalk. i have email server. Please let me know how to create this. if any of you are interested to help me to create such application please ask me. I will accept his perposal with open heart. But before tell me how i can start or what i should do to make ground for that project.
View 2 RepliesI am developing web service for my windows mobile application..! But the new requirement is the web service must be an secure..! for example : My web service name is [URL] Instead of that , client wants to [URL] How I create https web service..! I am using visual studio 2008. windows 7
View 1 RepliesI need advice on how to secure my WCF web service hosted in IIS. I am new to WCF and would appreciate any sample code, articles to help me restrict access to my WCF service.
I am in the process of testing and deploying a WCF service that will be available on the internet. I need to secure the web service so that only authorized clients can use the service. I need to be able to detect who the client is making the call to the service. The group I am building this service for wants to use Certificate authentication or IP address to Identify the themselves to call my web service. They do not want to use user name and password.
I have found several articles and code snippets for getting the IP address of the client and Certificate authentication. The problem I found using trying to get the IP address of the client is that since my web service his hosted behind a F5 or some type of reverse proxy I cannot get the true IP of the client. The IP that the web services get is the IP of the F5 or the reverse proxy.
For Certificate Authentication I followed the directions from the 9 simple steps to enable X.509 certificates on WCF located here
http://www.codeproject.com/KB/WCF/9StepsWCF.aspx?msg=3181718. I had a few problems using this setup for my web service. 1) To me it seemed like as long as the user presented a valid Certificate they would be able to call my web service.
2) Does Certificate Authentication work when the security mode is set to Transport? In my production environment only HTTPS traffic is allowed through. I setup a Certificate authention on my service following the steps outlined in the article. I used the SSL certificate assigned to my server for the web services. For the client outside the network the service is hosted on, I used one of the certificates I generated when i tested the code locally. I changed the authentication mode of the certificate to chain trust for both the client and the server. I was able to call the service and recieve a message. I thought that since my certificate was self generated using the makecert command that the web services would not authenticate the client for the service.
how I can secure my services to only allow a few approved clients to call call the service.
I have precompiled and encrypted my webconfig. What else could I do to make my site secure.
View 2 Repliesi have a single page that needs to be secure (https) , my problem is i dont know how to do it. Can you give me walkthrough on how to do this?
View 1 RepliesI am building a ASP.NET website that has members pages. I have created a folder where I keep the members pages in and that can only be accessed by logging in or creating a new account. The problem is how do I make the url of these members pages secure, so that someone cant simply give the url to another user for them to copy into a browser or bookmark.
View 2 RepliesOn code behind I do subit after the user clicked a button.After this, I am trying to refresh the page, and it sends the submit again. and so, there are duplicates in the database.How can I delete the form details immidietly after the first submit?? orelse, what are my options to deal with such scenarios?
View 2 Replies[Code]....
i have a above connections string in which i use UserName: taha1_ID2, Password: taha321, and SQL Server DataBase Name:taha1_web2 How can we encrypt it in web.Config
Note: All the above are fake.
How do you secure a WCF web service when you are using the traditional "connection string in the web.config"?
I have added a WCF service to an application which uses a JQuery post and returns JSON. The request happens on the client side. The purpose of this service is to return search information while the person is typing text into a textbox.
It works well, but there is a problem because the application will be used by a number of people and I am maintaining a role based security within the applications MS SQL database. The connection string to the database is in the web.config file.
In order to run the JQuery call to the web service the user must have at least read access directly to the database. I want to allow the application to control the access, but removing all security to the WCF service opens the application up for external access by unauthorized users.
I am building an application(asp.net) with online payment so i want to make these payment page SSL enable.
View 1 Repliesi want to know, how to use the web services in asp.net project
View 2 RepliesServer does not support secure connections. at System.Net.Mail.SmtpConnection.GetConnection(String host, Int32 port) at System.Net.Mail.SmtpTransport.GetConnection(String host, Int32 port) atSystem.Net.Mail.SmtpClient.GetConnection() at System.Net.Mail.SmtpClient.Send(MailMessage message) at MailWebService.SendMail(String fromAddress, String toAddress, String subject, String body)I am using a web service to send my mail and I get this error when smtp.EnableSsl = true;If I change it to false it works
View 2 RepliesI have a doubt regarding secure cookie.
I have four servers 2 App Server(behind firewall) and 2 webservers and each server is accessing through Load Balancer.
App Server is a modules for Data Access layer and webserver is for Presentation layer.
My Issue is My Load Balancer has Secure certificate installed but certificate is not installed on servers and I want to make cookie as secure in site , as per my understanding " cookie should be set as secure only for SSL site other ways new session will get create every time" so should I install SSL certificate on webserver to make my cookie as secure or will it work properly even if only Load Balance has SSL.
how can secure credit card number in database
using Encryption technique. using stored procedure instead of inline query and what more....
I need a book or two to get a good understanding of web services, starting from very basics, and going upto WCF. I've been using c# for 2 years and have intermediate level of experience with the language.
View 1 RepliesUsing ASP.NET 3.5 /C# / VS 2008.
I have written some web services that I want to make available to others by subscription. The subscribers need to use the service from a specific domain / IP address and also authenticate with a user Id and password.
What exactly should I distribute to the subscriber so they can use the services, while exposing the least about my code?How can authenticate a consumer of services without always passing an Id / password for each service?
I learned from internet that webservices can be invoked only by HTTP whereas WCF can be invoked by HTTP,TCP,et., can i know the difference between them
View 4 RepliesThese days I see that every other job posting requires LINQ and WCF. I have spent lot of time on LINQ, was fun to learn.
Now I want to move on to Web Services and WCF. After goggleing for some time, I am not sure either go for web services or WCF.
I've created Web Services in .Net 3.5 & Consumed those Web Services in a Client Web Application. Now i want to Host the WebService in IIS 5.1. I'm very new to .net, I'm using VS 2010, Wndows XP Service Pack 3, IIS 5.1;
View 15 RepliesI have a wcf dataservice that talks to a silverlight client and a wcf service library that talks to a chat client.How can i get the two services to talk to each other?
View 3 RepliesFrom my following code snippet:
ExchangeServiceBinding binding = new ExchangeServiceBinding();
binding.Credentials = new NetworkCredential(username, password);
binding.Url = "http://servername/ews/exchange.asmx";
The above web services throws Unauthorized Access Error (Error : 401) for newly created users.I would like to know how to impersonate this user for accessing this exchange web services.
What is End Point URL in Web Services?
View 1 RepliesMicrosoft Dynamics GP is installed on my system..can I access GP web services?...If I can,how it is possible
View 1 Replieswhy does web services do not support datareader? plz explain it ,it's urgent .
View 3 Replies