"Peter Bradley" <pb******@uwic.ac.ukwrote in message
news:#M**************@TK2MSFTNGP03.phx.gbl...
Does this help?
http://aspalliance.com/805_Soap_Head...n_Web_Services
Peter
"Mythran" <ki********@hotmail.comwrote in message
news:1E**********************************@microsof t.com...
>We followed an example found on MSDN to create an encrypted
FormsAuthenticationTicket and storing the ticket in a cookie. Is this
the "correct" way to store the authentication ticket? We are attempting
to create a web service from the web application and our goal is to have
the user login to the web application and then, using the same
credentials and/or authentication objects, access the web services to
retrieve our data from other internal servers. It's pretty difficult to
find this information on the web :)
What other options are there for storing a user's credentials and then
accessing them on every call to the page and have the web service use the
same credentials for it's security?
Thanks,
Mythran
Thanks for the link, reading it now and hope it helps us...
Now, for the 2nd paragraph in my OP...what options are there for storing the
user id and pwd across postbacks (same session) w/o using the session nor
database? Is storing the user name and password hash in an encrypted form
as a cookie on the user's machine a good idea? I don't feel very
safe/secure with store a users password (hashed or not) in any form anywhere
outside of a database, but sometimes you gotta do what you gotta do...any
suggestions for this?
Thanks,
Mythran