If you download the Web Services Extensions, you can use the wrapper classes
they have for WS-Security to allow encrypted or authenticated messages to be
passed. (Authentication is handled in the SOAP header, rather than the SOAP
body, and you'll be working with standards.) You can also do this manually,
if you would like, but this makes it much easier.
--
Chris Jackson
Software Engineer
Microsoft MVP - Windows Client
Windows XP Associate Expert
--
More people read the newsgroups than read my email.
Reply to the newsgroup for a faster response.
(Control-G using Outlook Express)
--
"Tom Jelen" <to**@pbk.dk> wrote in message
news:c2***********@gnd.k-net.dk...
Im new with c# and webservices, but i have made a webservice thats
accessing my database and returns some SQL query results in a XML-string.
But i would like some kind of login/password authentication, since i want
to control who has access to the webservice, is there any good ways to do
this? My first thought was just to add some login/pass parameters for my
web methods, and then do a check. But since everything is in xml and text,
it dosnt seem like very a secure way to transfer the password. Im sure im
not the first one to think of this, so can anyone tell me how people
usually do this?
Thanks,
Tom
