Hello All,
I have to secure my first real B2B web service. Could you please
provide some guidance as to which method of security I should use. One
caveat is that we will not be using SSL on the server side as per the
networking department. Windows authentication is also probably not an
option, as this web service will be interacting between two separately
located companies. I have read a little bit about passing credentials
in SOAP headers, but the MSDN documentation seems to be sparse on this
topic. Any suggestions and/or links would be appreciated. Also, if you
could point me to the docs on web services sessions, that would be
helpful too. Thanks.
p.s. This is a Visual Studio 2005 Web Site 4 1364
Hi,
Take a look to the Web Services Security Guide (Microsoft Patterns &
Practices), http://msdn2.microsoft.com/en-us/library/aa480545.aspx
It is best place to go regarding security for web services.
Regards,
Pablo Cibraro.
"KJ" <n_**********@mail.comwrote in message
news:11**********************@j44g2000cwa.googlegr oups.com...
Hello All,
I have to secure my first real B2B web service. Could you please
provide some guidance as to which method of security I should use. One
caveat is that we will not be using SSL on the server side as per the
networking department. Windows authentication is also probably not an
option, as this web service will be interacting between two separately
located companies. I have read a little bit about passing credentials
in SOAP headers, but the MSDN documentation seems to be sparse on this
topic. Any suggestions and/or links would be appreciated. Also, if you
could point me to the docs on web services sessions, that would be
helpful too. Thanks.
p.s. This is a Visual Studio 2005 Web Site
Hi,
Take a look to the Web Services Security Guide (Microsoft Patterns &
Practices), http://msdn2.microsoft.com/en-us/library/aa480545.aspx
It is best place to go regarding security for web services.
Regards,
Pablo Cibraro.
"KJ" <n_**********@mail.comwrote in message
news:11**********************@j44g2000cwa.googlegr oups.com...
Hello All,
I have to secure my first real B2B web service. Could you please
provide some guidance as to which method of security I should use. One
caveat is that we will not be using SSL on the server side as per the
networking department. Windows authentication is also probably not an
option, as this web service will be interacting between two separately
located companies. I have read a little bit about passing credentials
in SOAP headers, but the MSDN documentation seems to be sparse on this
topic. Any suggestions and/or links would be appreciated. Also, if you
could point me to the docs on web services sessions, that would be
helpful too. Thanks.
p.s. This is a Visual Studio 2005 Web Site
Hi Pablo, the documentation is quite dense. Could you possibly give me
an offhand recomendation for a simple way to secure a web service
between two businesses?
Pablo Cibraro [MVP] wrote:
Hi,
Take a look to the Web Services Security Guide (Microsoft Patterns &
Practices), http://msdn2.microsoft.com/en-us/library/aa480545.aspx
It is best place to go regarding security for web services.
Regards,
Pablo Cibraro.
"KJ" <n_**********@mail.comwrote in message
news:11**********************@j44g2000cwa.googlegr oups.com...
Hello All,
I have to secure my first real B2B web service. Could you please
provide some guidance as to which method of security I should use. One
caveat is that we will not be using SSL on the server side as per the
networking department. Windows authentication is also probably not an
option, as this web service will be interacting between two separately
located companies. I have read a little bit about passing credentials
in SOAP headers, but the MSDN documentation seems to be sparse on this
topic. Any suggestions and/or links would be appreciated. Also, if you
could point me to the docs on web services sessions, that would be
helpful too. Thanks.
p.s. This is a Visual Studio 2005 Web Site
Hi,
You basically have two options, transport security (Securing the message at
transport level) or message security (Adding security metadata to the soap
message).
You can find a summary here, http://weblogs.asp.net/cibrax/archiv...-services.aspx
Thanks
Pablo Cibraro.
"KJ" <n_**********@mail.comwrote in message
news:11*********************@j72g2000cwa.googlegro ups.com...
Hi Pablo, the documentation is quite dense. Could you possibly give me
an offhand recomendation for a simple way to secure a web service
between two businesses?
Pablo Cibraro [MVP] wrote:
>Hi,
Take a look to the Web Services Security Guide (Microsoft Patterns & Practices), http://msdn2.microsoft.com/en-us/library/aa480545.aspx It is best place to go regarding security for web services.
Regards, Pablo Cibraro.
"KJ" <n_**********@mail.comwrote in message news:11**********************@j44g2000cwa.googleg roups.com...
Hello All,
I have to secure my first real B2B web service. Could you please
provide some guidance as to which method of security I should use. One
caveat is that we will not be using SSL on the server side as per the
networking department. Windows authentication is also probably not an
option, as this web service will be interacting between two separately
located companies. I have read a little bit about passing credentials
in SOAP headers, but the MSDN documentation seems to be sparse on this
topic. Any suggestions and/or links would be appreciated. Also, if you
could point me to the docs on web services sessions, that would be
helpful too. Thanks.
p.s. This is a Visual Studio 2005 Web Site This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Bruno Desthuilliers |
last post by:
Hi everyone !
Could someone point me to infos about securing python for use as CGI or
mod_python for a shared hosting environnement ?
I searched google, but did not find anything specific :(
...
|
by: James |
last post by:
What's the best way of securing online databases and web services? At present I am using a database password, which of course is not hard-coded into the web service, but this means re-submitting it...
|
by: Wm. Scott Miller |
last post by:
Hello all!
We are building applications here and have hashing algorithms to secure
secrets (e.g passwords) by producing one way hashes. Now, I've read alot
and I've followed most of the advice...
|
by: Scott McChesney |
last post by:
Folks -
We are running around and around here on a project we're developing, and I'm
getting to the point that I don't know what I do and don't know. So I need
some assistance.
We are...
|
by: David Tandberg-Johansen |
last post by:
Hi!
First of all, I am kind of a newbie.
I am planning an project where I gonna use an web service and a
desktop-client, but I have stumbled over a problem. The IIS server that
i am planning...
|
by: Brad P |
last post by:
I have a 2K database with a front end linked to a back end. I need to lock
down or secure both ends so a user can not access the raw data in tables
etc. I also need usernames and passwords for 50+...
|
by: Stephen Poley |
last post by:
Whenever anyone has a question about securing an Access database he/she
is usually referred (unsurprisingly) to the Security FAQ. This is
however incomplete/unclear with respect to databases with a...
|
by: =?Utf-8?B?aGlsZXlq?= |
last post by:
Hi,
I'm developing a web service that needs to communicate with a custom
application on an intranet. There is also a configuration utility which may
be run on a different server machine for...
|
by: Albert D. Kallal |
last post by:
You most certainly can, and should hide all of the ms-access interface. The
options to complete hide and keep people out of the ms-access interface can
easily be done using the tools->start-up...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |