how to authenticate user of ASP.NET web service which is part of ASP.NET web application?

asp.net-3.5 web-services web-applications authentication
11,602

I would recommend a quick read on this link (http://msdn.microsoft.com/en-us/library/ms977327.aspx) and then follow it up with this one (http://msdn.microsoft.com/en-us/library/9z52by6a(VS.80).aspx). A custom security header is probably where you want to go to secure your web service outside of forms authentication. It does mean that each method call needs to have the header supplied though.

Share:
11,602
engg
Author by

engg

Updated on June 04, 2022

Comments

  • engg
    engg almost 2 years

    I have a C# ASP.NET 3.5 web application which uses forms authentication. Users log in with their username and password on login.aspx, are authenicated using a custom authentication logic and are then directed to input.aspx, where they enter some parameters and get response on output.aspx. If they try to access input.aspx without authenticating themselves, they are redirected to login.aspx.

    The same users want to be able to use the functionality of this web application without using the UI, from Unix environment. So I added a web service file (.asmx) to this web application. I didn't create a separate project for this web service because the web service uses code files, code in global.asax of the existing web application and I should not duplicate that code for the web service.

    The web service functionality works fine now, though I don't know how to authenticate the users. The web service client will send username and password once (maybe using a 'login' webmethod, which I can write to authenticate them) and then should be able to send multiple requests (maybe until they call a 'logout' webmethod or until their session/cookies expire).

    For web requests to not get redirected to login.aspx page, I excluded the .asmx file from Forms authentication using the location tag in web.config. (I don't know if that's the way to go.) But then I am thinking that the user is not then authenticated in the web application and so the web application code that the service uses, won't be accessible, right?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Authentication Error when accessing Sharepoint list via web service
How to develop authentication with resteasy?
How to authenticate restful web service using oAuth
Could not create SSL/TLS secure channel. The client and server cannot communicate, because they do not possess a common algorithm
not a valid key=value pair (missing equal-sign) in Authorization header
How to automatically re-login a user with a cookie
Strange IIS Windows Authentication behavior
asmx web service: client authentication
What do we actually mean by large scale web application?
Web service authentication using https giving error