Practical examples for establishing Web service security in .NET
Because security is one of the most fundamental aspects in the development and deployment of a Web service, there are a myriad of articles, documentation, and samples of how to make it secure. Yet the majority of this information is conveyed as abstract theory, as opposed to practical, real-world implementation.
Here, I'll share some practical examples on Web service security in .NET, not just abstract theories. These examples provide an easy and fast way to accomplish a rather complex task.
Let's explore programmatic Web service security using Visual Studio .NET to implement a custom, stateful SOAP Header to authenticate a consumer before allowing a method to execute. I will also show you how to remove public access to your Web service, how to prevent anonymous users from obtaining your WSDL file, and how to implement your Web service in an unauthorised manner. I will then explain how you can wrap your entire Web service implementation in a highly secure, encrypted format.
[ Read more ]