logo
Redian新闻
>未名空间
>XML - WWW明日之星
>
Anyone has experience about security in soap?
avatar
Anyone has experience about security in soap?# XML - WWW明日之星
s*k
1
Using MS Soap ToolKit
Is there a way to control access right on the soap server
besides basic authentication?
would form based authentication works say with a cookie?
thx
avatar
a*a
2
ok, I'm throwing my 2 cents here but be aware that I haven't
used SOAP toolkit yet:) - I am using VS.NET.
There are a few choices for security in web service (the
only thing I know about currntly):
1. NTLM - .NET Framework has an API called
User.IsInRole("domainname")..
2. Form based authentication - passing cookies around (which
you were thinking)
3. soap header - pass your username/password in soap
headers..
I only know about these ideas, never written any code on
these;)

【在 s***k 的大作中提到】
: Using MS Soap ToolKit
: Is there a way to control access right on the soap server
: besides basic authentication?
: would form based authentication works say with a cookie?
: thx
avatar
s*k
3

Thanks acutally i know the last 2, but would like to know
where .NET is headed in the context of SOAP security, would
really like someone from inside to make some insightful comment
can u describe the first option in a bit more detail?
user is from passport service? and role acl is at domain level?

【在 a*****a 的大作中提到】
: ok, I'm throwing my 2 cents here but be aware that I haven't
: used SOAP toolkit yet:) - I am using VS.NET.
: There are a few choices for security in web service (the
: only thing I know about currntly):
: 1. NTLM - .NET Framework has an API called
: User.IsInRole("domainname")..
: 2. Form based authentication - passing cookies around (which
: you were thinking)
: 3. soap header - pass your username/password in soap
: headers..
avatar
a*a
4

I can't comment on SOAP security about .NET.. since I know
nothing:)
1st option: role is at domain level.
If you intend to use your app on WWW, you need to check with
Passport SDK. (www.passport.com)..

【在 s***k 的大作中提到】
:
: Thanks acutally i know the last 2, but would like to know
: where .NET is headed in the context of SOAP security, would
: really like someone from inside to make some insightful comment
: can u describe the first option in a bit more detail?
: user is from passport service? and role acl is at domain level?
相关阅读
有谁知道怎么向POCKETPC20002 EMULATOR 加文件吗?急啊急!急!急!关于JAVASCRIPT的几个问题请问xsl中template的执行顺序warn huluhulu, kyin, cashflowXML Spy Suite 4.3 DownloadXML will get hotter.office 编程(excel)的菜鸟问题Re: where to find some sample code of XML document creating and parsing with JAXP DODisplay XML with XSLT in IE 5.x?question on finding the XSL file for transformationtear web pages from the server[转载] question on XML parserXML初级问题what is wrong with this period of coding?a great site to learn xml related technologies..Is there any free xml for currency converter?Craig R. Barrett又到中国来了,大家有什么看法啊?where to find some sample code of XML document creating and parsing with JAXP DOM?UNIX平台下用什么实现xml spy的功能?急问:M P Lambdas S 和MPLS什么区别?
logo
联系我们隐私协议©2024 redian.news
Redian新闻
Redian.news刊载任何文章,不代表同意其说法或描述,仅为提供更多信息,也不构成任何建议。文章信息的合法性及真实性由其作者负责,与Redian.news及其运营公司无关。欢迎投稿,如发现稿件侵权,或作者不愿在本网发表文章,请版权拥有者通知本网处理。