logo
Redian新闻
>未名空间
>XML - WWW明日之星
>
Anyone has experience about security in soap?
avatar
Anyone has experience about security in soap?# XML - WWW明日之星
s*k
1
Using MS Soap ToolKit
Is there a way to control access right on the soap server
besides basic authentication?
would form based authentication works say with a cookie?
thx
avatar
a*a
2
ok, I'm throwing my 2 cents here but be aware that I haven't
used SOAP toolkit yet:) - I am using VS.NET.
There are a few choices for security in web service (the
only thing I know about currntly):
1. NTLM - .NET Framework has an API called
User.IsInRole("domainname")..
2. Form based authentication - passing cookies around (which
you were thinking)
3. soap header - pass your username/password in soap
headers..
I only know about these ideas, never written any code on
these;)

【在 s***k 的大作中提到】
: Using MS Soap ToolKit
: Is there a way to control access right on the soap server
: besides basic authentication?
: would form based authentication works say with a cookie?
: thx
avatar
s*k
3

Thanks acutally i know the last 2, but would like to know
where .NET is headed in the context of SOAP security, would
really like someone from inside to make some insightful comment
can u describe the first option in a bit more detail?
user is from passport service? and role acl is at domain level?

【在 a*****a 的大作中提到】
: ok, I'm throwing my 2 cents here but be aware that I haven't
: used SOAP toolkit yet:) - I am using VS.NET.
: There are a few choices for security in web service (the
: only thing I know about currntly):
: 1. NTLM - .NET Framework has an API called
: User.IsInRole("domainname")..
: 2. Form based authentication - passing cookies around (which
: you were thinking)
: 3. soap header - pass your username/password in soap
: headers..
avatar
a*a
4

I can't comment on SOAP security about .NET.. since I know
nothing:)
1st option: role is at domain level.
If you intend to use your app on WWW, you need to check with
Passport SDK. (www.passport.com)..

【在 s***k 的大作中提到】
:
: Thanks acutally i know the last 2, but would like to know
: where .NET is headed in the context of SOAP security, would
: really like someone from inside to make some insightful comment
: can u describe the first option in a bit more detail?
: user is from passport service? and role acl is at domain level?
相关阅读
XML All-purpose Protocol (XAP)XML 2000 Conference Call for Papers.帮个忙好吗?XML Standard for Extraction, Transformation, and SD 2000 East Call for Abstracts.急!问个最初纪问题where can I download some DTD samples?more SMILxml parsersACM SIGIR 2000 Workshop On XML and Information Re如何在cgi中锁数据库中的一个字段How to write a SMIL documentInvestment Research Markup Language (IRML).Extensible Business Reporting Language (XBRL)ntel Products Support Fast, Secure XML-based InteXML site in chinese请教几个问题How to use xml parser?请问那有xml的parse source(bsd 或 lin..... 补充一句请教: 对于这个PROJECT到底怎么入手呢?
logo
联系我们隐私协议©2024 redian.news
Redian新闻
Redian.news刊载任何文章,不代表同意其说法或描述,仅为提供更多信息,也不构成任何建议。文章信息的合法性及真实性由其作者负责,与Redian.news及其运营公司无关。欢迎投稿,如发现稿件侵权,或作者不愿在本网发表文章,请版权拥有者通知本网处理。