Re: What WSE2 offers for this problem?

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Hi Lester,
Yes, WSE2 offers something like that. It offers:

1. Message Security for your web services (The messages can be protected
using different mecanisms, such as X509 certificates, kerberos, etc)
2. Authentication. The authentication has two parts, the client token and
the authentication manager. The client token represents the client
credentials, for example an user and a password.
The authentication manager is a kind of plugin who authenticates the client
tokens against a credential store. (In your case, this store could be
Oracle, SQL server, Active directory).

I recommend you to visit this gotdotnet workspace
http://www.gotdotnet.com/codegallery/codegallery.aspx?id=67f659f6-9457-4860-80ff-0535dffed5e6
(Web Service Security: Scenarios, Patterns, and Implementation Guidance)
because it describes a variety of scenarios using WSE.

Regards,
Pablo Cibraro
http://weblogs.asp.net/cibrax
http://www.lagash.com


"J-T" <J-T@xxxxxxxxxx> wrote in message
news:epM6S4R9FHA.2192@xxxxxxxxxxxxxxxxxxxxxxx
>I need to create a webserivce which is able to talk to the following
> components:
>
> 1) Another webservice which is written by java and talks to its own
> backend
> database to authenticate the users
> 2) Directly talk to a sql server database containg a table to store
> username
> and passwords
> 3) Directoly talks to an Oracle Databse containg a table to store
> username
> and passwords
> 4) Can query our internal Active Directory to authenticate our
> organization's staff
>
> The reason I choose a web service is that we want to create a sort of
> signle
> sign on startegy for all our applicationsm to use this webserivce to
> authenticate the users against. my webserivce needs to be secure and also
> vey expandable to span future added components.
>
> Is there soehting similar out there or can anyone give me some idea?
>
> I really appreciate it.
>
> Thanks
>
> Lester J-T
>
>
>


.

Relevant Pages

  • Re: What WSE2 offers for this problem?
    ... The authentication has two parts, ... > client tokens against a credential store. ... >> 4) Can query our internal Active Directory to authenticate our ... >> sign on startegy for all our applicationsm to use this webserivce to ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: What WSE2 offers for this problem?
    ... The authentication has two parts, ... >> Pablo Cibraro ... >>> 4) Can query our internal Active Directory to authenticate our ... >>> sign on startegy for all our applicationsm to use this webserivce to ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • RE: Form Security and WebService
    ... it has to do with the fact that you have a membership store in SQL ... that uses windows authentication). ... call the SharePoint web service to provision the user. ...
    (microsoft.public.sharepoint.windowsservices)
  • Re: Problem When Calling Web Method Of Web Service From Pocket PC 2003.
    ... > NTLM Authentication is not supported in the CF. ... > Now that I have changed the Web site and Web Service to use Digest ... >> Alex Feinman ... a Desktop application and a Pocket PC 2003 application. ...
    (microsoft.public.dotnet.framework.compactframework)
  • Re: Active Directory authorization
    ... AD should be fine as a source for authentication for your web service. ... The easiest way to use AD for authentication is to just use the transport layer authentication schemes built in to IIS. ... For app level authorization, I'd suggest checking out Microsoft's Authorization Manager framework. ... every applications. ...
    (microsoft.public.windows.server.active_directory)