Re: Restricting webservice..
- From: "Nicholas Paldino [.NET/C# MVP]" <mvp@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 19 Sep 2006 14:48:49 -0400
Ann,
The way that ASP.NET handles authentication for web sites is completely
different from how authentication/authorization is handled on web services.
If anything, you should be using WSE (Web Services Enhancements) or Windows
Communications Foundation to handle your security needs.
Also, if these classes are in the same web app, then why are you
redirecting to the web service? Why not just call the class directly?
Hope this helps.
--
- Nicholas Paldino [.NET/C# MVP]
- mvp@xxxxxxxxxxxxxxxxxxxxxxxxxxx
"Ann" <Ann@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FC264D0F-9709-4655-8352-9895A0699003@xxxxxxxxxxxxxxxx
Hi all,
My prj has a login form(Login.aspx).It uses Form authentication(Credential
stored in web.config).Once user is authenticated,it redirects to a
webservice(service.asmx)
that has a method that does some database operation.
this is the code..
if (FormsAuthentication.Authenticate(UsrNameTextBox.Text,
PwdTextBox.Text))
Response.Redirect("Service.asmx");
else
FormsAuthentication.RedirectToLoginPage();
My problem is,when the user types the asmx url directly in the
browser(localhost/service.asmx...) ,it should prompt for authentication
and
if its not a valid user,i need to redirect him to login page
any suggestion,on how to do this???
Thnks
.
- Prev by Date: Check for null object
- Next by Date: Re: Check for null object
- Previous by thread: Check for null object
- Next by thread: Is this a bug?
- Index(es):
Relevant Pages
|
