web service authentication mechanisms
I'm having a great deal of trouble finding any information on what Microsoft
is planning to recommend (or support from within VS.NET) regarding the
restricting of access to commercial web services. I have seen Mary
Kirtland's articles on their sample "Favorites" web service on MSDN, and
think their consideration of web service licensing and security issues is
well thought through, but I'm a bit surprised that, given the emphasis
placed on web services by MS, there is no comprehensive web service security
architecture either implied or supported from witihn VS.NET. All the
examples I see of web services totally ignore this issue, and I would have
thought someone would be, as a primary activity, proposing a subscription
and authentication model for web service hosting.
Sure, I can think of strategies involving existing authentication
mechanisms, but none of them strikes me as ideal. Anybody know of
information I'm missing?
Top DevX Stories
Easy Web Services with SQL Server 2005 HTTP Endpoints
JavaOne 2005: Java Platform Roadmap Focuses on Ease of Development, Sun Focuses on the "Free" in F.O.S.S.
Wed Yourself to UML with the Power of Associations
Microsoft to Add AJAX Capabilities to ASP.NET
IBM's Cloudscape Versus MySQL