Tuesday, October 21, 2008

Webservice -Basic Authentication

Securing Webservice using IIS - Basic authentication
Once you create a webservice solution using VSS 2008 0r 2009 you MUST host them in IIS server.Please do not use or expect the VSS's built in IIS emulator will take care of authentication for your webservice.

In IIS control panel,choose your webservice directory and set to Basic Authentication checkbox ON.Decheck the Ananoymous authenticate check box.
Supply your computer's user name and password on IIS control for basic authentication.Now you have done 20 percent of secure web service hosting.

Now you need to piece of code in your client application,my code snippet is like

Service s = new Service();
ICredentials cred = new NetworkCredential("murugesa", "pandian", "pp");
s.Credentials = cred;
s.PreAuthenticate = true;
string s1 = s.HelloWorld();
Response.Write(s1);


If you are consuming the webservices from your vendor,please ask them to give their domain name,user name and password which allocated to you.

You can use them on your consume application like above how I used .

Server will check your authentication if fails,it will shows the HTTP 401 status page.