I use an ASP.NET Web service to expose the Web Services interface to an ASP. According to, the way to get the original proof on https is to assume that it is opposed to WS-Secure, X509, etc.
What is the simplest way to implement custom HTTP Basic Authentication (non-Windows accounts) on .NET 3.5 / VS 2008, for example, only the user name "foo" and the password that accepts " Bar ". Finally, give me threads. Custom Principal want to set.
Can I write my own HttpModule or can this be simplified?
The way to go, the way to go is the WCF 3.5 user name IIS-host on Transportation Security The service can not be used on, though my question was not ASP.NET Web Services WCF.
Another implementation of the HTTP module is said.
However this is not what I want, I got an informative solution. Sending passwords in plain text on HTTP is clearly unsafe, but this example can be extended to add more security, for instance running on https or sending a hash of "password + one-time GUID + timestamp" is.
Comments
Post a Comment