We have developed web service(as well as generic handler) based web application.But it seems that the methods could be invoked by using different tools like (Poster,Advanced Rest Client) to get the secure information of Administrator and could do malicious activities.We would be grateful if you provide us the best possible method to make the method inside webservice or generic handler becomes secure.
Asked
Active
Viewed 181 times
1
Lachlan Dowding
- 4,356
- 1
- 15
- 18
santosh timalsina
- 197
- 9
-
Your web service is developed using what technology ? – TchiYuan Aug 14 '14 at 16:06
-
our webservice is developed using asp.net technology.Please provide us solution if you have any. – santosh timalsina Aug 15 '14 at 04:49
1 Answers
0
What you actually want is to probably know more about WS-Security in your respective technology
Wikipedia: http://en.wikipedia.org/wiki/WS-Security
Microsoft: http://msdn.microsoft.com/en-us/library/ms977327.aspx
Java: https://ws.apache.org/wss4j/
The above works if you expose as SOAP web service.
For REST web service, I found this link:
