I want to use Javascript to call .NET WebService, How to limit the access?

Question

I have a .net webservice like http://tempurl.org/webservice.asmx I want to call it using Javascript, maybe some jquery lib. Q1: How to limit the access only to myself? Q2: or How to implement a role based authentication.

Edit: I want to deploy the webservice independently like:

ProjectA
ProjectB
ProjectWebService

I need People login in ProjectA and ProjectB and can use ProjectWebService.

Answer 1

just a suggestion, as you know theres many ways to skin a cat so heres one. Firstly enable session state across calls to the service using

 [WebMethod(EnableSession = true)] 

Then have a web service method for login that saves the user details to the session, this supports the standard Membership provider for asp.net, warning sample code

 public bool Login(string userName, string password)
 {
      //validate login
      var user = Membership.GetUser(userName);
      var valid = Membership.ValidateUser(user.UserName, password));
      if (valid)
          HttpContext.Current.Session["user"] = user;
      return valid;
 }

Then you can in a web service method validate against the user.

public void SomeServerMethod()
{
    var user = HttpContext.Current.Session["user"]; 

    if (user == null)
         throw new Exception("Please login first");

     if (user.IsInRole("FooRole")
             DoStuff();
     else
         throw new Exception("Seriously? dude you dont have those rights");

 }

To counter network easedropping best go to Https, good luck :)