Menu
I have a created webservice REST Webservice in C# without any authentication. Now, i am looking into adding authentication to the webservice. The webservice exposes 6 methods (all are GET), out of these 6 methods, i want to restrict the access of 2 methods to member of "Admin" group. Currently, my webservice is hosted on a ConsoleHost. The consumer of this service would be in same domain (typically another application), so if I am able to pass in domain/username (Windows Credentials) of the client to the webservice. I can check in the webservice to find if that user is part of "Admin" group or not.
My question is how do I pass logon credentials of the client to the service. I think, I could use authentication header, but I did not find a good resource to learn about usage of authentication headers in REST Webservices. Are there any other ways to authenticate webservice consumer?
Once the webservice is hosted, I can type in the url of the service (like any other webpage) in a browser and access the resource. How would authentication work in that case?
972
Maybe this guide will help you?
http://msdn.microsoft.com/en-us/library/dd203052.aspx
Particularly the section about "Implementing Authentication and Authorization"
129
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
