I am prototyping a AJAX based web application running up against ASP.NET, where I need to have general authorization to different parts of the site, and also have to make sure that various web methods/web services can’t be called by unauthorized users (from a rouge html page for example).
Is there anything I need to be aware of, or do things just work as if I was doing regular ASP.NET?
A set of best practices or things to look out for would be fantastic.
A side question, what do I gain by using WCF compared to ASMX?
Regards, Egil.
,
It works basically the same way as with regular ASP.NET and ASMX/WCF. The big difference is that you’ll need to use the Membership API from the client-side (whioh is fully supported by ASP.NET AJAX).
Check out these resources:
endpoint.tv – Securing RESTful services with ASP.NET Membership
How Do I: Use the ASP.NET AJAX Profile Services?