When you are developing a large scale application, you need a security module that is able to authenticate the users. In our system design, we developed a security web service which is shared among the sub-modules and also reduce the development time.
In .Net, you can achieve this with the technology that you want:
- Implementing the security service using ASMX/ASHX - this service will be hosted through HTTP/HTTPS.
- Implementing the security service using WCF - in this case, you will have the choices of different protocols such as TCP, named pipe, etc.
If you are asking why we need to reinvent the wheel when .Net comes already have this security feature for enterprise? The answer is simple: our security web service can be tailored made based on our customer's requirements. We know that not all projects that we are involving requires a complex security service. Some requires a basic login with user name and password only. Some requires the security control upto field on the screen.
Updates on 6th May 2017 - it seems like ASMX or WCF are quite hard to be converted to other programming language/platform. Best is to use ASHX (i.e., generic handler) which has a faster response time due to it's simplicity and flexibility. It's also easier to port over to other programming language/platform.
Thanks for sharing this article and this great information. Its just what I've been looking for. I have been thinking about security services Calgary for some time now and I can't figure out if its something I really want or not.
ReplyDelete