How to prevent discovering of web service

[Guest]

Hi again
is there any way to prevent the discovering of my web service (esp. by browser)? It would be perfect if only my own- written client could connect to the web service and no one else. As this is most likely not possible, could anyone point me out some steps that lead to that direction (esp. against reverse engineering)

Thank
Sa

 

[John Timney \(Microsoft MVP\)]

if you dont use a DISCO file it aint discoverable in the SOAP sense.....but
it could still be discovered by someone..........after all its only a web
page on port 80.

You will need to secure the service rather than rely on obscurity. There
are a number of web service enhancements that assist you in this, but the
easiest would be have your app pass an encrypted identifier, like an MD5
hash with each web method call to verify its a valid client and check that
within the web method before actioning the method. You could also encrypt
the web service proxy dll file using something like Salamander before you
distributed that.

--
Regards

John Timney
Microsoft Regional Director
Microsoft MVP

Hi again,
is there any way to prevent the discovering of my web service (esp. by

browser)? It would be perfect if only my own- written client could connect
to the web service and no one else. As this is most likely not possible,
could anyone point me out some steps that lead to that direction (esp.
against reverse engineering)?