0

I want to rewrite business application using asp.net web api as service layer and use javascript to call the web api and get data, display etc.

I understand all the scenrios work fine, but main bottleneck is security. We have database for the user name and password. We want that user enter user name and password, validate it using web api. Then for each request pass the user name and password to check rights etc. What is the best way to secure this communication if any.

Improve this question

1 Answer 1

Reset to default
1

You're best bet is going to be implementing HTTPS with SSL. You would consider using an encryption algorithm, but everything will be expose anyone if you're using JavaScript which would make encrypting and decrypting on the client quiet pointless.

Here's is a good blog post reference you can review on the matter http://codebetter.com/johnvpetersen/2012/04/02/making-your-asp-net-web-apis-secure/

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks, It may be the solution, is there any other examples
Examples of what? SSL would be applied to the web server by your admin. I don't know of any recommended JavaScript libraries for encryption

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.