«

Hi,
I have a web site that uses normal windows authentication.
I have a web service on the site that i want to configure Forms
Authentication for, but it obviously doesn't fire unless i change the
setting in web.config. is it possible to use formsAuthentication only for
the web service?

i tried using a custom httpModule, but i don't think my own encryption
efforts would be as good as what's used in FormsAuth to encrypt the ticket.

thanks for any tips
tim mackey.
--------------------------
67d0ebfec70e8db3

Tim,

Correct me if I'm wrong, but using Forms Authentication requires user
interaction. It isn't suited for WebServices.

Sincerely
Svein Terje Gaup

"Tim Mackey" <> wrote in message
news:...
> Hi,
> I have a web site that uses normal windows authentication.
> I have a web service on the site that i want to configure Forms
> Authentication for, but it obviously doesn't fire unless i change the
> setting in web.config. is it possible to use formsAuthentication only for
> the web service?
>
> i tried using a custom httpModule, but i don't think my own encryption
> efforts would be as good as what's used in FormsAuth to encrypt the
ticket.
>
> thanks for any tips
> tim mackey.
> --------------------------
> 67d0ebfec70e8db3
>
>

You might want to grab the "Building Secure ASP.NET apps" whitepaper,
which you can download from
http://www.microsoft.com/downloads/r...eleaseID=44047. It has
more than you need, but you can read the rest later when you need it


--mary

On Fri, 4 Jun 2004 17:06:46 +0100, "Tim Mackey" <>
wrote:

>Hi,
>I have a web site that uses normal windows authentication.
>I have a web service on the site that i want to configure Forms
>Authentication for, but it obviously doesn't fire unless i change the
>setting in web.config. is it possible to use formsAuthentication only for
>the web service?
>
>i tried using a custom httpModule, but i don't think my own encryption
>efforts would be as good as what's used in FormsAuth to encrypt the ticket.
>
>thanks for any tips
>tim mackey.
>--------------------------
>67d0ebfec70e8db3
>

Hi Svein,
I thought this too, but dotnetjunkies has an article explaining how its
done.
http://www.dotnetjunkies.com/Tutoria...721A3FDF6.dcik

some modifications are necessary to work around the user-interaction part.
it suits me fine except i can't figure out how to only apply
formsauthentication for myService.asmx and not the whole app.

any thoughts?
thanks
tim