form authorization for asp.net web api using javascript - 【StackMirror】|javascript|asp.net-web-api

I want to rewrite business application using asp.net web api as service layer and use javascript to call the web api and get data, display etc.

I understand all the scenrios work fine, but main bottleneck is security. We have database for the user name and password. We want that user enter user name and password, validate it using web api. Then for each request pass the user name and password to check rights etc. What is the best way to secure this communication if any.

2012-04-04 19:54
by daljit

You're best bet is going to be implementing HTTPS with SSL. You would consider using an encryption algorithm, but everything will be expose anyone if you're using JavaScript which would make encrypting and decrypting on the client quiet pointless.

Here's is a good blog post reference you can review on the matter http://goo.gl/QkZOf

2012-04-05 03:30
by cecilphillip

Thanks, It may be the solution, is there any other example - daljit 2012-04-05 09:12

Examples of what? SSL would be applied to the web server by your admin. I don't know of any recommended JavaScript libraries for encryptio - cecilphillip 2012-04-05 15:01