Home/ Questions/Q 1065777
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-16T19:53:43+00:00

I have always used the Scriptmanager to handle all AJAX calls, but I am

  • 0

I have always used the Scriptmanager to handle all AJAX calls, but I am starting to expand and am playing around with using jQuery and JSON to consume an ASP.NET 3.5 Web service. I am using standard jQuery calls as you can see below, which is working wonderfully. I am concerned about security and how to ensure that I am not opening any doors by dropping the Scriptmanager. Any information is appreciated, what I have found on the net is pertaining more to implementation rather than security. 

$.ajax({
    type: "POST",
    url: "Webservices/Service.asmx/HellowWorld",
    data: "{}",
    contentType: "application/json; charset=utf-8",
    dataType: "json",
    success: function(msg) {
        alert(msg.d);
    }
});

UPDATE: Bumping this in the hopes someone can provide some information.

I want to allow only authenticated users to access this service I am using ASP.NET membership services in MVC and want to ensure that my jQuery AJAX (JSON) calls are being performed by authenticated user. Any info is appreciated.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    What I was looking for on this question was how to handle security on a web service call. Answer, there is no way to automatically authenticate a remote user without passing some form of authentication data with is.

    In this scenario I am passing a encrypted token containing the data I then use to authenticate the user. The token is given to them to pass.

    If there is a better/more secure way to do so I would be open.

    • 0