Authorization/Licensing of Webservice

Posted by Burhan on Stack Overflow See other posts from Stack Overflow or by Burhan
Published on 2009-03-27T12:57:15Z Indexed on 2010/06/05 13:02 UTC
Read the original article Hit count: 171

Filed under:
|

I have developed a web service which accepts the login credentials from the XML message passed to it. I have concerns over this method as the developer who consumes the service can easily share the login credentials and my service can be called from some other application that uses the same credentials.
Is there any way that I can issue a 'license' to some specific applications? So that, even if credentials are shared among the consuming apps, only authorized ones can successfully consume the service.

P.S: I thought about implementing IP restrictions but that doesn't serve the purpose as we may have different applications installed on a same server (we do have such a scenario implemented).

© Stack Overflow or respective owner

Related posts about web-services

Related posts about authorization