How to manage security of these self hosted web apis, to ensure that the request coming for accessing data is authenticated?
Posted
by
Husrat Mehmood
on Programmers
See other posts from Programmers
or by Husrat Mehmood
Published on 2014-08-20T13:51:48Z
Indexed on
2014/08/20
16:34 UTC
Read the original article
Hit count: 326
Let's pretend I am going to work on an enterprise application. Say I have 11 modules in the application and I would have to develop Dashboards for every role in the organization for whom I are going to develop application.
We Decided to use Asp.Net Web Api and return json data from our apis.
We are going to include 11 Self hosted web apis projects in our application (one self hosted web api) for every module.
All 11 modules are connected to one Sql server 2012 Database.
Then once api is ready we would have to create Business Dashboards (Based upon roles in Organization).
So Now my web api client is Asp.Net Mvc application.Asp.Net mvc will consume those web apis.
Here is the part for whom all explanation is done.
How should I manage Security of all 11 self hosted web apis?
How should I only authenticated request is coming?
If I authenticate user by login and password and then redirect user to appropriate Dashboard designed for the role that user have and load data by consuming web apis. How should I ensure that the request coming for accessing data is authenticated?
© Programmers or respective owner