Welcome to WebmasterWorld Guest from 54.82.93.116

Forum Moderators: ocean10000

Message Too Old, No Replies

Want to use jQuery JSON to talk to web services - how to secure?

Json Jquery Security

     
12:22 pm on Mar 3, 2011 (gmt 0)

New User

5+ Year Member

joined:Mar 3, 2011
posts: 4
votes: 0


I'm creating a web app to maintain data using jQuery / ajax / json calls to a web service.

I'm trying to figure out how to secure a Win2003 server using IIS 6.0 in this scenario.

It will be https:

I am finding so much conflicting info on the web - do I need to use SOAP?

Any help would be greatly appreciated.
3:02 pm on Mar 3, 2011 (gmt 0)

Administrator

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month

joined:Jan 14, 2004
posts:864
votes: 3


If the requests are all going over https this will at least make everything encrypted. I wouldn't use SOAP for jQuery / ajax / json as it is takes more time and memory to process in javascript. Json was developed for this role.

Reference:
An Introduction to JavaScript Object Notation (JSON) in JavaScript and .NET [msdn.microsoft.com]
Client-Side Web Service Calls with AJAX Extensions [msdn.microsoft.com]
10:06 am on Apr 23, 2011 (gmt 0)

New User

5+ Year Member

joined:Mar 3, 2011
posts: 4
votes: 0


I understand how to do the JSON and what not.

Do I need to use WCF and setup all these contracts and such - or are standard web services with my own un/pw-and-return-a-GUID for client identification policies enough?

Or do I need to use WCF to make HTTPS and certs and credentials work properly?
2:16 pm on Apr 23, 2011 (gmt 0)

Administrator

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month

joined:Jan 14, 2004
posts:864
votes: 3


Securing the webservice/JSON handler.
It all depends how much the released data can hurt your website if it got out, or if other websites found it and tried to use it.

No you do not need WCF to make Https / Web Server certificate work. As for the credentials it all depends on how you have the security layer wrote for the website, which can effect JSON calls if the webservice is in a protected zone.
2:28 pm on Apr 23, 2011 (gmt 0)

New User

5+ Year Member

joined:Mar 3, 2011
posts: 4
votes: 0


It is sensitive medical data on patients.

Where can I get my hands on some good white papers on the subject?
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members