After having the new guid(token) client side, what is suppose to happen next, how it is able to authenticate with the server. Are we going to send that token back to server for authentication ???
@@DotNetRevanth But its a normal guid, it's not JWT. If we just need to send back plain token to server then why don't we pass credentials as a part of request and validate it. Do you have any project with JWT and database
It add Username and password for Authentication in every web service header with Authentication key. Is it not possible to use same key for multiple web service call
Using WSDL file or WSDL url consume in SOAP tool and pass the necessary input fields. POSTMAN or FIDDLER - Tests for WEBAPI or RestFull service. Please subscribe and keep watching :)
the problem is: if i don't put public SecuredTokenWebservice SoapHeader = new SecuredTokenWebservice(); Gives error 500, no access web service. In your example you have just public SecuredTokenWebservice SoapHeader. if I put public SecuredTokenWebservice SoapHeader = new SecuredTokenWebservice(); when the client application goto second method of webservices don't have information from SoapHeader.
Hi, Can we use this usage(writing a method before calling the method) in wcf service [WebMethod] [System.Web.Services.Protocols.SoapHeader("SoapHeader")] public string Authenticate() { } thank you for your helps
Thanks +Musa Aslan. For watching the video. In WCF sending or setting a soap header is little different. I will help you on this. SUBSCRIBE to my channel thank you.
I have one more question. I follow the video but my token expires in only 20 minutes. I changed ISS session timeout and added to web config "". is there anything else to do for live my token about one hour?
Thanks +Musa Aslan. For watching the video. I have already discussed in the video. You can add Days, Hours, Minutes etc in Webservice to expire the token. Check at the video time 10.44. Reference: goo.gl/ICzLRu
Hey +Jo'Ay Syamsul. First step is when a new user login call the API if it Username & Password is valid (Check via DB) generate token and insert into DB. Second step is when same user with username and token try to access service methods in API do a initial DB call to validate the token with in the method. If valid continue to remaining logic in the method. If not valid return with error message.
Hi +Venugopal, Thanks for watching the video. Well webservice can be consumed in multiple projects once the webservice is hosted in the other server and it has the ability that we can the required action methods. But class, there is no way of consuming or calling required methods in other applications. I hope you have got the idea. Thank you.. Please SUBSCRIBE and stay tuned for new upcoming videos.
I am having trouble understanding where you are assigning the token to the authenticationtoken value of the webservice. Even with downloading your completed code and running it I am unable to get the following code block to return true. ` if (!SoapHeader.IsUserCredentialsValid(SoapHeader)) return "Please call AuthenticationMethod() first."` Where do you actually push the token that you created to the cache?
Hi +Timothy Murphy. I have explained in the video how this token is created and cached. With my code you have downloaded that will authenticated with the database. Still if you doubt in completing the task ping me on fb/dotnetrevanth. Subscribe and stay tuned.
I tried doing this using javascript the first problem is to validate SoapHedar (if (SoapHeader == null)) because it is always null. I need to pass the username and password and get the token. How do I do this. Where do I keep the token for use in the various functions?
Try to trace or debug the communication in the browser or javascript debugger tools. Solution is that check whether the request is sending the SoapHeader or not.
Hi +Sanjay. Token based authentication will be there at server level. So, maintain expire time in the server. If you really have a requirement. create one service method to clear the token cache if the token in request matches with existing token. Hope you got answer. Please subscribe, share the video and support me. Thank you :)
how to check the validity of token when coming back to the web service for exporting data?
hello, do you have an example using vb.net and a method and how to consume the service in android.
After having the new guid(token) client side, what is suppose to happen next, how it is able to authenticate with the server. Are we going to send that token back to server for authentication ???
After the token generated from client token will be sent in headers to the server for authentication.
@@DotNetRevanth But its a normal guid, it's not JWT. If we just need to send back plain token to server then why don't we pass credentials as a part of request and validate it. Do you have any project with JWT and database
@@harjeetguitar I didn't have a sample of JWT but I will soon post one. Subscribe and keep watching :)
Thank you, very helpful.
Thanks for watching +John.
Subscribe and keep watching.
It add Username and password for Authentication in every web service header with Authentication key. Is it not possible to use same key for multiple web service call
Every user as unique auto generated token after authentication. It should be passed in header to access other service methods.
How can I consume with a tool that is like SOAP UI or POSTMAN??
Using WSDL file or WSDL url consume in SOAP tool and pass the necessary input fields.
POSTMAN or FIDDLER - Tests for WEBAPI or RestFull service.
Please subscribe and keep watching :)
With the generated token how could i access the webservice?
Watch the video its included in it. Keep watching :)
the problem is: if i don't put public SecuredTokenWebservice SoapHeader = new SecuredTokenWebservice();
Gives error 500, no access web service.
In your example you have just public SecuredTokenWebservice SoapHeader.
if I put public SecuredTokenWebservice SoapHeader = new SecuredTokenWebservice();
when the client application goto second method of webservices don't have information from SoapHeader.
Hi,
Can we use this usage(writing a method before calling the method) in wcf service
[WebMethod]
[System.Web.Services.Protocols.SoapHeader("SoapHeader")]
public string Authenticate()
{
}
thank you for your helps
Thanks +Musa Aslan. For watching the video.
In WCF sending or setting a soap header is little different.
I will help you on this.
SUBSCRIBE to my channel thank you.
I have one more question. I follow the video but my token expires in only 20 minutes. I changed ISS session timeout and added to web config "". is there anything else to do for live my token about one hour?
Thanks +Musa Aslan. For watching the video.
I have already discussed in the video. You can add Days, Hours, Minutes etc in Webservice to expire the token. Check at the video time 10.44.
Reference: goo.gl/ICzLRu
thank you for your reply. I found my problem is becaus of "Idle Time-out Settings for an Application Pool" on IIS.
That's nice to see your problem got solved. Keep watching :)
can you help me please , how to enter data into the database with a token Authentication
Hey +Jo'Ay Syamsul.
First step is when a new user login call the API if it Username & Password is valid (Check via DB) generate token and insert into DB.
Second step is when same user with username and token try to access service methods in API do a initial DB call to validate the token with in the method. If valid continue to remaining logic in the method. If not valid return with error message.
Revanth, what is the difference in created webservice using webservice vs class?
Hi +Venugopal, Thanks for watching the video.
Well webservice can be consumed in multiple projects once the webservice is hosted in the other server and it has the ability that we can the required action methods.
But class, there is no way of consuming or calling required methods in other applications.
I hope you have got the idea.
Thank you.. Please SUBSCRIBE and stay tuned for new upcoming videos.
I am having trouble understanding where you are assigning the token to the authenticationtoken value of the webservice. Even with downloading your completed code and running it I am unable to get the following code block to return true.
` if (!SoapHeader.IsUserCredentialsValid(SoapHeader))
return "Please call AuthenticationMethod() first."`
Where do you actually push the token that you created to the cache?
Hi +Timothy Murphy. I have explained in the video how this token is created and cached.
With my code you have downloaded that will authenticated with the database. Still if you doubt in completing the task ping me on fb/dotnetrevanth.
Subscribe and stay tuned.
I tried doing this using javascript the first problem is to validate SoapHedar (if (SoapHeader == null)) because it is always null. I need to pass the username and password and get the token. How do I do this.
Where do I keep the token for use in the various functions?
Try to trace or debug the communication in the browser or javascript debugger tools.
Solution is that check whether the request is sending the SoapHeader or not.
Jose Fidalgo
How to handle csrf in this?
If you want to make it more secure. Host it in a Server which has SSL enabled. Thank you.
Is there any other option to prevent CSRF attack in web service then plz suggest..Thanks
Sure. I will find some alternative. Stay tuned. Subscribe the channel.
how to logout with this??
Hi +Sanjay. Token based authentication will be there at server level. So, maintain expire time in the server.
If you really have a requirement. create one service method to clear the token cache if the token in request matches with existing token.
Hope you got answer. Please subscribe, share the video and support me. Thank you :)
code please
Mail me on dotnetrevanth@gmail.com