2005 Endpoints Security....

From: unc27932@xxxxxxxxx
Date: 6 Apr 2006 17:45:14 -0700

We have a in house web app that will need to consume a web service via
javascript, so using 2005's new feature, I created an endpoint &
exposed a stored procedure to use the Native XML web service
functionality. The procedure works fine, and I've tested behind our
firewall. But the database sits in a highly protected domain, behind a
firewall. The web app will sit outside the firewall, in the DMZ. My
questions are....

A) I'm assuming we'll need to open the firewall to communication on the
port specified in the endpoint for the web app to communicate with?
Any security risks here?

B) Who do I grant connect on the endpoint to? The web app is not in
the same domain, so I can't give the connect permission to a domain
user.??

C) More javascript related than SQL.....Javascript runs on the client
right? So will all the web browsers out there be attempting to execute
this web service call? Or is it my web server trying to execute the
web service call?

.

Prev by Date: Re: Yukon Encryption
Next by Date: Re: help.. urgent..database master key..2005
Previous by thread: Re: Yukon Encryption
Next by thread: Re: Schema Sharing
Index(es):
- Date
- Thread

Relevant Pages

Re: Problem with a web service
... site and configuring a host header value. ... The web app is running on ... application calls a web service that exists as an application under the ... error (internal server error), which still isn't all that helpful. ...
(microsoft.public.dotnet.general)
RE: Using kerberosSecurity Throws Security Exception
... Account with a Custom Principal Name using SetSPN.exe utility. ... I tried turning on identity impersonation for my web app. ... >> turned on for the web app (the client of my web service). ... >> Non nobis Domine non nobis sed nomini Tuo da gloriam. ...
(microsoft.public.dotnet.framework.webservices.enhancements)
Re: AJAX + Webserivces = error 12030
... It's a security feature. ... enabled web app, given a zip code it returns the city ... Tested the web service, it works fine. ...
(microsoft.public.dotnet.framework.aspnet)
Problem with a web service
... I'm running into a problem with one of our site's production web ... The web app is running on ... application calls a web service that exists as an application under the main ... error (internal server error), which still isn't all that helpful. ...
(microsoft.public.dotnet.general)
Re: Architecture question
... This is in fact, a good design principle, because it lets you scale-out your business logic pretty seamlessly and independently from either client layer. ... Also, if you use WCF to expose your business logic, you can provide multiple endpoints: One SOAP/HTTP endpoint for legacy apps to call, one BinaryXML/TCP endpoint for intranet rich client WCF apps, and a BinaryXML/NamedPipes for on-box communication with your ASP.NET web forms. ... I developed web service which is being consumed by windows forms application. ... The communication with database is between web service and database. ...
(microsoft.public.dotnet.framework.webservices)