form authorization for web api using javascript

Go To


I want to rewrite business application using web api as service layer and use javascript to call the web api and get data, display etc.

I understand all the scenrios work fine, but main bottleneck is security. We have database for the user name and password. We want that user enter user name and password, validate it using web api. Then for each request pass the user name and password to check rights etc. What is the best way to secure this communication if any.

2012-04-04 19:54
by daljit


You're best bet is going to be implementing HTTPS with SSL. You would consider using an encryption algorithm, but everything will be expose anyone if you're using JavaScript which would make encrypting and decrypting on the client quiet pointless.

Here's is a good blog post reference you can review on the matter

2012-04-05 03:30
by cecilphillip
Thanks, It may be the solution, is there any other example - daljit 2012-04-05 09:12
Examples of what? SSL would be applied to the web server by your admin. I don't know of any recommended JavaScript libraries for encryptio - cecilphillip 2012-04-05 15:01