(Opens New Window)
Mark as an Answer
User Manipulation in a Web Service
February 15, 2013 7:58 AM
Rank: Junior Member
Join Date: July 19, 2012
When a user tries to consume a web service, the user is asked for credentials. After a user enters them, the web service is consumed. My question is, if a user is authenticated before consuming a web service, then is that web service consumed under that user's identity or is that web service being consume with 'god-like' permissions and roles?
If the latter is the case, is there any other way to get a hold of the authenticated user without passing in parameters?
Sign in to vote.
Please sign in to flag this as inappropriate.