Authentication approaches for WCF REST?

Trying to hide the username and password by changing the Http Method from GET to POST has basically no added security. Even very untechnically challenged people can use just about any program to see what data is being sent to the server.

Trying to hide the username and password by changing the Http Method from GET to POST has basically no added security. Even very untechnically challenged people can use just about any program to see what data is being sent to the server. Now beyond the obvious username password issue, you could use HTTP Headers instead of QueryString parameters to pass values back to a WCF Service (RESTful).

This would allow you to use the GET method and still pass the username and password without those specific values existing in the URL, but again, this is virtually no added security.

– rafale Sep 11 at 23:37 +1 yes there is no advantage to using HTTP headers over Post in a security context. Specifically the question asked was if there was an alternate solution to GET or POST. HTTP Headers is an alternative solution.

– Erik Philips Sep 11 at 23:44 Then I suppose encryption would be the only "proper" method of securing the user credentials. Getting back to my original question, what advantages do headers have over POST in a non-security context? – rafale Sep 11 at 23:49 1 Seperation of responsibilities.

It is not the responsibility of the method being invoked to know weather or not a call is validated, that should happen prior to URL1 seperating authentication information from method information is preferred in this case. There are numerous applications (google calendar api and amazon services) where specific values that are not specific to call are passed in the headers instead of the querystring or post data. This is "better" for that reason, since the OP never mentioned specifics on what "better" is (programmatically, security, etc) – Erik Philips Sep 11 at 23:56.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.