Secure Your WinForms Applications
PortSight Secure Access offers two ways you can use PortSight Secure Access features in you WinForms applications:
- You can reference the libraries directly into your WinForms application. The you can use all API features as you do in WebForms applications. The only difference is that you need to set up your app.config file (e. g. myapp.exe.config) instead of web.config file. This approach is useful if you create an application that will run on the server (such as administrative utility). The disadvantage is that you have to distribute the database connection string to all client client computers.
OR:
- You can use PortSight Secure Access Web Service (ARWebService). It provides a small subset of the most important methods, such as those for authentication and authorization of users. This service can be consumed from various clients (not only WinForms). It can also be secured using a symmetric key (that must also be distributed to clients, however) or using asynchronous cryptography (X.509 certificates). Using X.509 certificates allows you to set up all clients to communicate with the ARWebService while ensuring encryption and trustworthiness of both client and server. It is the most secure way how to access Secure Access features from client computers.
This chapter describes how to access Secure Access features from your WinForms applications using the ARWebService.
Before you start using the ARWebService you need to set it up. Please read the chapter Using Secure Access Web Service.
Then you can continue to chapter Authentication and Authorization in WinForms applications - a Step-by-Step Guide that will show you how to consume the ARWebService in your applications.
The next chapters covers additional functionality provided by the ARWebService to your WinForms applications: