Back to list
Views:   16.2K
Replies:  4


What would be proper documentation to RequestBase.ClientTag? Currently, it seems to be copy-pasted from AccessToken.

In what scenarios can you recommend to use it? What options could be used if WCF is available via non-secured http?

/// <summary>      

/// Each web service request carries a security token as an extra level of security.

/// Tokens are issued when users are coming online. They can expire if necessary.

/// and uses this in their API.

/// </summary>



public string ClientTag;

Michael S, Jan 09, 2012
Reply 1
Interesting, thanks. Sounds like APIKey is a pre-defined parameter known to both server and client and used to validate the request on the server-side. Most likely ClientTag serves as APIKey. However, this approach does not seem to be secure as APIKey / ClientTag could be intercepted very easily (but anyway it's better than nothing). So that's why I asked about ClientTag purpose and scenarios to use it.

Michael S, Jan 11, 2012
Reply 2
Here is an interesting link that may help more. As for the ClientTag I can not really help as I do not have the framework documetation.

anyway hope this helps.
Dan Bambling, Jan 11, 2012
Reply 3
Not much. Do you have a link for such implementation details?

Anyway, I'd like to hear the purpose of ClientTag from the framework authors. Note that ClientTag is never mentioned in Patterns In Action 4.0.pdf.
Michael S, Jan 11, 2012
Reply 4
Probably if using a non-secure WCF service you could implement some sort of API key like how google does with its maps. This could then be used to manage access etc? Does that help?
Dan Bambling, Jan 11, 2012
Stay Inspired!
Join other developers and designers who have already signed up for our mailing list.
Terms     Privacy     Cookies       Do Not Sell       Licensing      
Made with    in Austin, Texas.  - vsn 44.0.0
© Data & Object Factory, LLC.