>Hi Bonnie, thanks for the links, I already have a class similar to your first link, my question really is : *How can I prevent someone browsing my service using a Web browser" ? e.g., If my site is running on
>
>

>http://pete-kane.com:8080/myservice.svc"
>

>anyone can just browse to the site and see my JSON data ( as long as they know the name of the GET methods ) sorry if I wasn't clear

You were clear, Pete. I'm the one who wasn't thinking ... I posted my reply before I'd had enough coffee! Ooops!!

Obviously, my blog posts were for client-side credentials, my bad.

However, I thought that we had a RESTful web service that exposed JSON with credentials, but in looking at my server-side code, the only RESTful Service we have that has any security makes use of SSL. And it was for a client sending data to the service (POST), not for a client receiving data from the service (GET). So, that's not going to help you. Sorry!!