>Yes but instead of passing the user name and password on each request you pass an id, also you can have the login call being done via SSL to protect the user name and password.
If would do a call at first to InternetOpenUrl() which would store a cookie. Can that cookie be seen by a call from a Web Service client?