Hi,
I would like to get some examples on implementing secured remote access protocol in Web API application. Currently passing username and password over the wire using basic authentication in encoded strings and cookies over SSL.
http://weblog.west-wind.com/posts/2013/Apr/18/A-WebAPI-Basic-Authentication-Authorization-Filter
However would like to switch to implement SRP in service. Found some solutions like Bouncy Castle and SRP4net. However implementing in Web API is bit confusing.
1. Bouncy Castle: http://www.bouncycastle.org/csharp/
2. SRP4net: http://code.google.com/p/srp4net
I need some directions to implement the bouncy Castle or SRP4net in WEB API. SRP4net shows example with the same algorithm implemented in js files as well as server side. Implementing same algorithm in js files seems to be bit risky.
Please help me with directions to move forward.
SRP Algorithm Understandings: