NAV 2009 Vs NAV 2013 Web Services (WS) Technology
NAV 2009
Security for Web Services (WS) in NAV 2009 is managed by using Windows Authentication.
This is the reason access to NAV 2009 Web Services requires the user to log into a domain and be a valid Windows Login in NAV.
Consequently, this is also why the user accessing the Web Services URL receives a login prompt when the SPNs/delegation is not setup properly.
All the SPN/delegation setup allows the NAV Service (either RTC or WS) to authentic a user and then use that user's credentials when accessing data.
This authentication/delegation process is essential to making sure that unwanted (or unauthorized) users do not have access to a customer's NAV data.
it would not work to have a public facing website where all users are anonymous access the NAV WS.
The WS functionality was not designed for this.
You would need some intermediate solution (maybe some C# or .NET app) to take the submitted data from the website,
verify, process, and submit it to the published NAV web service; the solution would then need to receive the reply/result
from the NAV web service to provide to the website.
The intermediate solution would store the necessary NAV credentials (a domain user account that has a NAV login) to access the NAV web service.
NAV 2013
NAV 2013 is a better technology!
many autenthication methods are supported !
With NAV 2013 tt's possibile to connect to Web Services using Windows authentication (and Windows User), NavUser, Navuser + Ecrypted key, OpenId (Cloud Scenario)
These defferential authentication processes are essential to making sure that unwanted (or unauthorized) users do not have access to a customer's NAV data (like Nav 2009 architecture)
NAV User Mapping
> isn't possibile to map on NAV users : "Everyone", "Anonymous Login" etc. (security
> is possibile to map instead "Network services", "Local System" ex: for NAS utilization insted of dedicated Windows (service) user
NAV 2013 Mixed Mode Scenario
we need two separate services to managed different authentication environments
1) 1 service only for NAV RTC User (with windows domani authentication) ex : DB_RTC
2) 1 service only for WS Services (with NavUser authentication, + encrypted password ...) ex: DB_WS
may be a solution !
Bob