Here's my scenario:
I'm using .NET 4.5 and creating a WCF Service that will expose sensitive data and will require a username/password to access. Now, I'd like that service to be able to return JSONP as it'll be cross-domain (which is where I'm having the issues).
My solution, to my knowledge, would be this:
Client -> WebAPI (acting as a proxy on the client, called by jQuery and can access the client session state) -> WCF Data Service -> Database.
With this structure, the WebAPI can send the username/password across securely. All this will be over SSL.
Would this be the correct approach for my scenario? I've tried the Client -> WCF Data Service -> Database approach, but I simply can't secure this with a jQuery call without going down a custom Oauth route, which I don't really want to do.
Any advice would be very appreciated.
