C# webservice and Android app: how prevent illegal accesses -

C# webservice and Android app: how prevent illegal accesses -

i'm using (with satisfaction) web services android application.

i utilize https (i bought ssl certificate).

i want prevent unwanted accesses others know urls of web services.

i utilize "secret key" app must provide web service method, it's stored in constant variable within code , know not best solution ensure security.

android web service phone call (using ksoap):

try { soapobject request = new soapobject(configuration.getnamespace(), methodname); request.addproperty("securitykey", security_key);

c# web service

[webmethod] public string userregistraion(string securitykey, string data) { if (securitykey != environment.securitykey) { homecoming "wrong_key"; }

what's best way accomplish definitive solution?

edit:

as suggested, asked same question on security.stackexchange.com

http://security.stackexchange.com/questions/30850/web-services-how-prevent-illegal-accesses

you can't this. should obfuscate code. old battle of software developers vs. crackers

you can't block on using/analyzing code resides on client-side, can create hard in point people give on doing because much hard exploit code.

c# android web-services security code-access-security