I have 2 web applications say A and B running on same intranet network. Application A is used only by intranet users while Application B is also connected to internet. My web services are deployed on application A and the client of the webservices is Application B. My confusion is which authentication method is better for this scenario. Basic Authentication or Client Cert Authentication ?
Kindly suggest the best approach which can secure my web services with least impact on performance.