What should we implement to authorize clients to use our web service?

Question

We have a web service that we will be hosting on a public web server and it will be contacted by web services hosted on web servers within the walls of a hospital. We have writ

Answer 1

Could you use something like Basic Authentication over https to provide username password challenging? I believe the Microsoft SOAP supports it fairly well. You pretty much just use IIS to configure basic auth (must use SSL), and in your C# just pass ICredentials to your proxy.

From googling, it looks like other languages support basic auth over SOAP too.