Click here to Skip to main content
16,016,022 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I need to implement a model, where only an authorized set of clients can use a WCF server. I thought of something along passing an AUTH structure as a param inside each method call. Is this the best method to implement this kind of security, or is there an easier/better way of doing this?
for example i developed and publish the service like below:
http://MyServer/MyService[^]
By default any any one who know the URL can consume the service.
How i can set specified Set of client can consume the URL.
Also how can we assure no one can change the data between communication.

For eg: client send request for Balance Enquiry service with reponse 500 Rs but some one tried to change it to 500 Rs.
Posted
Comments
Afzaal Ahmad Zeeshan 30-Nov-14 9:36am    
Use a username and password combination for the application.
vishal_h 30-Nov-14 9:47am    
But if some one try to change the response using tool like Burp Suite then how to secure.

1 solution

There is build-in solutions for secure WCF service.
1. Username/password
2. SSL (HTTPS) connection
3. Client-side certificate
But! First read about WCF security...Use Google...
http://msdn.microsoft.com/en-us/library/dd728284(v=vs.110).aspx[^]
http://msdn.microsoft.com/en-us/library/ff650862.aspx[^]
http://msdn.microsoft.com/en-us/library/ms732362(v=vs.110).aspx[^]
And there are more...much more...
 
Share this answer
 
Comments
BillWoodruff 30-Nov-14 15:44pm    
+5
Kornfeld Eliyahu Peter 1-Dec-14 1:04am    
Thank you...

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900