Click here to Skip to main content
15,606,999 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:

I have a created a REST Service method, which is pulling some personal information to the client, but I want this service to be secure so that this cannot be spam at all. As REST service method can be access through URI directly, please suggest me how can I stop unknown client to use it.

I need to implement it ASAP, looking forward for your soonest revert.

Pankaj Bahuguna
[[[ Email Deleted ]]]
[[[ Mobile Deleted ]]]

1 solution

Depends on many things, if your audience is limited (there is known list of authorised clients, you can limit them somehow) I would:

1) Use TLS (SSL) on the wire = https
2) Use client side certificates for authorization
3) Build a firewall rules to enforce connection on the network layer

these are mostly administration issues, so may have no impact on the code at all.
Share this answer
myself.panku 15-Jan-15 9:15am    
Thanks for your time.

I am interested in case we have some credential sort of thing within request header to validate(custom validation) the user.

Looking forward for your revert.

geo_m 15-Jan-15 9:25am    
That would need deeper knowledge of the situation. As you probably need only authentication, while using TLS, you may just use basic authentication (due to .net4 tag assuming you're using IIS). Or if the situation allows, you might consider using NTLM (Windows Authentication). Both of them will be handled by IIS for you automatically.
Also for advanced stuff you may look at (but I personally never did something with that as it is not suitable to our needs :( )

Some other stuff would probably need code changes.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900