Answer the question
In order to leave comments, you need to log in
Restricting access to a WCF service
Hello.
There is a Windows Phone application that receives data from a WCF service.
The application itself is just a convenient display of data. All logic is taken out in service.
How to allow receiving data from WCF only for our application?
It is necessary to exclude the possibility of using our service by third-party applications.
I do not consider the option of registering and subsequent authentication of each user.
Answer the question
In order to leave comments, you need to log in
1. Create a secret string in your application
2. Add a random number to it through a separator (so that the sequence of characters is different after encryption)
3. Encrypt with any algorithm from System.Security.Cryptography (for example, the RijndaelManaged class) and send
4. Send to WCF
5. Decode with your chosen algorithm and see your string or not.
6. Profit
Your service must have something like:
ServiceMetadataBehavior behavior = new ServiceMetadataBehavior();
behavior.HttpGetEnabled = true;
serviceHost.Description.Behaviors.Add(behavior);
serviceHost.AddServiceEndpoint(typeof(IMetadataExchange), MetadataExchangeBindings.CreateMexHttpBinding(), "mex");
Use certificates to verify access.
httpBinding.Security.Message.ClientCredentialType=BasicHttpMessageCredentialType.Certificate;
serviceHost.Credentials.ClientCertificate.Authentication.CertificateValidationMode=X509CertificateValidationMode.Custom;
serviceHost.Credentials.ClientCertificate.Authentication.CustomCertificateValidator = new CertValidator();
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question