P
P
PetrovSerega2013-11-05 11:37:03
WCF
PetrovSerega, 2013-11-05 11:37:03

Restricting access to a WCF service

Hello.

There is a Windows Phone application that receives data from a WCF service.
The application itself is just a convenient display of data. All logic is taken out in service.

How to allow receiving data from WCF only for our application?

It is necessary to exclude the possibility of using our service by third-party applications.
I do not consider the option of registering and subsequent authentication of each user.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
A
Andrey Simonov, 2013-11-05
@AntLogist

1. Create a secret string in your application
2. Add a random number to it through a separator (so that the sequence of characters is different after encryption)
3. Encrypt with any algorithm from System.Security.Cryptography (for example, the RijndaelManaged class) and send
4. Send to WCF
5. Decode with your chosen algorithm and see your string or not.
6. Profit

Y
Yurii Medvedev, 2013-11-05
@kin9pin

Your service must have something like:

ServiceMetadataBehavior behavior = new ServiceMetadataBehavior();
behavior.HttpGetEnabled = true;
serviceHost.Description.Behaviors.Add(behavior);
serviceHost.AddServiceEndpoint(typeof(IMetadataExchange), MetadataExchangeBindings.CreateMexHttpBinding(), "mex");

This code enables metadata exchange. If you remove it, then it will at least be more difficult for others to get a description of the functions of the WCF service through the "Add Service Reference"

A
Anatoliy Mikhailov, 2014-10-13
@yamaoto

Use certificates to verify access.

httpBinding.Security.Message.ClientCredentialType=BasicHttpMessageCredentialType.Certificate;
serviceHost.Credentials.ClientCertificate.Authentication.CertificateValidationMode=X509CertificateValidationMode.Custom;
serviceHost.Credentials.ClientCertificate.Authentication.CustomCertificateValidator = new CertValidator();

where CertValidator implements X509CertificateValidator

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question