WCF services are designed and intended to be Web Services over the web.
Web services generally have a public access.
For restricting access you can do following things.
1.Use web service security.Add some security, maybe some basic stuff like Username,password to method signatures in contract you want to restrain access to.
WCF service provides message based security and require a username and password with each request. Plug in an authentication provider (easy if you're already using the ASP.NET membership functions), then plug in roles (again easy if you're using the ASP.NET
bits - otherwise roll your own
Once you have a role based principal you can use declarative permission demands
[PrincipalPermission(SecurityAction.Demand, Role = "BusinessManager")]
[PrincipalPermission(SecurityAction.Demand, Role = "User")]
2.You can use firewall to block access to some clients.
3.WCF lets you control whether or not the WSDL is exposed by defining a MEX (metadata exchange) endpoint. No MEX endpoint, no WSDL.
gopikrsna
Member
190 Points
234 Posts
can we restrict exposing endpoint
Apr 26, 2012 12:06 PM|LINK
can we restrict exposing WCF particular endpoint to client.
avinash_bhud...
Contributor
2881 Points
517 Posts
Re: can we restrict exposing endpoint
Apr 26, 2012 01:33 PM|LINK
WCF services are designed and intended to be Web Services over the web.
Web services generally have a public access.
For restricting access you can do following things.
1.Use web service security.Add some security, maybe some basic stuff like Username,password to method signatures in contract you want to restrain access to.
WCF service provides message based security and require a username and password with each request. Plug in an authentication provider (easy if you're already using the ASP.NET membership functions), then plug in roles (again easy if you're using the ASP.NET bits - otherwise roll your own
Once you have a role based principal you can use declarative permission demands
2.You can use firewall to block access to some clients.
3.WCF lets you control whether or not the WSDL is exposed by defining a MEX (metadata exchange) endpoint. No MEX endpoint, no WSDL.
Hope it helps.