Get Help:Ask a Question in our Forums|Report a Bug|More Help Resources
Last post Apr 26, 2012 01:33 PM by avinash_bhudke
Apr 26, 2012 12:06 PM|LINK
can we restrict exposing WCF particular endpoint to client.
Apr 26, 2012 01:33 PM|LINK
WCF services are designed and intended to be Web Services over the web.
Web services generally have a public access.
For restricting access you can do following things.
1.Use web service security.Add some security, maybe some basic stuff like Username,password to method signatures in contract you want to restrain access to.
WCF service provides message based security and require a username and password with each request. Plug in an authentication provider (easy if you're already using the ASP.NET membership functions), then plug in roles (again easy if you're using the ASP.NET
bits - otherwise roll your own
Once you have a role based principal you can use declarative permission demands
[PrincipalPermission(SecurityAction.Demand, Role = "BusinessManager")]
[PrincipalPermission(SecurityAction.Demand, Role = "User")]
2.You can use firewall to block access to some clients.
3.WCF lets you control whether or not the WSDL is exposed by defining a MEX (metadata exchange) endpoint. No MEX endpoint, no WSDL.
Hope it helps.