Last post Jul 17, 2014 05:11 AM by Fuxiang Zhang - MSFT
Jul 14, 2014 03:09 PM|sireeshar|LINK
I want to hide the WSDL or other service related information to unauthorized users. When a user requests the wsdl using the uri like XXX.svc?wsdl, the user needs to be verified before the information is disclosed. How can I achieve this?
Jul 15, 2014 07:47 AM|riteshtandon23|LINK
Please refer to http://msdn.microsoft.com/en-US/library/2tyf2t8t%28v=vs.80%29.aspx
Jul 15, 2014 02:17 PM|ranafaisal342|LINK
Follow the following tutorial. You need to setup some authentication model on your webservice.
Jul 17, 2014 05:11 AM|Fuxiang Zhang - MSFT|LINK
Thanks for your post.
WCF service metadata is used to expose our service to the public. If you want to protect your wsdl matedata file, there have no a feature to
validate users who want access wsdl file. you can only disable it like below.
<behavior name="MyServiceTypeBehaviors" >
<serviceMetadata httpGetEnabled="false" httpsGetEnabled="false" />
Then everyone cannot access your matedata, you should manually distribute your metadata information in WSDL and XSD files with your valid clients.
In my mind, we need not hide our metadata for public. We can let users provide their identify before he call our service. Please take a look at
Authentication and Authorization in WCF Services.
Hope this helps, thanks.