How to implement secure communication between client and server in WCF?

Question

0.00/5 (No votes)

See more:

I need to implement a model, where only an authorized set of clients can use a WCF server. I thought of something along passing an AUTH structure as a param inside each method call. Is this the best method to implement this kind of security, or is there an easier/better way of doing this?
for example i developed and publish the service like below:
http://MyServer/MyService[^]
By default any any one who know the URL can consume the service.
How i can set specified Set of client can consume the URL.
Also how can we assure no one can change the data between communication.

For eg: client send request for Balance Enquiry service with reponse 500 Rs but some one tried to change it to 500 Rs.

Posted 30-Nov-14 3:21am

vishal_h

Add a Solution

Comments

Afzaal Ahmad Zeeshan 30-Nov-14 9:36am

Use a username and password combination for the application.

vishal_h 30-Nov-14 9:47am

But if some one try to change the response using tool like Burp Suite then how to secure.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Kornfeld Eliyahu Peter · Answer 1 · 2014-11-30T03:48:00

Solution 1

There is build-in solutions for secure WCF service.
1. Username/password
2. SSL (HTTPS) connection
3. Client-side certificate
But! First read about WCF security...Use Google...
http://msdn.microsoft.com/en-us/library/dd728284(v=vs.110).aspx[^]
http://msdn.microsoft.com/en-us/library/ff650862.aspx[^]
http://msdn.microsoft.com/en-us/library/ms732362(v=vs.110).aspx[^]
And there are more...much more...

Posted 30-Nov-14 3:48am

Kornfeld Eliyahu Peter

Comments

BillWoodruff 30-Nov-14 15:44pm

+5

Kornfeld Eliyahu Peter 1-Dec-14 1:04am

Thank you...