how to make your WCF service private to your own client?

I have a WCF service and I create a client library to access to our WCF and provide this to our customers to simplify the process of accessing to our WCF. For the customer, they do not need 开发者_C百科to know about WCF or other remote protocol being handle in our library. But I do not want to allow anyone to discover and access our WCF service without using our WCF client library.

What kind of securities model I need that allows me to built such a WCF server/client in this way.

The only security that our customer need to provide to the WCF is a Windows user account (user/password) that can be authenticate at the server site.

Our WCF service is hosted in Windows Service and our client library can call the WCF service over the internet.

The service will be hosted in Windows XP sp3.

Thanks for all of your comments

If discoverability is your primary concern, you can remove the MEX endpoint. This will not ensure that only trusted clients can access your service, however. See this related question for more information about limiting discoverability.

You said that your customers have a username/password that you can authenticate at the server site. This handles the authentication, but still does not restrict access to the client library you created.

To handle the validation that the communication is only coming from your client library, you need to look at options such as using custom message headers or using security certificates. The choice of option will depend on your specific situation.