C# - winform - How to encrypt endpoint address in app.config [duplicate]
Possible Duplicate:
WCF Encryption solution for App.config viewable to a client?
In my application, I use a webservice to authenticate member, I found out that .NET store endpoint address of the webservice in app.exe.config file. So I think it's very easy if someone can create another web service and change the configuation file, he can login to my app.
Please help,
Thanks
Now I'll implement something like this to source
this._dataService = new DataServiceSoapClient();
if (this._dataService.Endpoint.ListenUri.ToString() != "myURLofWebservice")
{
//error
}
I think it solves my problem
Thank you all for your helps
Well, it is also easy to use http sniffer to see, where application does requests, so encrypting endpoint address is also not a solution.
I think better way to do this, that webservice would sign request using private key and application would check signature using public key.
There are many examples of this, like http://blogs.msdn.com/b/alejacma/archive/2008/02/21/how-to-sign-a-message-and-verify-a-message-signature-c.aspx
精彩评论