WCF service security with some methods public and some methods private
Recently, I am assigned on a project that requires to have a WCF service. Inside this service, some of the methods are exposed to the public and some are supposed to be hidden from the public. The hidden methods are to be called only from the our web client. Is there a way that I can achieve that with out compromizing security? ins开发者_开发知识库tead of having a different service one for the public and one for internal use?
You can create a simple WCF service that implements two contract or service contracts. One service contract is the public one and the other one is the private one. You can later publish those contracts in two separate endpoints, but configured with different security settings. The two endpoints will be visible to outside world but the private endpoint can be protected with security settings that only your web client can provide such as windows authentication, an specific set of username and password or a certificate.
Regards Pablo.
精彩评论