Reputation: 195
Restrict WCF to accept call from specific remote clients
We have an internal application(ASP.net) on one server and a WCF Service on another. How do i make sure that WCF Service can only accept calls from that application? I'm hoping there is a way for WCF to allow access using the AppPool Identity(domain service) off the calling application.
Upvotes: 0
Views: 265
Answers (1)
Reputation: 23496
There are several ways of doing that, but all involve authenticating the incoming calls at the WCF side.
You could use client certificates and only issue a certificate to the ASP.NET application. This is a very common way to do machine to machine authentication.
If you're in a Windows Active Directory domain, you could use Kerberos authentication if your ASP.NET application is running under its own account.
Another alternative would be to use username-password authentication and store the credentials securely on the ASP.NET machine.
Take a look at this link for more information: https://msdn.microsoft.com/en-us/library/ff647503.aspx
Upvotes: 4
Related Questions
- Restrict the client connection in WCF service
- Restrict WCF client from accessing certain public classes and methods
- Limit WCF service calls to local clients
- Limiting WCF service to a specific client app
- WCF Service - how to protect so only my clients can use it?
- how to restrict a wcf service to one client application only
- Allow only local network access to WCF services
- Secure WCF Service so that only my "clients" can call it
- Can I restrict a WCF Web Service to only calls from a certain domain?
- WCF - Preventing Unauthorized Clients