Reputation: 7533
Protect communication between WCF client and service
I have a WCF service with one method:
[OperationContract]
bool VerifyLicense(string clientId, string license);
This is hosted on a public web server. When called from an app deployed on a client Intranet, it checks whether that client has a current license to continue using the app.
However, presumably it would be quite easy to intercept this and just return true.
What would be the easiest way to protect against this? Would encryption work? Please provide a code sample because I've never used encryption before. I can't make sense of some of the stuff thrown up by Google... certificates, etc. Is there an easier way?
Upvotes: 1
Views: 204
Answers (1)
Reputation: 754200
By default, all communications in WCF is a) encrypted, and b) signed, so you should be on the safe side... (you can choose to turn this off - but it's on by default)
Resources:
and in particular
- How to: Enable Message Replay Detection
Upvotes: 1
Related Questions
- encrypt/decrypt webservice/WCF message request
- Implementing WCF Service using HTTP protocol with encryption
- Encrypt WCF message password
- Other ways to encrypt WCF Connections
- How to implement secure communication between client and server in WCF?
- WCF service that use encryption for some clients only
- How can I encrypt, but not secure WCF messages?
- WCF - How do I encrypt messages?
- wcf authentication and encryption
- Sending sensitive data from server to server via client