I have two different Azure WCF services secured using ACS username/password service-identities.
One service is a software-licensing service which is accessible using a single "general" well-known username/password shipped with the client software.
The 2nd service is protected by a number of username/password service-identities: one is given to each service customer.
My question is: is it possible to prevent the 2nd service from being accessed by clients using the "general" username/password reserved for the software-licensing WCF service?
I have tried implementing a custom username-password-validator that acts to filter out the clients that use the "general" username/password service-identity but this does not seem to work in the Azure environment.
My second idea was to try get the 2nd service to access the username from the security token, but I don't think this information is accessible.
Has anyone got any suggestions as to how to implement an Azure WCF service that is able to differentiate & discriminate between different ACS service-identities?
Do you mean the 1st WCF Service not use the ACS as the authentication way but the 2nd WCF use username/password service identity method? If you dont like password, you can consider certificate or symmetroc key as service credential. I think different service
can use different service identities, just add different service identities for different WCF service, and each service can set differnt credential types in ACS portal.
I would like to secure the 1st WCF Service using ACS with username/password service-identity but restrict access to it for one user in the user-pool (e.g. User-A)
With the 2nd WCF service I would also like to secure it using ACS username/password service-identities but allow access from all other users in the user pool (except User-A) (e.g. User-B, User-C, User-D, etc.)
Do you know if this requirement is possible to achieve?