none
When a Client makes a request to Wcf service,how that service validates it's client whethere this client is known or unknown client RRS feed

  • Question

  • When a Client makes a request to Wcf service,how that service validates it's client whethere this client is known or unknown client

    As we all know, connecting to service just URL of that service is enough,in this way some unknown client knew that service url and trying to connect to that service for getting data,so in this situation how do service validates their client.


    Sunday, April 21, 2013 12:40 PM

Answers

  • On 4/21/2013 8:40 AM, Venkata Siva wrote:

    When a Client makes a request to Wcf service,how that service validates it's client whethere this client is known or unknown client

    As we all know, connecting to service just URL of that service is enough,in this way some unknown client knew that service url and trying to connect to that service for getting data,so in this situation how do service validates their client.

    You would use authentication like any another Web service such as legacy Web service would use SOAP authentication to verify the client's credentials, which would also be coming through HTTPS to protect the user-id and psw.

    <http://www.codeproject.com/Articles/4398/Authentication-for-Web-Services-using-SOAP-headers>
    In using a WCF Web service needing authentication such as user-id and psw, it too should be using HTTPS to protect the password.
     <http://www.devatwork.nl/2007/05/wcf-username-authentication/>
     HTTPS certificates cost money, and they are not cheap.
     I have never seen a WCF Web service that was a general usage Web service like a ASP.NET legacy Web service can be for general usage.
     WCF Web services I have seen have been on a Web server that was a backend Web server that a public facing Web server that has an ASP.NET Web UI application that is using a N-Tier solution.

    Monday, April 22, 2013 4:38 AM