none
How to secure a WCF WebService which should be used by a Windows Phone or IOS Application RRS feed

  • Question

  • Hi,

    i would like to develop an App for Windows Phone/IOS. I need to provide WebServices for the Application i would like to develop them as WCF Services. But how could i secure the wcf so it could only be used through my apps?

    To be more specific:

    1.) The data which is sent between wcf and client should be secured

    2.) The use of the webservices should only be possible after a user has successfully logged in

    • Edited by BOG's Lab Monday, June 1, 2015 10:33 AM
    Monday, June 1, 2015 10:20 AM

Answers

  • Hi BOG's Lab,

    Based on your description, I know that you want to secure the WCF Service to let it could only be used by your apps, then I will recommend you use the username authentication with the message security mode, in this way all the message will be encrypted during the communication, only the client provides the correct username and password can access the WCF Services.
    For more information, please try to refer to the following articles:
    #WCF Service with custom username password authentication:
    http://www.codeproject.com/Articles/96028/WCF-Service-with-custom-username-password-authenti .
    #Message Security with a UserName Client:
    https://msdn.microsoft.com/en-us/library/ms731058(v=vs.110).aspx .

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    • Marked as answer by BOG's Lab Tuesday, June 2, 2015 9:35 AM
    Tuesday, June 2, 2015 2:20 AM
    Moderator