I have a web service implemented in WCF. This service is only going to be called by a single client, a site with a static IP address. I would like to implement simple security that would verify that all calls to the service are only valid if they came from this particular static IP.
What is the best way to do this?
On .NET 3.5, you can do this in your service code to find out the caller's IP address:
public void YourServiceMethod(string value)
{
OperationContext context = OperationContext.Current;
MessageProperties messageProperties = context.IncomingMessageProperties;
RemoteEndpointMessageProperty endpointProperty =
messageProperties[RemoteEndpointMessageProperty.Name]
as RemoteEndpointMessageProperty;
string clientIPAddress = endpointProperty.Address;
int clientPort = endpointProperty.Port;
}
Originally seen at Keyvan Nayyeri's blog post.
Marc