How to "bind" services to specific channels (tcp, http, ipc) in a .NET Remoting server?

Question

I have a complex .NET Remoting server app that provides a couple of services. Clients can currently use tcp and http channels to connect to the server.

Now I need to implement some new administration services, but I want to restrict their availability to the local machine, i.e. I want to create an administration tool that can use these new services, but I do not want sensitive data to physically leave the server, so I need to restrict running the admin tool on the same server computer.

I thought about adding the new services and also registering the ipc channel with the server for use by the admin tool. Now comes the problem: how can I prevent remote clients connecting to these new admin services using the tcp or http channel? Can I say something like "register service x, implemented by class C in assembly A, usable only via ipc", "register service y, implemented by class D in assembly A, usable via tcp/http" in app.config (or using remoting infrastructure classes)?

It's the "usable only via ipc" part that baffles me. (And no, porting to WCF is not an option right now.)

Answer 1

Get the IPAddress of the service calling it. If it is anything other than 127.0.0.1 reject the call.

Answer 2

There are no overloads for RegisterWellKnownServiceType that allow you to specify which channel to register on, nor are there any methods on the IPCServerChannel to register a service, so none of that will work.

The best I can think of is writing a ChannelSink that filters your messages or provides security. These can be added to the constructor of your TcpChannel and HttpChannel to filter out admin only calls.

Answer 3

thats it! or use aes128 decryption