Is it possible for others to connect to my defined services in my Ria application. If yes, how can we remove this access?
Thanks in advanced!
views:
54answers:
1
+2
Q:
In WCF Ria Services, is it possible to other to connect to my Service? If yes, how can I ban it.
+1
A:
A very broad question! First of all, you cannot remove access, e.g. your URL will still be there and anyone pounding around might accidentally hit it - you can restrict access to your service by checking some claims / facts about the caller.
Since a WCF RIA Service is fundamentally a WCF service, you can use any of the WCF mechanisms to secure your service (warning: I'm not familiar with Silverlight, so not all of these might be available / feasible for the limited world of Silverlight clients....):
- require the user to be a valid Windows identity (in Intranet scenarios)
- require a certificate with the caller
- require a specific header in each message
- check the caller's IP
One fairly straightforward solution is being presented here:
Restricting Access to your WCF Service to a known Silverlight Client
But again - that's just one possible solution out of a vast number of possibilities.
marc_s
2010-03-05 12:23:23
Thanks for the response. Yeah, It seems that the most effective option is using ASP.Net authentication in my service which was mentioned in your link.
Ali
2010-03-05 13:46:06