How to secure a WCF service using NetNamedPipesBinding so that it can only be called by the current user?

views:

answers:

How to secure a WCF service using NetNamedPipesBinding so that it can only be called by the current user?

I'm using a WCF service with the NetNamedPipesBinding to communicate between two AppDomains in my process.

How do I secure the service so that it is not accessible to other users on the same machine?

I have already taken the precaution of using a GUID in the Endpoint Address, so there's a little security through obscurity, but I'm looking for a way of locking the service down using ACL or something similar.

Hi, you can use WCF authentication. One of the options is to validate against the windows username and password. If you use active directory, you can use that too (harder to set up, put less of a burden). http://blogs.msdn.com/pedram/archive/2007/10/05/wcf-authentication-custom-username-and-password-validator.aspx.

Steve 2010-03-19 13:27:28

Your link is to NetTCPBinding not Named Pipes

Shiraz Bhaiji 2010-03-19 15:22:15

If you're doing it in code, you can (most likely) add the behavior shown in that post. If you're using xml configuration, you may be out of luck, its far less powerful.

Steve 2010-03-19 15:39:34

WCF NetNamedPipesBinding has only Transport Security

http://msdn.microsoft.com/en-us/library/ms731699.aspx

Is this a shared PC? Do you have several users logging on locally to the same physical machine?

Shiraz Bhaiji 2010-03-19 15:28:22

It could potentially be used on a shared machine

Samuel Jack 2010-03-19 17:51:16

ansaurus

tags:

views:

answers:

How to secure a WCF service using NetNamedPipesBinding so that it can only be called by the current user?

related questions