tags:

views:

166

answers:

2
+2  Q: 

Identifying WCF Client ID

I have a WCF web service that exposes several business methods. I also have two clients - an asp.net GUI and a data migration application that both connect to the wcf backend to invoke various business transactions.

I need my backend to be able to identify and distinguish between which wcf client has made a call to some variant logic.

Is there a way that my WCF service is able to identify clients connected to it? Also is there a way to use a signed key to prevent a client from spoofing their identity?

+1  A: 

In order to identify the type of caller (ASP.NET vs. WInforms or whatever), you probably need to add a custom header to your WCF messages - there's no way the service can know anything about the calling client unless it's part of the message or the headers sent. For this, your best bet is to write a WCF Message Inspector - and this blog post here will show you how to do this.

As for security - depends on your environment. In a corporate LAN behind a firewall - use the Windows credentials. If you're "outside facing", your best bet would be to install digital certificates on the clients to verify their identity.

WCF Guru Juval Löwy has a really good article on MSDN Magazine, Declarative WCF Security, that describes five common security scenarios in WCF and how to implement them. Highly recommended reading.

marc_s  2010-07-18 21:13:53
+1  A: 

You can solve this via a custom header.

You can add a custom header as part of the endpoint in the client application's configuration file. You would then make each client's custom header different. For example, in the ASP.NET version:

        <endpoint
            name="basicHttpEndpoint"
            address="http://localhost:8972"
            binding="basicHttpBinding"
            contract="MySeriveContractLib.IMyService"
            >
            <headers>
                <ClientIdentification>ASP_Client</ClientIdentification>
            </headers>
        </endpoint>

Then the service can check the header value like so:

public void MyServiceMethod()
{
   var opContext = OperationContext.Current;
   var requestContext = opContext.RequestContext;
   var headers = requestContext.RequestMessage.Headers;
   int headerIndex = headers.FindHeader("ClientIdentification", "");
   var clientString = headers.GetHeader<string>(headerIndex);
   if clientString=="ASP_Client"
   {
       // ...
   }
   else
   {
      // ...
   }
}
Andrew Shepherd  2010-07-19 00:08:48

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?