How to restrict wcf methods to clients
Hi all,I am working on wcf application,i want to give me service methods access to some clients,
i want to know how to restrict method acceess for client,
reply pls
You must Sign In to post a response.
Category: WCF
I am working on wcf application,i want to give me service methods access to some clients,
i want to know how to restrict method acceess for client,
reply pls
#759587
Hi,
To restrict WCF methods to clients, Check these links
http://10rem.net/blog/2009/07/15/restricting-access-to-your-wcf-service-to-a-known-silverlight-client
http://stackoverflow.com/questions/11566182/how-do-i-restrict-access-to-some-methods-in-wcf
http://blog.clauskonrad.net/2010/04/wcf-restrict-which-clients-can-call.html
http://blogs.msdn.com/b/asiatech/archive/2012/07/04/a-solution-to-limit-specified-client-certificates-to-consume-wcf-service.aspx
https://ramanisandeep.wordpress.com/2014/11/24/wcf-security-how-do-i-restrict-user-access-to-methods-in-wcf/
https://msdn.microsoft.com/en-us/library/ms731200(v=vs.110).aspx
To restrict WCF methods to clients, Check these links
http://10rem.net/blog/2009/07/15/restricting-access-to-your-wcf-service-to-a-known-silverlight-client
http://stackoverflow.com/questions/11566182/how-do-i-restrict-access-to-some-methods-in-wcf
http://blog.clauskonrad.net/2010/04/wcf-restrict-which-clients-can-call.html
http://blogs.msdn.com/b/asiatech/archive/2012/07/04/a-solution-to-limit-specified-client-certificates-to-consume-wcf-service.aspx
https://ramanisandeep.wordpress.com/2014/11/24/wcf-security-how-do-i-restrict-user-access-to-methods-in-wcf/
https://msdn.microsoft.com/en-us/library/ms731200(v=vs.110).aspx
#759597
Hi ,
if u want to hide some methods to clients then do one thinks like the sample i will share for uu.
[ServiceContract]
public interface IStudentEnrollmentService
{
[OperationContract]
void EnrollStudent(Student s);
[OperationContract]
Student[] GetEnrolledStudents(); // Visible for clients
}
here if u mention the method as operation contract, then it will visible for client..
if u remove the operation contract from the methods then it wouldn't be visible for client like
[ServiceContract]
public interface IStudentEnrollmentService
{
[OperationContract]
void EnrollStudent(Student s);
Student[] GetEnrolledStudents(); // invisible to clients
}
hope u will understand the concept of WCF..
Thanks,
Chitaranjan
if u want to hide some methods to clients then do one thinks like the sample i will share for uu.
[ServiceContract]
public interface IStudentEnrollmentService
{
[OperationContract]
void EnrollStudent(Student s);
[OperationContract]
Student[] GetEnrolledStudents(); // Visible for clients
}
here if u mention the method as operation contract, then it will visible for client..
if u remove the operation contract from the methods then it wouldn't be visible for client like
[ServiceContract]
public interface IStudentEnrollmentService
{
[OperationContract]
void EnrollStudent(Student s);
Student[] GetEnrolledStudents(); // invisible to clients
}
hope u will understand the concept of WCF..
Thanks,
Chitaranjan
#759603
Hi Ramana.
To make few methods invisible for clients you should remove the [operation contract] attribute of the method.
Methods with out operation contract attribute are not available for clients.
By applying the role based security you can restrict the particular client from accessing your resources.
[PrincipalPermission ( SecurityAction. Demand,
Role = "Admin")]
public double Add(double a, double b)
{
return a + b;
}
[PrincipalPermission ( SecurityAction. Demand,
Role = " User")]
For using certificate to restrict users refer below link.
blog.clauskonrad.net/2010/04/wcf-restrict-which-clients-can-call.html?m=1
Regards.
Sridhar Thota.
DNS Member.
"Hope for the best.. Prepare for the worst.."
Sridhar Thota.
Editor: DNS Forum.
To make few methods invisible for clients you should remove the [operation contract] attribute of the method.
Methods with out operation contract attribute are not available for clients.
By applying the role based security you can restrict the particular client from accessing your resources.
[PrincipalPermission ( SecurityAction. Demand,
Role = "Admin")]
public double Add(double a, double b)
{
return a + b;
}
[PrincipalPermission ( SecurityAction. Demand,
Role = " User")]
For using certificate to restrict users refer below link.
blog.clauskonrad.net/2010/04/wcf-restrict-which-clients-can-call.html?m=1
Regards.
Sridhar Thota.
DNS Member.
"Hope for the best.. Prepare for the worst.."
Sridhar Thota.
Editor: DNS Forum.
#759801
Hai Ramana,
Yes, The role based security can be applied to the individual operation contract in WCF services.
if we have the set of users under the particular role, we can provide the security so that only particular group of user can get those operations when consuming the service.
To assign the security based on the operation, we have the predefined annotation PrincipalPermission which can be set as:
[PrincipalPermission(SecurityAction. Demand,Role = "Role1")]
void Operation1();
[PrincipalPermission(SecurityAction. Demand,Role = "Role2")]
void Operation2();
Hope it will be helpful to you.
Regards,
Pawan Awasthi(DNS MVM)
+91 8123489140 (whatsApp), +60 14365 1476(Malaysia)
pawansoftit@gmail.com
Yes, The role based security can be applied to the individual operation contract in WCF services.
if we have the set of users under the particular role, we can provide the security so that only particular group of user can get those operations when consuming the service.
To assign the security based on the operation, we have the predefined annotation PrincipalPermission which can be set as:
[PrincipalPermission(SecurityAction. Demand,Role = "Role1")]
void Operation1();
[PrincipalPermission(SecurityAction. Demand,Role = "Role2")]
void Operation2();
Hope it will be helpful to you.
Regards,
Pawan Awasthi(DNS MVM)
+91 8123489140 (whatsApp), +60 14365 1476(Malaysia)
pawansoftit@gmail.com
Return to Return to Discussion Forum