securing wcf services from specific sources
Question
I am using wcf services for interaction between my javascript files and server side.
I am concerened about security around this as anyone can call these services via an application, firebug etc.
So I want to secure my web services to only be accessible from specified sources, for example the javascript files on my site - ie. the main function why I have wcf services.
I am running on the .net 3.5 framework in ac# web application.
Could anyone assist my securing my wcf services as outlined above?
2 answers
solution1
1 ACCPTED 2011-04-23 16:49:46
如果这是javascript和服务器端的组合,则可能可以从服务器端生成一个Key并将其存储在javascript变量中,然后再次传递给WCF Web服务。
solution2
0 2011-04-26 15:51:32
Kobe's answer of generated request keys is definitely one possible way. Given that your services are running on the same machine as your UI code, another way to limit access would be to set them up as regular services and not Web Services. That is of course assuming you don't need them to be Web Services.
Check out the cool work that the WCF team has done/ is doing with jQuery and WCF .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.