How to secure a WCF service using NetNamedPipesBinding so that it can only be called by the current user?

北战南征 提交于 2019-12-24 22:06:00

问题


I'm using a WCF service with the NetNamedPipesBinding to communicate between two AppDomains in my process.

How do I secure the service so that it is not accessible to other users on the same machine?

I have already taken the precaution of using a GUID in the Endpoint Address, so there's a little security through obscurity, but I'm looking for a way of locking the service down using ACL or something similar.


回答1:


See http://blogs.charteris.com/blogs/chrisdi/archive/2008/06/23/exploring-the-wcf-named-pipe-binding-part-3.aspx for one way to do it via ACLs.




回答2:


you can use WCF authentication. One of the options is to validate against the windows username and password. If you use active directory, you can use that too (harder to set up, put less of a burden). http://blogs.msdn.com/pedram/archive/2007/10/05/wcf-authentication-custom-username-and-password-validator.aspx.




回答3:


WCF NetNamedPipesBinding has only Transport Security

http://msdn.microsoft.com/en-us/library/ms731699.aspx

Is this a shared PC? Do you have several users logging on locally to the same physical machine?



来源:https://stackoverflow.com/questions/2477402/how-to-secure-a-wcf-service-using-netnamedpipesbinding-so-that-it-can-only-be-ca

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!