I'm relatively new to WCF and i' like some help/advice on how to proceed.
I'd like to create a login service with WCF with the credentials stored in a sql server 2008 r2 database.
The result of a successful login would ideally expose one of two WCF services, depending on the account type logged into.
The One of the two WCF services is a proper subset of the other one. The both need to modify the tables, except one of them only has the rights to modify 1 table and the other has a much larger access (but still not complete).
So just so its clear: One WCF gives access to a whole subtree of an account of database tables and the other is the one table in that subtree
So I have two major questions
How do i make a good and secure login?
My first inclenation is using a wsbinding with a certificate
with the WCF code have a linq query with some async to prevent thread lock... but not entirely sure if this method is good. Nor am i clear on the specific details to work properly. Especially since the clients must be able to modify the database.
My second question is:
Since one of the WCF services will be a proper subset of the other one, should i worry about the second WCF service at all? What i mean by this is, is it safe to just deactivate the events
View Complete Post