Hi I am making a student project with diverse clients (ASP.NET MVC, WP7, WPF) consuming a default WCF Service Application. I haven't configured the WCF Service in any way, it's right out of the box from VS 2010.
Now I am logging in and out on my clients by calling a method on the WCF service with a username and password.
But then I was thinking that my service is proberly quite insecure, I was thinking, if anybody know the service endpoint, then I guess, as it is now, everybody can call the methods on my service, right?
Now remember that this is just a student project, but I was wondering if there is a really simple and quick way I can somehow authenticate or authorize (don't know which word is the right one) access to the web service, so that not just everybody can use my web service, cause I think thats the scenario right now.
I can also say that I am using forms authentication in the ASP.NET MVC client, I am not using the ASP.NET Membership and Role Provider.
So is there a really simple and quick way to make the web service not just open to everybody who knows the endpoint? Remember it has to be really simple, so I can do it quick, otherwise I drop it, if it's too complicated.
View Complete Post