I have a WCF web service that exposes several business methods. I also have two clients - an asp.net GUI and a data migration application that both connect to the wcf backend to invoke various business transactions.
I need my backend to be able to identify and distinguish between which wcf client has made a call to some variant logic.
Is there a way that my WCF service is able to identify clients connected to it? Also is there a way to use a signed key to prevent a client from spoofing their identity?
Answer
You can solve this via a custom header.
You can add a custom header as part of the endpoint in the client application's configuration file. You would then make each client's custom header different. For example, in the ASP.NET version:
<endpoint
name="basicHttpEndpoint"
address="http://localhost:8972"
binding="basicHttpBinding"
contract="MySeriveContractLib.IMyService"
>
<headers>
<ClientIdentification>ASP_Client</ClientIdentification>
</headers>
</endpoint>
Then the service can check the header value like so:
public void MyServiceMethod()
{
var opContext = OperationContext.Current;
var requestContext = opContext.RequestContext;
var headers = requestContext.RequestMessage.Headers;
int headerIndex = headers.FindHeader("ClientIdentification", "");
var clientString = headers.GetHeader<string>(headerIndex);
if clientString=="ASP_Client"
{
// ...
}
else
{
// ...
}
}