Identifying WCF Client ID

Question

I have a WCF web service that exposes several business methods. I also have two clients - an asp.net GUI and a data migration application that both connect to the wcf backen

Answer 1

In order to identify the type of caller (ASP.NET vs. WInforms or whatever), you probably need to add a custom header to your WCF messages - there's no way the service can know anything about the calling client unless it's part of the message or the headers sent. For this, your best bet is to write a WCF Message Inspector - and this blog post here will show you how to do this.

As for security - depends on your environment. In a corporate LAN behind a firewall - use the Windows credentials. If you're "outside facing", your best bet would be to install digital certificates on the clients to verify their identity.

WCF Guru Juval Löwy has a really good article on MSDN Magazine, Declarative WCF Security, that describes five common security scenarios in WCF and how to implement them. Highly recommended reading.