I have a WCF service that provides access to some data. Our client asked to limit this service so that this user can only make so many calls during a certain period of time. My thinking was to set a request speed limit and temporarily ban this IP address after exceeding this limit.
However, there seems to be only one way to get the IP address of the caller using WCF:
var context = OperationContext.Current;
var props = context.IncomingMessageProperties;
var endpoint = props[RemoteEndpointMessageProperty.Name];
return ((RemoteEndpointMessageProperty)endpoint).Address;
This is not at all useful to me because RemoteEndpointMessageProperty is set using the Request.UserHostAddress property for the HttpContext under which it is executed. This will usually be fine, except that our web services are sitting at the load balancer, which causes Request.UserHostAddress to always show the load balancer's IP, not the original caller.
I know about using X-Forwarded-For and the like, and actually already configured on our load balancer, but it doesn't seem to me that I cannot connect to the HTTP request to access the headers, setting up the WCF service to work in ASP.NET compatibility mode. Is this REALLY my only option?
Chris source
share