Can I configure an IP filter for the WCF service?

Question

Can I configure an IP filter for the WCF service?

I am modifying my WCF API to include a new service that should only be available for internal IP addresses. All services in my API are available in SOAP, POX and JSON. I am looking for behavior or something that allows me to implement a simple IP address filter, process requests from an internal IP address and deny everything else. I would like it to work in the configuration, because all other API services must remain available on the Internet. I did some search queries, but cannot find anything like that built in to WCF. Did I miss something?

+4

security wcf wcf-security

Steve Apr 6 '09 at 15:35

source share

2 answers

If your service is hosted on IIS, you can do this using IIS for each website (maybe for every application, but I don't know).

0

John saunders Apr 6 '09 at 15:50

source share

Steve · Accepted Answer · 2009-04-29T19:09:32+0000

Well, I understand, and, in my opinion, this is like a stain. I applied the IP Filter system as a service behavior, and then added it to my service in web.config. Here is my new section on web configuration behavior:

<serviceBehaviors> <behavior name="ServiceBehaviour"> <serviceMetadata httpGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="true" /> </behavior> <behavior name="RestrictedServiceBehaviour"> <serviceMetadata httpGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="true" /> <IPFilter filter="172.*.*.* 127.0.0.1" /> </behavior> </serviceBehaviors>

The IPFilter class implements IDispatchMessageInspector to catch the request as soon as possible, check the IP address of the client, and throw an exception if it does not match the filter. If anyone is interested, I can post my code.

Can I configure an IP filter for the WCF service?

More articles: