Different Consumers - Restrict Operation Access

Topics: Service Factory Modeling Edition Forum
Jun 11, 2009 at 5:03 PM

I have the following situatuation:

Three different consumers of the Web Service Operations: Supplier, Customer, and InternalUser.

I have three different Operations: SupplierOperation(), CustomerOperation(), and CommonOperation(). All Operations share the same Data Contract Model.

The Consumer "Supplier" should only be able to see/use Operations SupplierOperation() and CommonOperation().

The Consumer "Customer"should only be able to see/use Operations CustomerOperation(), and CommonOperation().

The Consumer "InternalUser" can see/use all Operations SupplierOperation(), CustomerOperation(), and CommonOperation().

The question is how do I model this? Is it mulltiple ServiceContracts? Multiple EndPoints? Is it possible to do this using Modeling Edition?

Developer
Jun 11, 2009 at 8:57 PM

I would use muliple service contracts (3 different SC models) that may reuse the same DC. When using code generations from the models, you may end up with three implementation classes and three endpoints. For that matters, you can generate the client proxies with the VS menu option (Add service reference) because of a bug in WSSF recipe for multiple endpoints.

Regards,

Hernan

Jul 29, 2009 at 2:54 PM

Upon further research it seems the answer to my question is really about: Authorization In WCF-Based Services

The October 2008 issue of MSDN Magazine has a good article in "Service Sation" column called:"Authorization In WCF-Based Services"

Windows Communication Foundation (WCF) provides powerful facilities for implementing authorization in services. You have the choice between an easy-to-use, role-based system as well as a more powerful, but more complex, claims-based API. The article compares both systems and shows how to use them to implement robust service authorization.

http://msdn.microsoft.com/en-us/magazine/cc948343.aspx

 

Developer
Aug 2, 2009 at 1:52 AM

Thanks for the heads up and illustrative article.