I have:
WCF services hosted in Windows service on my Azure virtual machine.
ASP MVC web app hosted in Azure App service which connects to my WCF services.
How can I make WCF services accessible only by ASP MVC app? In other words: only ASP MVC app is allowed to consume my WCF services.
Sorry for not having any code examples but WCF security is a very big topic and most examples I found cover only Windows domain WCF authorization. Nothing specific to my case.
Many thanks
I found a workaround to my problem.
In WCF proxy class derived from ClientBase<T> I overrode base constructor with user credentials in PC where my WCF services are running.
base.ClientCredentials.Windows.ClientCredential.UserName = "localhost\\myUsername";
base.ClientCredentials.Windows.ClientCredential.Password = "myPassword";
in WCF service app.config:
<security mode="Transport">
<message clientCredentialType="Windows" />
</security>
So now my services require credentials from any consumer.
