Need to use secure protocol for silverlight client

I wrote some开发者_开发问答 WCF application - ( using IIS 7 ). The client that connect to this service was develop by me in silverlight.

I want to be able to give only the client that i wrote the ability to access the service and use it => if some other client will try to access the the service ( without user name + password ) the service will ignore him.

How can i do it ?

Thanks for any help.

---

The problem is that current feature set in Silverlight is limited so the way to go is either Windows authentication which doesn't work over internet:

<bindings>
  <binding name="authenticatedBinding">
    <security mode="TransportCredentialOnly"> <!-- or Transport in case of HTTPS -->
      <transport clientCredentialType="Windows" />
    </security>
  </binding>
</bindings>

Basic authentication which when handled validates user name and password as Windows accounts (here is some article about forcing basic authentication to validate against custom credential store):

<bindings>
  <binding name="authenticatedBinding">
    <security mode="TransportCredentialOnly"> <!-- or Transport in case of HTTPS -->
      <transport clientCredentialType="Basic" />
    </security>
  </binding>
</bindings>

or UserName token which can be validated either by custom password validator or by membership provider. The disadvantage is that Silverlight supports this only over HTTPS:

<bindings>
  <binding name="authenticatedBinding">
    <security mode="TransportWithMessageCredential"> 
      <transport clientCredentialType="None" />
      <message clientCredentialType="UserName" />
    </security>
  </binding>
</bindings>

In other words: If you need secure protocol the only choice if HTTPS. If you need just authenticate client over HTTP and you have no problem with passing user name and password as the plain text you can try Basic authentication with custom credential store. Any other case requires you to build your own custom solution.