如何通过引荐来源限制对WCF服务的访问?
[英]How to limit access to a WCF service, by referer?
问题描述
I have a service that I access from jQuery on a page, it looks like this: 
我有一个可从页面上的jQuery访问的服务,它看起来像这样:
[ServiceContract(Namespace = "")]
[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
public class FacadeService
{
ServiceHelper serviceHelper = new ServiceHelper();
[OperationContract]
[WebGet(ResponseFormat=WebMessageFormat.Json)]
public String GetAllProducts()
{
Uri uri = new Uri("http://localhost:12345/api/Products");
return serviceHelper.SubmitGetRequestToService(uri);
}
}
That's great, but anyone can now open a browser and hit this service. 很好,但是现在任何人都可以打开浏览器并点击此服务。 I want only the local website to be able to access this service. 我只希望本地网站能够访问此服务。 Is there any built-in way to do this or must I devise some clever scheme to keep out the riff-raff? 是否有任何内置方法可以执行此操作,或者我必须设计一些巧妙的方案来阻止即兴演奏组?
1 个解决方案
解决方案1
0 2013-04-17 02:27:58
If you are hosted your servin on IIS, probably the simplest way will be to limit service url access via IIS tools. 如果您将servin托管在IIS上,则最简单的方法可能是通过IIS工具限制服务url访问。
If you have do it with wcf service itself, you can add your behavior for ip filtering, see this and this posts for example. 如果你有一个WCF服务本身做,你可以添加你的行为对IP过滤,看到这个和这个职位的例子。
But I still think it'll be easier to accomplish it via standard IIS tools. 但是我仍然认为通过标准的IIS工具来完成它会更容易。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.