限制对ASMX Web服务的访问
[英]Restricting access to a ASMX Web Service
问题描述
I have a single ASMX web service that has a host of methods that can be called. 
我有一个ASMX Web服务,该服务具有许多可以调用的方法。 However, I'm wanting to restrict certain methods so that the caller either needs to be authenticated in order to be able to call them, or even better can only be called from the local server in which the service is running from. 但是,我想限制某些方法,以便调用方必须经过身份验证才能调用它们,或者甚至更好的方法只能从运行该服务的本地服务器中调用。
Basically those methods needing to be protected will be called by the Microsoft Windows Scheduler on the local server. 基本上,那些需要保护的方法将由本地服务器上的Microsoft Windows Scheduler调用。
Is either option possible, and what is the best and preferred way of achieving this. 这两种选择都是可行的,实现这一目标的最佳和首选方式是什么?
2 个解决方案
解决方案1
1 已采纳 2013-08-01 17:18:47
At the top of the web services you want to protect, you can do something like: 在您要保护的Web服务的顶部,您可以执行以下操作:
if (!Request.IsLocal)
{
Response.StatusCode = 401;
Response.StatusDescription = "Unauthorized";
return null;
}
You could also check if they are authenticated with the IsAuthenticated property. 您还可以检查它们是否通过IsAuthenticated属性进行了身份验证。
解决方案2
0 2013-08-01 12:42:51
Of the two methods you mention, by far the easiest is to restrict access to just the local server. 在您提到的两种方法中,到目前为止,最简单的方法是仅限制对本地服务器的访问。 You can do this through code (as another comment has noted), or by administration of IIS itself. 您可以通过代码(如另一条注释所述)或通过IIS本身的管理来执行此操作。
If you load up the IIS Manager and select the folder that your asmx file is in, you'll see on the right-hand side a section 'IP Address and Domain Restrictions'. 如果您加载IIS管理器并选择asmx文件所在的文件夹,则会在右侧看到“ IP地址和域限制”部分。 Open this up, add a default deny rule, and then an allow rule for 127.0.0.1. 打开此窗口,添加默认的拒绝规则,然后添加127.0.0.1的允许规则。
Be aware that using this method will restrict all services in this folder, so you may need to move this into its own folder if this isn't required or desirable. 请注意,使用此方法将限制此文件夹中的所有服务,因此,如果不需要或不希望使用此方法,则可能需要将其移动到其自己的文件夹中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.