堆栈内存溢出
  简体   繁体   English

C# 仅从本地主机访问自托管 WCF 登录页面

[英]C# access self-hosted WCF landing page from localhost only

 原文  2020-02-28 14:02:59       c#/ wcf

问题描述

I have a self-hosted WCF service, which is available from all computers of the company.我有一个自托管的 WCF 服务,该服务可从公司的所有计算机上使用。 This has a standard landing page ("You have created a service. To test this service...").这有一个标准的登陆页面(“你已经创建了一个服务。要测试这个服务......”)。 I want to make sure that this landing page and the WSDL links on it are only accessible from the local server, as the information contained there could potentially be a security risk.我想确保此登录页面及其上的 WSDL 链接只能从本地服务器访问,因为其中包含的信息可能存在安全风险。

  1. What is the easiest way to make sure that any URL that is not tied to a service is only accessible from localhost?确保任何未绑定到服务的 URL 只能从本地主机访问的最简单方法是什么?

Please note that I do not want to change the contents of the landing page, as the WSDL links are useful for developers.请注意,我不想更改登录页面的内容,因为 WSDL 链接对开发人员很有用。

I am interested in solutions that involve modifying the app.config or limiting access via code.我对涉及修改 app.config 或通过代码限制访问的解决方案感兴趣。

1 个解决方案

解决方案1
 0  2020-02-28 15:46:11

As far as I know you can't selectively grant access to WSDL/Test WCF pages only by config or code.据我所知,您不能仅通过配置或代码有选择地授予对 WSDL/Test WCF 页面的访问权限。 You can disabled it or not.您可以禁用它或不禁用它。

You could implement some sort of rules at IIS level to prevent access from non local addresses, but would make the question more suitable for Super Admin , probably.您可以在 IIS 级别实施某种规则以防止来自非本地地址的访问,但可能会使问题更适合Super Admin

If WSDL and/or service description pages public are secutiry issue, though, maybe you need to rethink your services security.但是,如果 WSDL 和/或服务描述页面公开是安全问题,也许您需要重新考虑您的服务安全性。 Methods should be secured by authentication/authorization of some sort (usually via tokens).方法应该通过某种身份验证/授权(通常通过令牌)来保护。 If anyone can post to your method and run code without proper authorization, having the interface description public is the last of your problems.如果任何人都可以在未经适当授权的情况下发布到您的方法并运行代码,那么公开接口描述是您的最后一个问题。

PS: if needed for devs, you can generate static versions of WSDLs to be served from user/password protected path. PS:如果开发人员需要,您可以生成静态版本的 WSDL,以从受用户/密码保护的路径提供服务。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何禁用WCF自托管localhost仅限PC的防火墙端口例外窗口的服务升级? - How to disable WCF self-hosted localhost pc only service promotion of firewall port exception window? 自托管 WCF 中的冒充? - Impersonation in self-hosted WCF? 在自托管的c#WCF控制台应用程序中使用web.config(设置MaxStringContentLength服务器端) - Using web.config in a Self-Hosted c# WCF console app (setting MaxStringContentLength server side) 自托管WCF服务:如何从托管应用程序访问实现服务合同的对象? - Self-hosted WCF service: How to access the object(s) implementing the service contract from the hosting application? 从asp.net网站访问本地自托管WCF服务 - access local self-hosted WCF service from asp.net Website 从主机WinForms程序访问自托管WCF服务 - Accessing a Self-Hosted WCF Service From the Host WinForms Program 自托管服务找不到WCF端点错误 - WCF End point not found error from self-hosted service 在 c# 自托管 WFC 服务中迁移到 https - migrate to https in a c# self-hosted WFC service WCF“自托管”应用程序变得无法响应 - WCF “Self-Hosted” application becomes unresponsive 无法与自托管WCF服务通话 - Unable to talk to self-hosted WCF Service
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM