Restrict Web App to IP address or DNS name
Question
Here is the situation:
We have an application "A" to which our customer login. After successful logging in, they can see a link to web application "B".
Web application B is an ASP.Net application hosted on IIS 7. What is the best way using programming to make application B accessible only when users come through the website "A".
2 answers
solution1
1 ACCPTED 2014-04-12 17:17:09
You're pretty much doing some kind of "3rd party authentication" scheme, not unlike "Google/Facebook, etc." sign-in. SO does same - I "login" to SO via Google Sign in...
So depending on how your "protocols" are defined with Site A , which you have stated isn't under your control but since there is some trust you seem to require and cede to it, then I would think there is "some" protocol in place.
Barring that, or if you are in search of some protocol between Sites A and B, and depending on just how secure you need things to be, then it may just boil down to implementing similar schemes - eg token, http headers, etc.
Trivial example:
- link from Site A : http://www.GoToSiteB.com/?token=unique_token_you_need_to_verify
solution2
0 2014-04-12 14:43:03
You could use:
Request.UrlReferrer.ToString();
It is not entirely trusted, but depending on the level of your user, you could do worse.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.