Use web.config ipsecurity to restrict access to a single method
Question
I'm having trouble finding any information about this.
In web.config, is it possible to restrict access to just a single method/endpoint in a .svc/controller ? Or must one restrict access to the entire controller?
For example this works, but restricts access to the entire SVC:
<location path="ManagementService.svc">
<system.webServer>
<security>
<ipSecurity configSource="config\ipFilter.config" />
</security>
</system.webServer>
</location>
If I have two methods in my SVC, and I want one to NOT be filtered, can I instead write something like:
<location path="ManagementService.svc/DeleteUser">
<system.webServer>
<security>
<ipSecurity configSource="config\ipFilter.config" />
</security>
</system.webServer>
</location>
to restrict access only to a single method while leaving the other method reachable?
If the answer is NO it is not possible, what are the best alternatives to achieve this? Just checking IP in the code?
1 answers
solution1
0 2015-07-30 18:17:31
Yes it's possible, but to filter by endpoint, you must use IFFilter at behavior level instead system.webServer, that affect all endpoints.
Remove the security tag from system.WebServer and add at behavior, like this:
<serviceBehaviors>
<behavior name="Filter1">
<IPFilter filter="192.168.*.* 127.0.0.1" />
</behavior>
</serviceBehaviors>
And, off course, you will need to create a different behavior for each endpoint you want to configure.
By method it's also possible, but you will need to implement in code.
Hope it helps.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.