Re: Securing the ASMX File
- From: "John Saunders [MVP]" <john.saunders at trizetto.com>
- Date: Wed, 11 Jul 2007 22:48:11 -0400
"MrFile" <MrFile@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:4C2DA125-C6F1-4C86-AEC9-3252EF2DD874@xxxxxxxxxxxxxxxx
I am using WSE 3.0 around my ASP.NET 2.0 application. I enabled it so that i
can pass an authorization username token, which works well as its shown in
various samples.
My problem: i can sitll simply avoid calling the web service and use the web
browser to hit the ASMX file and execute all the basic methods to get the
return data. How can i prevent this? i want total security around my service
not just for references made by other .net application clients.
In the web.config file, inside of the <configuration> element, add the following:
<system.web>
<webServices>
<protocols>
<remove name="Documentation"></remove>
<remove name="HttpGet"></remove>
<remove name="HttpPost"></remove>
</protocols>
</webServices>
</system.web>
--
John Saunders [MVP]
.
- Prev by Date: RE: WSE 3.0 errors in event log (may be MTOM related): The value may not be accessed in message stage 0.
- Next by Date: SaishKumar.T Deploying of Webservice
- Previous by thread: RE: WSE 3.0 errors in event log (may be MTOM related): The value may not be accessed in message stage 0.
- Next by thread: SaishKumar.T Deploying of Webservice
- Index(es):
