TruMan1
Reputation: 36098
How do I secure ASP.NET web service to only allow relative path calling?
I have ASMX services for my web application that I would only like available to the same application.
Is there a way for the web service to only be accessible by the same application, such as relative/absolute path restrictions?
Upvotes: 1
Views: 740
Answers (3)
John Saunders
Reputation: 161783
Web services can be called by all sorts of code, not just code that's part of a web site. So, in general, there is no "calling URL".
Upvotes: 0
Andy White
Reputation: 88365
The easiest route would be to just not use a web service. If you're calling from the same application, you can probably just pull your logic into a separate class, and call it directly in your code, not via web service.
Upvotes: 4
Joel Martinez
Reputation: 47759
Two ways to do this:
- Have the web services hosted on a different box. The main web box is on a publicly accessible IP (ie. in the DMZ), while the web service box is only accessible to the internal network.
- You might be able to do this with sufficient networking gymnastics. For example, host the web services on the same box but a different IP, and have the firewall block any outside calls to that IP.
Upvotes: 1
Related Questions
- How to protect a webservice in .NET from outer world except a single application?
- Preventing getting to other URL of web service
- How to secure Web services in ASMX file?
- How can I make sure a url provided by the user is not a local path?
- web service security in asp.net
- Protect .net Web Service URL
- ASP.NET WebService deny remote access
- How to make web services secure in asp.net both the asmx and on WCF
- Limiting access to web service
- Securing ASP.NET Web Service