问题
I have ASMX services for my web application that I would only like available to the same application.
Is there a way for the web service to only be accessible by the same application, such as relative/absolute path restrictions?
回答1:
The easiest route would be to just not use a web service. If you're calling from the same application, you can probably just pull your logic into a separate class, and call it directly in your code, not via web service.
回答2:
Two ways to do this:
- Have the web services hosted on a different box. The main web box is on a publicly accessible IP (ie. in the DMZ), while the web service box is only accessible to the internal network.
- You might be able to do this with sufficient networking gymnastics. For example, host the web services on the same box but a different IP, and have the firewall block any outside calls to that IP.
回答3:
Web services can be called by all sorts of code, not just code that's part of a web site. So, in general, there is no "calling URL".
来源:https://stackoverflow.com/questions/2866653/how-do-i-secure-asp-net-web-service-to-only-allow-relative-path-calling