info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Hiding the WebService page
13 views
Skip to first unread message
alexttp
Mar 30, 2004, 7:33:11 AM3/30/04
to
I wonder if there's any way to prevent my WebService's page from being
shown (e.g. by browsing it from the IIS console).
All I need is that my application (WebService's client) will be able
to invoke its webmethods, but in the same time I would like to prevent
anyone's seeing the API provided by the WebService.
I mean, sure, entering its address with "?wsdl" will expose the whole
thing, but it's a bit more effort (and knowledge) for malicious
factors than just right clicking the file in IIS console and selecting
"Browse"...
shown (e.g. by browsing it from the IIS console).
All I need is that my application (WebService's client) will be able
to invoke its webmethods, but in the same time I would like to prevent
anyone's seeing the API provided by the WebService.
I mean, sure, entering its address with "?wsdl" will expose the whole
thing, but it's a bit more effort (and knowledge) for malicious
factors than just right clicking the file in IIS console and selecting
"Browse"...
Raghu
Mar 30, 2004, 12:09:02 PM3/30/04
to
1) Turn off wsdl generation with wsdlHelpGenerator element in the
web.config.
2) Since wsdlHelpGenerator element points to aspx page that contains
references to all exposed wsdl files, if any one navigates to asmx page,
they will be automatically redirected to aspx page. These references can be
point to either static files (http://localhost/services/myservice.wsdl) or
dynamic content (http://localhost/services/myservice.asmx?wsdl)
3) Just DONT include your secret wsdl page reference on aspx file. But it is
still available to those who knows how to get it.
web.config.
2) Since wsdlHelpGenerator element points to aspx page that contains
references to all exposed wsdl files, if any one navigates to asmx page,
they will be automatically redirected to aspx page. These references can be
point to either static files (http://localhost/services/myservice.wsdl) or
dynamic content (http://localhost/services/myservice.asmx?wsdl)
3) Just DONT include your secret wsdl page reference on aspx file. But it is
still available to those who knows how to get it.
"alexttp" <ale...@bigfoot.com> wrote in message
news:b0c9c4d3.04033...@posting.google.com...
Jan Tielens
Apr 1, 2004, 12:02:36 AM4/1/04
to
You may want to read:
http://weblogs.asp.net/jan/archive/2004/01/29/64291.aspx
http://weblogs.asp.net/jan/archive/2004/01/29/64291.aspx
--
Greetz,
Jan
________________________
Read my weblog: http://weblogs.asp.net/jan
"Raghu" <Ra...@nospamzzzqcsi.com> schreef in bericht
news:ebJX0mnF...@tk2msftngp13.phx.gbl...
0 new messages