The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Artima Forums | Articles | Weblogs | Java Answers | News
Sponsored Link

.NET Buzz Forum
Securing your Web Service

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
Merill Fernando

Posts: 589
Nickname: merill
Registered: Sep, 2003

Merill Fernando is an MCSD in .NET and a Microsoft Certfied Trainer
Securing your Web Service Posted: Jan 6, 2005 12:25 PM
Reply to this message Reply

This post originated from an RSS feed registered with .NET Buzz by Merill Fernando.
Original Post: Securing your Web Service
Feed Title: Merill Fernando's Blog
Feed URL: http://www.merill.net/blogxbrowsing.asmx/GetRss?
Feed Description: Merill is a Software Architect at Business Technology Alliance. Merilll is an MCSD in .NET and a Microsoft Certfied Trainer. In this feed he will be regularly posting on the challenges faced when migrating from a Microsoft DNA architecture to Microsoft .NET 		Latest .NET Buzz Posts
Latest .NET Buzz Posts by Merill Fernando
Latest Posts From Merill Fernando's Blog

Advertisement

How do you go about securing your web service when moving it to production? In other words how do you hide the description of web service and the generation of the wsdl when someone browses to the .asmx page or requests for the wsdl using .asmx?wsdl. The fix is quite simple but doesn’t seem to be well documented (this should be one the best practices for web services).

Anyway it’s quite simple to fix. Simply add the following to your web.config file and presto everything is hidden.

<?xmlversion="1.0"encoding="utf-8"?>
<configuration>
<system.web> 
              <!-- 
              HIDE THE DOCUMENTATION FOR THE WEB SERVICE
--> 
              <webServices>         
                     <protocols>           
                           <removename="Documentation"/>          
                     </protocols>     
              </webServices>  
</system.web>
</configuration>

But if you want to remove the error page and instead show your own custom page or need more fancy stuff like allowing the wsdl to be generated in your development but not on production then go check this article on 15seconds.com.

Read: Securing your Web Service

Topic: What's the point of SOA? Previous Topic   Next Topic Topic: [WebCast] The Elixir and Alchemy projects - Outlook Integration with Siebel at Microsoft
Sponsored Links


Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use