I have one website that hosts a webservice which uses membership provider authorization. I would like to be able t开发者_JS百科o authenticate through my webservice call from a second site without getting bounced back to my login page on the webservice site. How can I accomplish this?
As a side note, it would be best for me to allow a custom rule for specific hosts accessing the site. So if the request is coming from www.mysite.com, it would override the authorization.
You may use a <location/> tag in your web.config to open a specific directory or file up.
I don't believe there is an intrinsic method of access control by host.
A very simple way to do this would be by implementing a simple HttpModule that guards the endpoint or directory.
using System;
using System.Net;
using System.Web;
namespace HttpLibArticleSite
{
public class GuardDogModule : IHttpModule
{
#region IHttpModule Members
public void Init(HttpApplication context)
{
context.BeginRequest += BeginRequest;
}
public void Dispose()
{
//noop
}
#endregion
private static void BeginRequest(object sender, EventArgs e)
{
HttpContext ctx = (HttpContext) sender;
if (ctx.Request.Url is not guarded) return;
if (ctx.Request.Headers["take your pick"] != what
you want)
{
ctx.Response.StatusCode = (int) HttpStatusCode.Forbidden;
ctx.Response.End();
}
}
}
}
not complied, obviously, and not tested but will get you where you need to go. Just refer to the web.config system.web/httpModules section to see how to deploy.
Cheers.
You would have to place a web.config file inside the directory of your webservice and allow anonymous access to it. Or you could make it Windows Authentication only and use impersonation to authorize the call.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论