Why WebService Access Denied

Discussion in 'ASP .Net' started by ad, Mar 17, 2006.

  1. ad

    ad Guest

    ad, Mar 17, 2006
    #1
    1. Advertising

  2. Most likely Windows 2003 (Not sure about XP SPs; they may do the same). Open
    the machine.config file ...

    Look for:
    <webServices>
    <protocols>
    <add name="HttpSoap1.2" />
    <add name="HttpSoap" />
    <!-- <add name="HttpPost" /> -->
    <!-- <add name="HttpGet" /> -->
    <add name="HttpPostLocalhost" />
    <add name="Documentation" />
    </protocols>
    <soapExtensionTypes>
    </soapExtensionTypes>
    <soapExtensionReflectorTypes>
    </soapExtensionReflectorTypes>
    <soapExtensionImporterTypes>
    </soapExtensionImporterTypes>
    <wsdlHelpGenerator href="DefaultWsdlHelpGenerator.aspx" />
    <serviceDescriptionFormatExtensionTypes>
    </serviceDescriptionFormatExtensionTypes>
    </webServices>

    And change to:

    <webServices>
    <protocols>
    <add name="HttpSoap1.2" />
    <add name="HttpSoap" />
    <add name="HttpPost" />
    <add name="HttpGet" />
    <add name="HttpPostLocalhost" />
    <add name="Documentation" />
    </protocols>
    <soapExtensionTypes>
    </soapExtensionTypes>
    <soapExtensionReflectorTypes>
    </soapExtensionReflectorTypes>
    <soapExtensionImporterTypes>
    </soapExtensionImporterTypes>
    <wsdlHelpGenerator href="DefaultWsdlHelpGenerator.aspx" />
    <serviceDescriptionFormatExtensionTypes>
    </serviceDescriptionFormatExtensionTypes>
    </webServices>

    NOTE: This is not wise on a production environment that is not externally
    exposed to partners. Hiding the web services from non-soap calls leaves the
    box harder to poke at. At default setting, a person cannot get the WSDL
    through a POST or GET or test the web service. This is the reason the
    settings changed for 1.1 under Windows 2003.

    --
    Gregory A. Beamer
    MVP; MCP: +I, SE, SD, DBA

    ***************************
    Think Outside the Box!
    ***************************


    "ad" wrote:

    > I have a virtual which is a web service.
    > When I use the IP to get the web service, it return a access denied message:
    > http://xxx.xxx.xxx.xxx/HealthService/Service.asmx
    >
    > but if I use local host, it is ok
    > http://localhost/HealthService/Service.asmx
    >
    > I have set the virtual directory to allow anonymous. Why it still can't be
    > accessed?
    >
    >
    >
     
    =?Utf-8?B?Q293Ym95IChHcmVnb3J5IEEuIEJlYW1lcikgLSBN, Mar 17, 2006
    #2
    1. Advertising

  3. ad

    ad Guest

    Thanks,
    I am using dotNetFramework 2.0
    I can't not find the <webServices> in the machine.config of dotNetFramework
    2.0, it just in dotNetFramework 1.1

    I trid copy the section to the machine.config of dotNetFramework 2.0, the
    system ask me to change HttpSoap1.2 to HttpSoap12, and I did, but it also
    access denied when access with IP.



    "Cowboy (Gregory A. Beamer) - MVP" <> ¼¶¼g©ó¶l¥ó·s»D:...
    > Most likely Windows 2003 (Not sure about XP SPs; they may do the same).
    > Open
    > the machine.config file ...
    >
    > Look for:
    > <webServices>
    > <protocols>
    > <add name="HttpSoap1.2" />
    > <add name="HttpSoap" />
    > <!-- <add name="HttpPost" /> -->
    > <!-- <add name="HttpGet" /> -->
    > <add name="HttpPostLocalhost" />
    > <add name="Documentation" />
    > </protocols>
    > <soapExtensionTypes>
    > </soapExtensionTypes>
    > <soapExtensionReflectorTypes>
    > </soapExtensionReflectorTypes>
    > <soapExtensionImporterTypes>
    > </soapExtensionImporterTypes>
    > <wsdlHelpGenerator href="DefaultWsdlHelpGenerator.aspx" />
    > <serviceDescriptionFormatExtensionTypes>
    > </serviceDescriptionFormatExtensionTypes>
    > </webServices>
    >
    > And change to:
    >
    > <webServices>
    > <protocols>
    > <add name="HttpSoap1.2" />
    > <add name="HttpSoap" />
    > <add name="HttpPost" />
    > <add name="HttpGet" />
    > <add name="HttpPostLocalhost" />
    > <add name="Documentation" />
    > </protocols>
    > <soapExtensionTypes>
    > </soapExtensionTypes>
    > <soapExtensionReflectorTypes>
    > </soapExtensionReflectorTypes>
    > <soapExtensionImporterTypes>
    > </soapExtensionImporterTypes>
    > <wsdlHelpGenerator href="DefaultWsdlHelpGenerator.aspx" />
    > <serviceDescriptionFormatExtensionTypes>
    > </serviceDescriptionFormatExtensionTypes>
    > </webServices>
    >
    > NOTE: This is not wise on a production environment that is not externally
    > exposed to partners. Hiding the web services from non-soap calls leaves
    > the
    > box harder to poke at. At default setting, a person cannot get the WSDL
    > through a POST or GET or test the web service. This is the reason the
    > settings changed for 1.1 under Windows 2003.
    >
    > --
    > Gregory A. Beamer
    > MVP; MCP: +I, SE, SD, DBA
    >
    > ***************************
    > Think Outside the Box!
    > ***************************
    >
    >
    > "ad" wrote:
    >
    >> I have a virtual which is a web service.
    >> When I use the IP to get the web service, it return a access denied
    >> message:
    >> http://xxx.xxx.xxx.xxx/HealthService/Service.asmx
    >>
    >> but if I use local host, it is ok
    >> http://localhost/HealthService/Service.asmx
    >>
    >> I have set the virtual directory to allow anonymous. Why it still can't
    >> be
    >> accessed?
    >>
    >>
    >>
     
    ad, Mar 17, 2006
    #3
  4. ad

    shijobaby

    Joined:
    Dec 15, 2009
    Messages:
    7
    If your web service anonymous authentication is


    turned off you must enable that

    Otherwise you have to pass username and password
     
    shijobaby, Feb 6, 2010
    #4
  5. ad

    shijobaby

    Joined:
    Dec 15, 2009
    Messages:
    7
    If your web service anonymous authentication is


    turned off you must enable that

    Otherwise you have to pass username and password
     
    shijobaby, Feb 6, 2010
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jéjé
    Replies:
    1
    Views:
    500
    JiangZemin
    Feb 18, 2004
  2. Mr. SweatyFinger

    why why why why why

    Mr. SweatyFinger, Nov 28, 2006, in forum: ASP .Net
    Replies:
    4
    Views:
    919
    Mark Rae
    Dec 21, 2006
  3. Mr. SweatyFinger
    Replies:
    2
    Views:
    2,071
    Smokey Grindel
    Dec 2, 2006
  4. BOM

    WebService :Access Denied

    BOM, Sep 3, 2003, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    112
  5. BOM

    WebService :Access Denied

    BOM, Sep 3, 2003, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    118
Loading...

Share This Page