Every MOSS Developer knows how to access the exposed web services of MOSS.
http://servername/_vti_bin/Lists.asmx ...
This would open up the entire webservice and available methods in that.
In order to restrict that we can add an entry in web.config file of that Site Collections web application.
Add the following block
<location path="_vti_bin">
<system.web>
<authorization>
<allow users="mossserver\Myuser" />
<deny users="*" />
</authorization>
</system.web>
</location>
Its blocked!! Right?
*** But beware, you cannot open the Site in SharePoint designer if you block webservices for all users. So please allow atleast one account for accessing webservices.**
1 comment:
Crucial information
Post a Comment