0

I have two web-servers. One runs a ASP webservice and the other runs a website, where I use javascript to access the webservice.

My problem is, that I don't want to keep the webservice access open for everyone in the www and limit the access to several applications. It shouldn't be allowed to access the webservice from another website.

There is still the probability to allow the access from other websites or apps, which should be considered here.

Do you have any thoughts for approaches to restrict the access to the webservice?

abc
  • 2,285
  • 5
  • 29
  • 64
  • I didn't mean to close this question, but have a look at this one for a possible solution: http://stackoverflow.com/questions/8147804/ip-restriction-for-a-folder-of-a-web-application-in-iis7 – M4N Aug 11 '15 at 21:31
  • @M4N This solution doesn't work for me. As I have written, I access the webservice via javascriptcode from the client. Thus the IP adresses are those from the clients and can not be used as a identifier, where from the service is called... – abc Aug 12 '15 at 05:29

0 Answers0