We looked at the logs and found all those entries are updated by one user name. The log also shows the is should caused by the web service call.
02/09/2012 11:46:29.07 w3wp.exe (0x3A90) 0x111C SharePoint Foundation Logging Correlation Data xmnv Medium Name=Request (POST:http://serverURL:80/ourSIte/_vti_bin/lists.asmx) 2ae0784f-bd97-4098-9e15-d147a8b11ed4
Since any SharePoint users who have the permission could use web service calls and hit SharePoint server programmatically, we are concerned of DOA (Deny Of Access) and performance. We would like to have the capability to disable the SharePoint web service on the site level for external users besides SharePoint internal calls.
I did some search and found two possible ways that might block the web services on WebApp level. However, one option will block any of the web services, SOAP, WebDav, SharePoint Designer. Another option will require Front server and TMG.
Is there any way we could do only block the Web services calls for external programs but open to WebDav and SharePoint Designer on site level?
I tried to access the admin web service (http://servername/SIteURL/_vti_admin/admin.asmx) and got the following error. Is there anything we could do similar to other web services through global security group access?
I tried to access the admin web service (http://servername/SIteURL/_vti_admin/admin.asmx) and got the following error. Is there anything we could do similar to other web services through global security group access?
Thanks.
No comments:
Post a Comment