If there's only a few users (sounds like it) you have a few options:
-write a forms provider that uses ssl certs for authentication
-set up the publishing half on a different IP/url through ISA
-use ISA to block ALL login/webservice/etc urls for the public one.
On Mon, Mar 30, 2009 at 10:22 PM,
I agree, We're using ISA here to block users from being able to hit
those webservices direct.
From: ozmoss@ozmoss.com [mailto:ozm...@ozmoss.com] On Behalf Of Bill
Williamson
Sent: Monday, 30 March 2009 10:47 PM
To: ozmoss@ozmoss.com
Subject: Re: Sharepoint
You can also write a http handler to track requests to the web services and
allow only on certain conditions. But that would be an overkill, and would
hamper overall performance. Doing it on the hardware\firewall side of things
makes more sense.
From: ozmoss@ozmoss.com
Thanks guys,
lots of good ideas thrown here and I appreciate all your help. I apologise
if I appear to be complete newbie in this because I am :).
What we are thinking of doing currently is to block public access to
Sharepoint web service, create our own web service that lives on the same
server