Share via

<deny> Element

  • Article

Specifies which clients are explicitly denied access to a Web service.

<microsoft.web.services2> Element
  <messaging> Element
    <transports> Element
      <add> Element for <transports>
        <hosts> Element

<hosts default="allow|deny">
  <deny>
    list of host names | IP addresses | IP address masks | all
  </deny>
</hosts>

Attributes and Elements

Attributes

None

Child Elements

None

Parent Elements

Element Description

<hosts> Element

Specifies which clients are allowed or denied access to a Web service.

Text Value

A text value is required. A list of clients that are explicitly denied access to a Web service. The clients can be specified as a list separated by forward slashes ("/") of host names, IP addresses, IP address masks, and/or the keyword all, which means that all clients are denied access to the Web service.

Remarks

Before adding the <deny> element to a configuration file, you must add the microsoft.web.services2 configuration section handler to the configuration file. For details about adding the microsoft.web.services2 configuration section handler, see <section> Element (WSE for Microsoft .NET).

WSE uses the following rules to determine whether a client is allowed or denied access. If the value of the default attribute of the <hosts> element is set to allow, then all are allowed access unless there is a listing in the <deny> element that is not overridden by a listing in the <allow> element. If the value of the default attribute of the <hosts> element is set to deny, then all are denied unless there is a listing in the <allow> element that is not overridden by a listing in the <deny> element. In either case, if the result is that the client should be denied access, then the incoming connection is immediately closed and no data is processed from it.

Example

The following code example specifies that all hosts are allowed access to a Web service except those with IP addresses starting with 192.168.1 and 10.10.100 with the exception of 192.168.1.1.

<configuration>
  <microsoft.web.services2>
    <messaging>
      <transports>
        <add scheme="soap.tcp">
          <hosts default="allow">
            <allow>192.168.1.1</allow>
            <deny>192.168.1.0/24 10.10.100.0/24</deny>
          </hosts>
        </add>
      </transports>
    </messaging>
  </microsoft.web.services2>
</configuration>

See Also

Reference

<transports> Element
<add> Element for <transports>
<hosts> Element