Hi All,
I'm wondering if there is any solution to simply denying any request that doesnt adhere to the defined combination of the defined Resources and Request Verb.
Solutions I had in mind;
But I hope there is a better solution. Thanks in advance!
-Guy
Solved! Go to Solution.
I don't think this will be difficult. Set wildcards to handle your OData bits, and use a catchall flow at the end of the proxy endpoint.. See below.
<ProxyEndpoint name="default"> <Description/> <PreFlow name="PreFlow"> <Request/> <Response/> </PreFlow> <Flows> <Flow name="Get item"> <Description/> <Request> <Step> <FaultRules/> <Name>ExtractId</Name> </Step> </Request> <Response/> <Condition>(proxy.pathsuffix MatchesPath "/{id}") and (request.verb = "GET")</Condition> </Flow> <Flow name="Get sub-item"> <Description/> <Request> <Step> <FaultRules/> <Name>ExtractId</Name> </Step> </Request> <Response> <Step> <FaultRules/> <Name>jsonPath</Name> </Step> </Response> <Condition>(proxy.pathsuffix MatchesPath "/{id}/**") and (request.verb = "GET")</Condition> </Flow> <Flow name="unhandled request"> <Description/> <Request> <Step> <FaultRules/> <Name>404</Name> </Step> </Request> <Response/> </Flow> </Flows> <PostFlow name="PostFlow"> <Request/> <Response/> </PostFlow>
Typically we recommend you have defined Flow definitions for each resource and verb supported in the default.xml. If that is the case, the last Flow step triggers a RaiseFault as in the example below:
<Flow name="Default"> <Description>Catch any other access and throw a 404 Fault</Description> <Request> <Step> <Name>raiseUnknownResource</Name> </Step> </Request> <Response/> </Flow>
The raiseUnknownResource is defined as follows:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <RaiseFault async="false" continueOnError="false" enabled="true" name="raiseUnknownResource"> <DisplayName>raiseUnknownResource</DisplayName> <FaultResponse> <Set> <StatusCode>404</StatusCode> <ReasonPhrase>Resource not found.</ReasonPhrase> </Set> </FaultResponse> <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables> </RaiseFault>
Flows are evaluated top to bottom in a proxy or target definition. One and only one Flow is executed for each request.
I don't think this will be difficult. Set wildcards to handle your OData bits, and use a catchall flow at the end of the proxy endpoint.. See below.
<ProxyEndpoint name="default"> <Description/> <PreFlow name="PreFlow"> <Request/> <Response/> </PreFlow> <Flows> <Flow name="Get item"> <Description/> <Request> <Step> <FaultRules/> <Name>ExtractId</Name> </Step> </Request> <Response/> <Condition>(proxy.pathsuffix MatchesPath "/{id}") and (request.verb = "GET")</Condition> </Flow> <Flow name="Get sub-item"> <Description/> <Request> <Step> <FaultRules/> <Name>ExtractId</Name> </Step> </Request> <Response> <Step> <FaultRules/> <Name>jsonPath</Name> </Step> </Response> <Condition>(proxy.pathsuffix MatchesPath "/{id}/**") and (request.verb = "GET")</Condition> </Flow> <Flow name="unhandled request"> <Description/> <Request> <Step> <FaultRules/> <Name>404</Name> </Step> </Request> <Response/> </Flow> </Flows> <PostFlow name="PostFlow"> <Request/> <Response/> </PostFlow>
User | Count |
---|---|
2 | |
2 | |
1 | |
1 | |
1 |