URL endpoint advice

Discussion in 'Third-party applications' started by Ceorl64, Apr 28, 2020.

  1. I'm working on a project where I need to provide URL endpoints for another cloud application (Autodesk Forge), and I'm not sure how best to do this. I don't know how to provide proper access to the URL. As a test, I've created a APP Root folder for public access, and edited my web.config file with a MIME statement, thinking that if I can't download the files by openly navigating to them in a browser, then Autodesk wouldn't be able to get to them either. Currently, I can get to the folder, but when clicking the file, I get a 404.3 error.

    What I don't understand is why a .zip file sitting next to it can be found, without a MIME reference in the web.config file. Is that because the MIME statement doesn't play a part in describing the file, or do I have the statement entered wrong? I can fix a bad statement, but is it pointless?

    Second, at some point, I don't want public access to these files. Would that require I provide a signed URL to Autodesk? Or is there an easier way short of going the public route?

    Thank you.
     
  2. Martin Ortega

    Martin Ortega Everleap staff

    It's because we already have the MIME Type for the zip files on our system. So it doesn't need to be declared in the web.config

    What type of file are you trying to use?

    You might be able to use the IP restrictions module to restrict what IP numbers can access the directory. For example you can upload a web.config file with the following settings in place.

    Replace 8.8.8.8 with the real IP number that will be accessing the directory.

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <configuration>
        <system.webServer>
            <security>
                <ipSecurity allowUnlisted="false">
                    <add ipAddress="8.8.8.8" allowed="true" />
                </ipSecurity>
            </security>
        </system.webServer>
    </configuration>
     
  3. I wouldn't know what the IP would be. Would a signed URL work? I've never made one. I keep seeing links on how to do with AWS. Is it possible using Everleap site?
     
  4. If I created a username and password, would providing that info allow them through using a HTTP request?
     
  5. Martin Ortega

    Martin Ortega Everleap staff

    I haven't seen one of our customers every try to use a signed URL on Everleap. But you're welcome to try it.
     
  6. Martin Ortega

    Martin Ortega Everleap staff

    Yes, if you created a site where the person would need to login in order to get a randomlly generated download link. That could also work.
     
  7. I created a separate login and checked all the boxes, but continue to get an upload error to affect that I'm only allowed to use GET or HEAD verbs. I'm I not allowed to use a POST or PUT verb? I'm using Basic Authentication, providing it through Headers and not an open URL string (username:password@whatever.whatever). How long it take for the new login and rights to be seen?
     
  8. Here's the error. Interesting is the comment about a virtual directory.....

    The request sent to the Web server used an HTTP verb that is not allowed by the module configured to handle the request.</li> <li>A request was sent to the server that contained an invalid HTTP verb.</li> <li>The request is for static content and contains an HTTP verb other than GET or HEAD.</li> <li>A request was sent to a virtual directory using the HTTP verb POST and the default document is a static file that does not support HTTP verbs other than GET or HEAD.
     
  9. back to square one. As long as there is no web.config file in a particular folder, it can't be found through a HTTP request, and even then, it only seems to be read-only using a GET verb. Reading up on this, IIS disables dynamic content. See below. My goal with this site is to be able to pass files to and from another service. Is this something you folks are willing to help me with?

    By default, IIS disables dynamic content for security reasons.


    To permit IIS to serve dynamic content, the administrator must unlock this content in the Web service extensions node in IIS Manager. To do this, the administrator must either enable a pre-existing Web service extension or add a new Web service extension.
     
  10. Ray Huang

    Ray Huang Everleap staff

    You can try enabling the verb(s) on the Static File handler, but it might cause unintended side effects.
     
  11. Under the Verbs tab, All verbs is selected. I did notice under my Access tab that Read was selected. Should I set that to Execute?
     
  12. Why is it when I create a new login on Everleap, I can't login using it? I gave the new user all the permissions, and it won't allow me to use it at log in.
     

Share This Page