I’m trying to restrict access to a service so it can only be called via a MQ, not HTTP. I’ve decorated the Request DTO with
[Restrict(RequestAttributes.MessageQueue)] to try to achieve this but it doesn’t prevent HTTP access.
Having had a browse around the source code I found the
ToAllowedFlagsSet method and found that:
RequestAttributes.MessageQueue.ToAllowedFlagsSet() has a value of
MessageQueue | Any
I believe this is because
RequestAttributes.Any doesn’t include
If this is not a bug, is there a different way of preventing HTTP access to a service.