If you have been working with ASP.NET web services, you might have noticed that on your local or development server, the web service exposes its methods via several ways (HTTP SOAP, HTTP Get, HTTP Post). Moreover, for those methods that accept parameters, the page displays HTTP Post form, which allows you to quickly test the web service.
However, when you deploy the web service, the only available methods for calling it is HTTP Soap. What if you need to allow HTTP Get and Post calls?
It turns out to be quite easy. Moreover, you can enable/disable protocols for a whole machine or for specific webservices. However, please keep in mind that enabling GET and POST protocols adds security risks. At least that's what Microsoft says. Technically, I don't think there is a considerable risk associated with enabling Post calls. Anyway, if you don't really need POST calls, then it's better to keep it disabled.
So, how do we do that anyway? Glad you asked. Look at the configurations below.
To enable HTTP GET and HTTP POST protocols for the whole machine:
Open the Machine.config file in a text editor. This file as rule lives in the \Config subdirectory of the installation root.
Add the following configuration between and tags.
<webServices>Save Machine.config.
<protocols>
<add name="HttpSoap"/>
<add name="HttpPost"/>
<add name="HttpGet"/>
<add name="Documentation"/>
<add name="HttpPostLocalhost"/>
</protocols>
</webServices>
This configuration change takes effect on the next request to a Web service hosted on that machine.
To enable support for a protocol for an individual Web application:
Open the Web.config file in the root directory of the Web application in a text editor.
Add the following configuration between and tags.
<webServices>Save Web.config.
<protocols>
<add name="HttpSoap"/>
<add name="HttpPost"/>
<add name="HttpGet"/>
<add name="Documentation"/>
<add name="HttpPostLocalhost"/>
</protocols>
</webServices>
This configuration change takes effect on the next request to a Web service hosted by the Web application.