Hi,
I'm having a web service witch I want to use on several domains. However, I want to limit the sites (domains) that can access my web service.
For example, I want a request made by a page in site www.Site-A.com will execute and a request from www.Site-B.com to deny.
Is there a way to do it with ASP.NET / IIS?
You can check the IP address of the remote user and act accordingly. You can use the Referer header of the request, too, but that can be spoofed.
If I understand your question correctly you have a web content that may be referenced by other pages outside of your domain. Those pages will have been loaded into a browser then requests from references in those pages will attempt to get content from your site. Does that describe your scenario?
If so then the only chance you have to acheive this is to require that the requests be delivered with a referer header (which is normal but some browsers allow the user to suppress it). You can then examine the content of the referer header in your code to test whether you want to continue with the request.
You can examine the referer with this code:-
var referer = new Uri(Request.ServerVariables("HTTP_REFERER"));
if (referer.Host.ToLower() == "www.site-a.com")
//Allow access
Caveat
This technique can only be used informally, there is no way to authenticate the referer header so anyone can spoof it using fairly simple tools.