Hi Robert,
I don't know anything about one-way transactions (it sounds similar to
putting a message onto an asynchronous queue), but I'm curious why you
don't want to return a response from your web service... even if the
response says "I got your message and I'm going to process it later". It
seems easier to change your webservice than to fix the people problem.
Bill
Robert Bateman wrote:
>Hello everyone!
>
>I'm currently in a tug-of-war with the folks over in our network
>"security" department over a web service I'm attempting to deploy.
>
>My web service is a one-way transaction.
>
>The security folks are complaining because they are seeing HTTP 202
>ACCEPTANCE messages in their network logs without any associated HTTP
>200 OK message. They insist that my web service is broken because it
>doesn't notify the client via a HTTP 200 message that processing is
>complete.
>
>The person I'm in a tug-of-war with has gone so far as to "convince" our
>IT Director that my web service is broken and shouldn't be allowed to be
>deployed. the "security" person insists my web service is leaving
>things open and is a very large security risk. I've shown my management
>all of the documentation about HTTP 202 messages that I can find - none
>of which indicates my web service is truly broken.
>
>Is my Web Service truly broken? I've replaced my web service with a
>simple stub that does nothing more than return - and my result from Axis
>is a HTTP 202 message of zero length.
>
>Is it possible to replace the 202 message with a 200 message to get the
>Network Security people off my back?
>
>
>Thanks in advance!
>
>Bob
>
>
>
>
>
