Hi!
In some publications I read that Axis2 supports some kind of service
isolation. I have not found any details on that on the axs2 web pages so I
ask here to get some clearance:
[1] states that service isolations in axis2 means that every service has
its own class loader and that this is very useful if different services
want to use different versions of the same classes. I see the point in
that. I wonder if this is the only consequence of the isolation or if it
has further "security" related aspects: If web service A creates and
object of a class, is it possible for another web service B to access this
object? What I mean with "security" related is: Is it somehow possible to
prevent other services on the same axis instance to get objects and class
variables of classes my service created. I assume that this is not
possible because I can access the ClassLoader of a service via
messageContext.getAxisConfiguration().getAxisService("serviceName").getServiceClassLoader().
So all web services on an axis instance must be trusted in the sense that
none of them will try to get information of the other services?
Thanks for replies on that perhaps stupid question!
Fabian
[1] http://www.developer.com/open/article.php/10930_3589126_2
