Have you looked into Rampart? http://ws.apache.org/axis2/modules/rampart/1_2/security-module.html
M-- This email message and any files transmitted with it contain confidential information intended only for the person(s) to whom this email message is addressed. If you have received this email message in error, please notify the sender immediately by telephone or email and destroy the original message without making a copy. Thank you. ----- Original Message ----- From: Gul Onural To: [email protected] Sent: Wednesday, June 20, 2007 7:55 PM Subject: How to password protect access to SOAPMonitor Hi, I noticed that the SOAPMonitor is not protected with userId/password. If somebody knows the url of the service, he can then launch the SOAPMonitor and see the messages coming back and forth. Is there a way to password protect the SOAPMonitor, or we just have to take it out from our production system? Gul
