I tend to put basic auth on the soap monitor using acegi - a security framework that requires spring, but doesn't need any axis2 / spring integration. If you decide to go that route I can help you implement it as its pretty easy once you know how to do it.
Robert On 6/20/07, Gul Onural <[EMAIL PROTECTED]> wrote:
Hi, I noticed that the SOAPMonitor is not protected with userId/password. If somebody knows the url of the service, he can then launch the SOAPMonitor and see the messages coming back and forth. Is there a way to password protect the SOAPMonitor, or we just have to take it out from our production system? Gul
