But how do I go about limiting access to individual web services? Basically I am interesed in the following two cases:
1. How can I limit the access to the AdminService 2. I want to administer my Web Services so I would they could actually have a broader interface for administrators (let's say through an "admin" method. Is it possible to control the access on a method basis? Thanks. Ram�n. > -----Original Message----- > From: Bryan Field-Elliot [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, April 10, 2002 8:50 PM > To: [EMAIL PROTECTED] > Subject: Re: Hiding access to Admin Servlet > > > This is all contained in "web.xml" (under WEB-INF). web.xml is > Servlet-generic (rather than webserver-specific) and is > well-documented > in the Sun Servlet spec. You can modify web.xml to change the > AdminServlet path, remove it entirely, or add authorization > constraints > to it. > > > > > On Wed, 2002-04-10 at 10:31, Iain Darroch wrote: > > > > Hi, > > > > I've found that browsing to > http://machine:8080/axis/servlet/AdminServlet > > allows me to start and stop the AxisServlet. No big surprise > > there. However the problem is that I can access this page from any > > webbrowser running anywhere. I would like to be able to > restirict access > > so only the host machine would be allowed access. > > > > Is there a way for doing this in access or is it webserver specific? > > I'm using tomcat. > > > > Thanks > > > > Iain >
