On Tue, Jan 11, 2011 at 8:15 AM, Amila Suriarachchi <[email protected]> wrote:
> > > On Mon, Jan 10, 2011 at 10:05 PM, Afkham Azeez <[email protected]> wrote: > >> This requirement is different. In the case of some organizations, the WSDL >> is copyrighted and distributed out of band. People who get access to these >> WSDLs may need to sign a NDA. So, in their deployment, they would allow >> authorized users to call the service, but they do not want anybody to get >> access to the WSDL through a URL. > > > Ok that make sense. If someone try to access such wsdl what is shown to the > user? > HTTP 403 - Forbidden > > thanks, > Amila. > >> >> Azeez >> >> On Mon, Jan 10, 2011 at 7:44 PM, Amila Suriarachchi <[email protected]>wrote: >> >>> hi, >>> >>> First I think just restricting access to a service meta data won't make >>> any thing secure. >>> >>> Then when you add this parameter then it won't show the service both >>> authorized and unauthorized people. Correct way is to assign a role. show >>> the metadata only if user in that role. >>> >>> For this in Axis2 we need to assume people have configure the tomcat or >>> application user manger component properly and use those roles. >>> >>> thanks, >>> Amila. >>> >>> >>> On Mon, Jan 10, 2011 at 5:10 PM, Afkham Azeez <[email protected]> wrote: >>> >>>> As per https://issues.apache.org/jira/browse/AXIS2-3316 I have >>>> implemented this functionality where you can add the <parameter >>>> name="exposeServiceMetadata">false</parameter> parameter to the axis2.xml >>>> or >>>> services.xml file in order to restrict access to the service metadata. >>>> >>>> Adding the parameter to axis2.xml will not allow access to the metadata >>>> of all services. When specified at the service group or service level, it >>>> will be applicable only to those services. >>>> >>>> -- >>>> *Afkham Azeez* >>>> Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com >>>> , >>>> * >>>> * >>>> *Member; Apache Software Foundation; >>>> **http://www.apache.org/*<http://www.apache.org/> >>>> * >>>> email: **[email protected]* <[email protected]>* cell: +94 77 3320919 >>>> blog: **http://blog.afkham.org* <http://blog.afkham.org>* >>>> twitter: >>>> **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> >>>> * >>>> linked-in: **http://lk.linkedin.com/in/afkhamazeez* >>>> * >>>> * >>>> *Lean . Enterprise . Middleware* >>>> >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> [email protected] >>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>>> >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> >> -- >> *Afkham Azeez* >> Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com, >> * >> * >> *Member; Apache Software Foundation; >> **http://www.apache.org/*<http://www.apache.org/> >> * >> email: **[email protected]* <[email protected]>* cell: +94 77 3320919 >> blog: **http://blog.afkham.org* <http://blog.afkham.org>* >> twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> >> * >> linked-in: **http://lk.linkedin.com/in/afkhamazeez* >> * >> * >> *Lean . Enterprise . Middleware* >> >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > _______________________________________________ > Carbon-dev mailing list > [email protected] > https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > -- *Afkham Azeez* Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com, * * *Member; Apache Software Foundation; **http://www.apache.org/*<http://www.apache.org/> * email: **[email protected]* <[email protected]>* cell: +94 77 3320919 blog: **http://blog.afkham.org* <http://blog.afkham.org>* twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> * linked-in: **http://lk.linkedin.com/in/afkhamazeez* * * *Lean . Enterprise . Middleware*
_______________________________________________ Carbon-dev mailing list [email protected] https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
