It doesn't hurt to have the ability to turn off WSDLs for all admin services. The other option is for the admin service OSGi bundle authors to explicitly declare the 'exposeServiceMetadata' parameter in the respective services.xml files.
Azeez On Tue, Jan 25, 2011 at 5:57 AM, Heshan Suriyaarachchi <hes...@wso2.com>wrote: > Sometime back one of our customers were asking whether we supported this > features. > > On Tue, Jan 25, 2011 at 6:49 PM, Afkham Azeez <az...@wso2.com> wrote: > >> How did this requirement originate? Did one of our customers or users ask >> for it? >> >> >> On Tue, Jan 25, 2011 at 3:48 AM, Heshan Suriyaarachchi >> <hes...@wso2.com>wrote: >> >>> Hi Amila, >>> >>> Yes, your point is correct. But say for example a user who has deployed a >>> Carbon based server in production wants to block publishing unwanted >>> information to outside. Now there is no way of doing this. >>> >>> Another point is that say for example a user in production has developed >>> custom bundles and exposed their services as AdminServices. Then in >>> situation like that also we might need to block WSDLs. >>> >>> On Tue, Jan 25, 2011 at 4:54 PM, Amila Suriarachchi <am...@wso2.com>wrote: >>> >>>> >>>> >>>> On Tue, Jan 25, 2011 at 3:38 PM, Heshan Suriyaarachchi <hes...@wso2.com >>>> > wrote: >>>> >>>>> Hi Devs, >>>>> >>>>> Currently there isn't a way provided by the Carbon Server to block >>>>> Admin Service WSDLs to outside parties. I am looking at a way to fix >>>>> this. I >>>>> had a offline discussion with Azeez on $subject. >>>>> >>>> >>>> Since our products are open source there is nothing we can hide by just >>>> blocking wsdl for Admin services. >>>> >>>> thanks, >>>> Amila. >>>> >>>>> >>>>> Recently, Azeez has done a change to Axis2 trunk to have the following >>>>> property. >>>>> <parameter name="exposeServiceMetadata">true</parameter> >>>>> It will decide whether the metadata (WSDL, schema, policy) of the >>>>> services deployed on Axis2, should be visible to the incoming ?wsdl, >>>>> ?wsdl2, >>>>> ?xsd, ?policy requests. >>>>> >>>>> The idea is to implement the $subject in following way. >>>>> >>>>> In the carbon.xml have a parameter named ShowAdminServiceMetadata. >>>>> which will have the default value to false. That means the AdminServies >>>>> are >>>>> blocked by default. Then the carbon.core.DeploymentInterceptor will be >>>>> modified in a such a way that if a service being deployed is an >>>>> AdminService >>>>> the above mentioned, exposeServiceMetadata property will be added. >>>>> >>>>> I just wanted to inform you before I do the change. Your feedback and >>>>> ideas are welcome. >>>>> >>>>> >>>>> Regards, >>>>> Heshan. >>>>> >>>>> >>>>> -- >>>>> Regards, >>>>> Heshan Suriyaarachchi >>>>> Software Engineer >>>>> WSO2 Inc.; http://wso2.com/ >>>>> >>>>> Blog: http://heshans.blogspot.com/ >>>>> >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> Carbon-dev@wso2.org >>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> Carbon-dev@wso2.org >>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>>> >>> >>> >>> -- >>> Regards, >>> Heshan Suriyaarachchi >>> Software Engineer >>> WSO2 Inc.; http://wso2.com/ >>> >>> Blog: http://heshans.blogspot.com/ >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> Carbon-dev@wso2.org >>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> >> -- >> *Afkham Azeez* >> Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com, >> * >> * >> *Member; Apache Software Foundation; >> **http://www.apache.org/*<http://www.apache.org/> >> * >> email: **az...@wso2.com* <az...@wso2.com>* cell: +94 77 3320919 >> blog: **http://blog.afkham.org* <http://blog.afkham.org>* >> twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> >> * >> linked-in: **http://lk.linkedin.com/in/afkhamazeez* >> * >> * >> *Lean . Enterprise . Middleware* >> >> >> _______________________________________________ >> Carbon-dev mailing list >> Carbon-dev@wso2.org >> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > > -- > Regards, > Heshan Suriyaarachchi > Software Engineer > WSO2 Inc.; http://wso2.com/ > > Blog: http://heshans.blogspot.com/ > > _______________________________________________ > Carbon-dev mailing list > Carbon-dev@wso2.org > https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > -- *Afkham Azeez* Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com, * * *Member; Apache Software Foundation; **http://www.apache.org/*<http://www.apache.org/> * email: **az...@wso2.com* <az...@wso2.com>* cell: +94 77 3320919 blog: **http://blog.afkham.org* <http://blog.afkham.org>* twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> * linked-in: **http://lk.linkedin.com/in/afkhamazeez* * * *Lean . Enterprise . Middleware*
_______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
