WSAS 3.2.1 With the try it functionality I don´t have any problem.
My problem is that I don´t want that non-authenticate person can see and use it. A solution is to put user/password security to all services but if this is not a security requirement I can´t do it. Jorge. De: [email protected] [mailto:[email protected]] En nombre de Dimuthu Leelarathne Enviado el: domingo, 30 de enero de 2011 22:05 Para: [email protected] Asunto: Re: [Carbon-dev] security issue with try it functionality. Hi, What version of App server are you using? On Mon, Jan 31, 2011 at 6:09 AM, Jorge Infante Osorio <[email protected]> wrote: We deploy an AppServ under a development environment, and in this environment have access some people that we don´t want to see the home page of AppServ and also we don´t want that they can use the try it functionality of any services. The AppServ by default let see the list of services and use the try it with any services. How can we disable this behavior?? Trunk versions of appserver do not display the service list but it is still possible to use "tryit" if a person knows the url. A solution is the mutual authentication using SSL and client certificate but I want to know if it´s possible that the non-authenticate user can see the list of services but not use the try it until they are authenticate in AppServ. This is not a provided feature yet. However a workaround would be to enable UT on these services. thanks, dimuthul Jorge. _______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev _______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
