I did the implementation. Now the WSDLs of the admin services are not visible by default if the property is not set to false manually.
The configuration is: <HideAdminServiceWSDLs>true</HideAdminServiceWSDLs> This configuration is inside the Axis2Config section of the carbon.xml Thanks, Supun.. On Wed, Mar 16, 2011 at 3:35 PM, Supun Kamburugamuva <su...@wso2.com> wrote: > +1 I'll put this in to axis2 config section in carbon.xml. > > Thanks, > Supun.. > > On Wed, Mar 16, 2011 at 3:17 PM, Afkham Azeez <az...@wso2.com> wrote: >> But carbon.xml is mainly for server config. Yes I know we have some Axis2 >> stuff there. There is a section called Axis config. May be we can put that >> param there. Having it as a top leve element gives it too much prominence. >> Most users will not care or tweak this, it is mainly for WSO2 devs. >> >> On Wed, Mar 16, 2011 at 3:10 PM, Supun Kamburugamuva <su...@wso2.com> wrote: >>> >>> Since admin services are a part of carbon, I thought it is better to >>> have it as a carbon.xml parameter. We can put the parameter you've >>> mentioned in the axis2.xml and process it from the carbon code. So >>> isn't it better to have it in carbon.xml? >>> >>> Thanks, >>> Supun.. >>> >>> On Wed, Mar 16, 2011 at 2:24 PM, Afkham Azeez <az...@wso2.com> wrote: >>> > I have named that Axis2 parameter "exposeServiceMetadata" >>> > So shall we call this exposeAdminServiceMetadata and make it an >>> > axis2.xml >>> > param? Most users will not care about that, so better not have it in >>> > carbon.xml. >>> > >>> > On Wed, Mar 16, 2011 at 1:36 PM, Afkham Azeez <az...@wso2.com> wrote: >>> >> >>> >> >>> >> On Wed, Mar 16, 2011 at 1:30 PM, Supun Kamburugamuva <su...@wso2.com> >>> >> wrote: >>> >>> >>> >>> Hi, >>> >>> >>> >>> I'm going to introduce a property configuration called >>> >>> <HideAdminServiceWSDL>true</HideAdminServiceWSDL> to the carbon.xml to >>> >>> achieve this. Please let me know if the name has to be changed. >>> >> >>> >> There is another param I introduced to Axis2 to hide all WSDLs. You can >>> >> include that in services.xml or axis2.xml. Please name this to be >>> >> consistent >>> >> with that param. >>> >> >>> >> >>> >>> >>> >>> Thanks, >>> >>> Supun.. >>> >>> >>> >>> On Wed, Jan 26, 2011 at 9:12 PM, Afkham Azeez <az...@wso2.com> wrote: >>> >>> > OK. Go ahead and implement it. When you add the parameter to the >>> >>> > carbon.xml, >>> >>> > put a meaningful name, and add some documentation on its usage. I >>> >>> > think >>> >>> > it >>> >>> > is OK to hide the admin service WSDLs by default. >>> >>> > Azeez >>> >>> > >>> >>> > On Wed, Jan 26, 2011 at 1:15 AM, Heshan Suriyaarachchi >>> >>> > <hes...@wso2.com> >>> >>> > wrote: >>> >>> >> >>> >>> >> >>> >>> >> On Tue, Jan 25, 2011 at 7:30 PM, Afkham Azeez <az...@wso2.com> >>> >>> >> wrote: >>> >>> >>> >>> >>> >>> It doesn't hurt to have the ability to turn off WSDLs for all >>> >>> >>> admin >>> >>> >>> services. >>> >>> >> >>> >>> >> +1 >>> >>> >> >>> >>> >> IMV the best option is to give the user the option to configure >>> >>> >> whether to >>> >>> >> expose AdminService WSDLs is by giving a carbon.xml param to >>> >>> >> configure >>> >>> >> the >>> >>> >> Carbon Server (As per my original proposal). Furthermore, we can >>> >>> >> make >>> >>> >> the >>> >>> >> service WSDLs available by default since not many Devs like the >>> >>> >> idea >>> >>> >> of >>> >>> >> blocking the WSDLs. Then if a user wants to block the AdminService >>> >>> >> WSDLs >>> >>> >> he/she can add the proposed param to the carbon.xml. >>> >>> >> >>> >>> >>> The other option is for the admin service OSGi bundle authors to >>> >>> >>> explicitly declare the 'exposeServiceMetadata' parameter in the >>> >>> >>> respective >>> >>> >>> services.xml files. >>> >>> >> >>> >>> >> In this case, the authors will have to modify each and every Admin >>> >>> >> Service. Another downside is if we do it at the bundle level, it'll >>> >>> >> be >>> >>> >> the >>> >>> >> default behavior. >>> >>> >> >>> >>> >> >>> >>> >> So guys, is it alright if I go ahead and implement this in the >>> >>> >> trunk? >>> >>> >> If >>> >>> >> there are objections, please raise them now because we have this >>> >>> >> requirement >>> >>> >> as an action item for the next release of the ESB (ie. 3.2.0). >>> >>> >>> >>> >>> >>> Azeez >>> >>> >>> >>> >>> >>> On Tue, Jan 25, 2011 at 5:57 AM, Heshan Suriyaarachchi >>> >>> >>> <hes...@wso2.com> >>> >>> >>> wrote: >>> >>> >>>> >>> >>> >>>> Sometime back one of our customers were asking whether we >>> >>> >>>> supported >>> >>> >>>> this >>> >>> >>>> features. >>> >>> >>>> >>> >>> >>>> On Tue, Jan 25, 2011 at 6:49 PM, Afkham Azeez <az...@wso2.com> >>> >>> >>>> wrote: >>> >>> >>>>> >>> >>> >>>>> How did this requirement originate? Did one of our customers or >>> >>> >>>>> users >>> >>> >>>>> ask for it? >>> >>> >>>>> >>> >>> >>>>> On Tue, Jan 25, 2011 at 3:48 AM, Heshan Suriyaarachchi >>> >>> >>>>> <hes...@wso2.com> wrote: >>> >>> >>>>>> >>> >>> >>>>>> Hi Amila, >>> >>> >>>>>> >>> >>> >>>>>> Yes, your point is correct. But say for example a user who has >>> >>> >>>>>> deployed a Carbon based server in production wants to block >>> >>> >>>>>> publishing >>> >>> >>>>>> unwanted information to outside. Now there is no way of doing >>> >>> >>>>>> this. >>> >>> >>>>>> >>> >>> >>>>>> Another point is that say for example a user in production has >>> >>> >>>>>> developed custom bundles and exposed their services as >>> >>> >>>>>> AdminServices. Then >>> >>> >>>>>> in situation like that also we might need to block WSDLs. >>> >>> >>>>>> >>> >>> >>>>>> On Tue, Jan 25, 2011 at 4:54 PM, Amila Suriarachchi >>> >>> >>>>>> <am...@wso2.com> >>> >>> >>>>>> wrote: >>> >>> >>>>>>> >>> >>> >>>>>>> >>> >>> >>>>>>> On Tue, Jan 25, 2011 at 3:38 PM, Heshan Suriyaarachchi >>> >>> >>>>>>> <hes...@wso2.com> wrote: >>> >>> >>>>>>>> >>> >>> >>>>>>>> Hi Devs, >>> >>> >>>>>>>> >>> >>> >>>>>>>> Currently there isn't a way provided by the Carbon Server to >>> >>> >>>>>>>> block >>> >>> >>>>>>>> Admin Service WSDLs to outside parties. I am looking at a way >>> >>> >>>>>>>> to >>> >>> >>>>>>>> fix this. I >>> >>> >>>>>>>> had a offline discussion with Azeez on $subject. >>> >>> >>>>>>> >>> >>> >>>>>>> Since our products are open source there is nothing we can >>> >>> >>>>>>> hide >>> >>> >>>>>>> by >>> >>> >>>>>>> just blocking wsdl for Admin services. >>> >>> >>>>>>> >>> >>> >>>>>>> thanks, >>> >>> >>>>>>> Amila. >>> >>> >>>>>>>> >>> >>> >>>>>>>> Recently, Azeez has done a change to Axis2 trunk to have the >>> >>> >>>>>>>> following property. >>> >>> >>>>>>>> <parameter name="exposeServiceMetadata">true</parameter> >>> >>> >>>>>>>> It will decide whether the metadata (WSDL, schema, policy) of >>> >>> >>>>>>>> the >>> >>> >>>>>>>> services deployed on Axis2, should be visible to the incoming >>> >>> >>>>>>>> ?wsdl, ?wsdl2, >>> >>> >>>>>>>> ?xsd, ?policy requests. >>> >>> >>>>>>>> >>> >>> >>>>>>>> The idea is to implement the $subject in following way. >>> >>> >>>>>>>> >>> >>> >>>>>>>> In the carbon.xml have a parameter named >>> >>> >>>>>>>> ShowAdminServiceMetadata. >>> >>> >>>>>>>> which will have the default value to false. That means the >>> >>> >>>>>>>> AdminServies are >>> >>> >>>>>>>> blocked by default. Then the >>> >>> >>>>>>>> carbon.core.DeploymentInterceptor >>> >>> >>>>>>>> will be >>> >>> >>>>>>>> modified in a such a way that if a service being deployed is >>> >>> >>>>>>>> an >>> >>> >>>>>>>> AdminService >>> >>> >>>>>>>> the above mentioned, exposeServiceMetadata property will be >>> >>> >>>>>>>> added. >>> >>> >>>>>>>> >>> >>> >>>>>>>> I just wanted to inform you before I do the change. Your >>> >>> >>>>>>>> feedback >>> >>> >>>>>>>> and ideas are welcome. >>> >>> >>>>>>>> >>> >>> >>>>>>>> >>> >>> >>>>>>>> Regards, >>> >>> >>>>>>>> Heshan. >>> >>> >>>>>>>> >>> >>> >>>>>>>> >>> >>> >>>>>>>> -- >>> >>> >>>>>>>> Regards, >>> >>> >>>>>>>> Heshan Suriyaarachchi >>> >>> >>>>>>>> Software Engineer >>> >>> >>>>>>>> WSO2 Inc.; http://wso2.com/ >>> >>> >>>>>>>> >>> >>> >>>>>>>> Blog: http://heshans.blogspot.com/ >>> >>> >>>>>>>> >>> >>> >>>>>>>> _______________________________________________ >>> >>> >>>>>>>> Carbon-dev mailing list >>> >>> >>>>>>>> Carbon-dev@wso2.org >>> >>> >>>>>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >>>>>>>> >>> >>> >>>>>>> >>> >>> >>>>>>> >>> >>> >>>>>>> _______________________________________________ >>> >>> >>>>>>> Carbon-dev mailing list >>> >>> >>>>>>> Carbon-dev@wso2.org >>> >>> >>>>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >>>>>>> >>> >>> >>>>>> >>> >>> >>>>>> >>> >>> >>>>>> >>> >>> >>>>>> -- >>> >>> >>>>>> Regards, >>> >>> >>>>>> Heshan Suriyaarachchi >>> >>> >>>>>> Software Engineer >>> >>> >>>>>> WSO2 Inc.; http://wso2.com/ >>> >>> >>>>>> >>> >>> >>>>>> Blog: http://heshans.blogspot.com/ >>> >>> >>>>>> >>> >>> >>>>>> _______________________________________________ >>> >>> >>>>>> Carbon-dev mailing list >>> >>> >>>>>> Carbon-dev@wso2.org >>> >>> >>>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >>>>>> >>> >>> >>>>> >>> >>> >>>>> >>> >>> >>>>> >>> >>> >>>>> -- >>> >>> >>>>> Afkham Azeez >>> >>> >>>>> Senior Software Architect & Senior Manager; WSO2, Inc.; >>> >>> >>>>> http://wso2.com, >>> >>> >>>>> >>> >>> >>>>> Member; Apache Software Foundation; http://www.apache.org/ >>> >>> >>>>> email: az...@wso2.com cell: +94 77 3320919 >>> >>> >>>>> blog: http://blog.afkham.org >>> >>> >>>>> twitter: http://twitter.com/afkham_azeez >>> >>> >>>>> linked-in: http://lk.linkedin.com/in/afkhamazeez >>> >>> >>>>> >>> >>> >>>>> Lean . Enterprise . Middleware >>> >>> >>>>> >>> >>> >>>>> _______________________________________________ >>> >>> >>>>> Carbon-dev mailing list >>> >>> >>>>> Carbon-dev@wso2.org >>> >>> >>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >>>>> >>> >>> >>>> >>> >>> >>>> >>> >>> >>>> >>> >>> >>>> -- >>> >>> >>>> Regards, >>> >>> >>>> Heshan Suriyaarachchi >>> >>> >>>> Software Engineer >>> >>> >>>> WSO2 Inc.; http://wso2.com/ >>> >>> >>>> >>> >>> >>>> Blog: http://heshans.blogspot.com/ >>> >>> >>>> >>> >>> >>>> _______________________________________________ >>> >>> >>>> Carbon-dev mailing list >>> >>> >>>> Carbon-dev@wso2.org >>> >>> >>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >>>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> -- >>> >>> >>> Afkham Azeez >>> >>> >>> Senior Software Architect & Senior Manager; WSO2, Inc.; >>> >>> >>> http://wso2.com, >>> >>> >>> >>> >>> >>> Member; Apache Software Foundation; http://www.apache.org/ >>> >>> >>> email: az...@wso2.com cell: +94 77 3320919 >>> >>> >>> blog: http://blog.afkham.org >>> >>> >>> twitter: http://twitter.com/afkham_azeez >>> >>> >>> linked-in: http://lk.linkedin.com/in/afkhamazeez >>> >>> >>> >>> >>> >>> Lean . Enterprise . Middleware >>> >>> >>> >>> >>> >>> _______________________________________________ >>> >>> >>> Carbon-dev mailing list >>> >>> >>> Carbon-dev@wso2.org >>> >>> >>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >>> >>> >>> >> >>> >>> >> >>> >>> >> >>> >>> >> -- >>> >>> >> Regards, >>> >>> >> Heshan Suriyaarachchi >>> >>> >> Software Engineer >>> >>> >> WSO2 Inc.; http://wso2.com/ >>> >>> >> >>> >>> >> Blog: http://heshans.blogspot.com/ >>> >>> >> >>> >>> >> _______________________________________________ >>> >>> >> Carbon-dev mailing list >>> >>> >> carbon-...@lists.wso2.org >>> >>> >> http://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >>> >>> > >>> >>> > >>> >>> > >>> >>> > -- >>> >>> > Afkham Azeez >>> >>> > Senior Software Architect & Senior Manager; WSO2, Inc.; >>> >>> > http://wso2.com, >>> >>> > >>> >>> > Member; Apache Software Foundation; http://www.apache.org/ >>> >>> > email: az...@wso2.com cell: +94 77 3320919 >>> >>> > blog: http://blog.afkham.org >>> >>> > twitter: http://twitter.com/afkham_azeez >>> >>> > linked-in: http://lk.linkedin.com/in/afkhamazeez >>> >>> > >>> >>> > Lean . Enterprise . Middleware >>> >>> > >>> >>> > _______________________________________________ >>> >>> > Carbon-dev mailing list >>> >>> > carbon-...@lists.wso2.org >>> >>> > http://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> > >>> >>> > >>> >>> >>> >>> >>> >>> >>> >>> -- >>> >>> Supun Kamburugamuva >>> >>> Technical Lead & Product Manager, WSO2 Inc.; http://wso2.com >>> >>> Member, Apache Software Foundation; http://www.apache.org >>> >>> WSO2 Inc.; http://wso2.org >>> >>> E-mail: su...@wso2.com; Mobile: +94 77 431 3585 >>> >>> Blog: http://supunk.blogspot.com >>> >> >>> >> >>> >> >>> >> -- >>> >> Afkham Azeez >>> >> Senior Software Architect & Senior Manager; WSO2, Inc.; >>> >> http://wso2.com, >>> >> >>> >> Member; Apache Software Foundation; http://www.apache.org/ >>> >> email: az...@wso2.com cell: +94 77 3320919 >>> >> blog: http://blog.afkham.org >>> >> twitter: http://twitter.com/afkham_azeez >>> >> linked-in: http://lk.linkedin.com/in/afkhamazeez >>> >> >>> >> Lean . Enterprise . Middleware >>> > >>> > >>> > >>> > -- >>> > Afkham Azeez >>> > Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com, >>> > >>> > Member; Apache Software Foundation; http://www.apache.org/ >>> > email: az...@wso2.com cell: +94 77 3320919 >>> > blog: http://blog.afkham.org >>> > twitter: http://twitter.com/afkham_azeez >>> > linked-in: http://lk.linkedin.com/in/afkhamazeez >>> > >>> > Lean . Enterprise . Middleware >>> > >>> >>> >>> >>> -- >>> Supun Kamburugamuva >>> Technical Lead & Product Manager, WSO2 Inc.; http://wso2.com >>> Member, Apache Software Foundation; http://www.apache.org >>> WSO2 Inc.; http://wso2.org >>> E-mail: su...@wso2.com; Mobile: +94 77 431 3585 >>> Blog: http://supunk.blogspot.com >> >> >> >> -- >> Afkham Azeez >> Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com, >> >> Member; Apache Software Foundation; http://www.apache.org/ >> email: az...@wso2.com cell: +94 77 3320919 >> blog: http://blog.afkham.org >> twitter: http://twitter.com/afkham_azeez >> linked-in: http://lk.linkedin.com/in/afkhamazeez >> >> Lean . Enterprise . Middleware >> > > > > -- > Supun Kamburugamuva > Technical Lead & Product Manager, WSO2 Inc.; http://wso2.com > Member, Apache Software Foundation; http://www.apache.org > WSO2 Inc.; http://wso2.org > E-mail: su...@wso2.com; Mobile: +94 77 431 3585 > Blog: http://supunk.blogspot.com > -- Supun Kamburugamuva Technical Lead & Product Manager, WSO2 Inc.; http://wso2.com Member, Apache Software Foundation; http://www.apache.org WSO2 Inc.; http://wso2.org E-mail: su...@wso2.com; Mobile: +94 77 431 3585 Blog: http://supunk.blogspot.com _______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
