Hi, On Tue, Mar 22, 2011 at 10:34 AM, Afkham Azeez <[email protected]> wrote:
> Hmm no answer!!! > > DimuthuL, you have added LoginStatisticsAdmin on 6/2/2009 928AM with this > log: > " Exposing a login stat service. This is a hack, as discussed by the team. > I tried my best to limit the adverse effects done by this bad hack. > " > HTTP has been explicitly enabled for this service. What is this service? > What is the risk of having this service, what are these adverse effects you > are talking about and why did you explicitly expose it via HTTP? > > IIRC, I added this for BAM people. It is a read-only service. It doesn't let anyone write/modify server data. However it exposes login stats. I should have kept a close eye on it and removed HTTP before release. What should be the next steps? Thanks, Dimuthu > > FileDownloadService has been added on 12/18/08 1115PM by Keith with this > log: > "Adding a fileDownload Service so that we have a mechanism of accessing > files via fileDownload when running in a seperate FE BE env" > HTTP has been explicitly enabled for this service as well. > > > On Mon, Mar 21, 2011 at 12:12 PM, Afkham Azeez <[email protected]> wrote: > >> Is there a particular reason why these services are exposed via HTTP & >> HTTPS? All other admin services are exposed only via HTTPS. >> >> -- >> *Afkham Azeez* >> Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com, >> * >> * >> *Member; Apache Software Foundation; >> **http://www.apache.org/*<http://www.apache.org/> >> * >> email: **[email protected]* <[email protected]>* cell: +94 77 3320919 >> blog: **http://blog.afkham.org* <http://blog.afkham.org>* >> twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> >> * >> linked-in: **http://lk.linkedin.com/in/afkhamazeez* >> * >> * >> *Lean . Enterprise . Middleware* >> >> > > > -- > *Afkham Azeez* > Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com, > * > * > *Member; Apache Software Foundation; > **http://www.apache.org/*<http://www.apache.org/> > * > email: **[email protected]* <[email protected]>* cell: +94 77 3320919 > blog: **http://blog.afkham.org* <http://blog.afkham.org>* > twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> > * > linked-in: **http://lk.linkedin.com/in/afkhamazeez* > * > * > *Lean . Enterprise . Middleware* > >
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
