I do not think httpj configuration can do that . Because we add the service url context when we add the servant to the Jetty Engine. As Benson just mentioned , I don't think a common Jetty handler can filter all the ?wsdl request.
Maybe we need to do some hacking work in the QueryHandlerRegisty for a common solution of the Servlet and Jetty HTTP transports. Willem. Sergey Beryozkin wrote: > > Can you do it using an httpj configuration ? > > Cheers, Sergey > > > -----Original Message----- > From: Benson Margulies [mailto:[EMAIL PROTECTED] > Sent: 17 October 2007 11:36 > To: [email protected] > Subject: RE: Disable access to wsdl in Servlet transport > > Well, perhaps you do. > > Use the CXF config to hang a handler in front of the CXF handler that > filter-feeds for ?wsdl? I can't prove that jetty allows one handler to > peek into a context owned by a successor. > >> -----Original Message----- >> From: James Mao [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, October 17, 2007 6:11 AM >> To: [email protected] >> Subject: Re: Disable access to wsdl in Servlet transport >> >> If you're working with a container, i think you can do this through >> configuration of the container, to redirect the ?wsdl to a more > friendly >> page, >> say, "please contact ... to get the wsdl", or list the service you > have >> etc. >> >> I guess we don't have this function in a standalone service, do we? >> >> James >> >> > But I think we still can do it in the filter, such as: >> > >> > doFilter() { >> > if (URLHasWsdlSuffix()) { >> > //Do the Authentication >> > } else { >> > //access the web service } >> > } >> > >> > If you don't want to use the filter to do the security, maybe need > to >> > add an interceptor or other codes before dealing with >> > WSDLQueryHandler, as willem pointed out in the other mail. >> > >> > HTH.. >> > >> > Thanks >> > Jeff >> > >> > Glen Mazza wrote: >> >> Jeff, >> >> I think he doesn't want people to see the WSDL file. It's not the >> >> service he wants to restrict, but viewing its WSDL. I don't know > if >> >> that can be done. >> >> >> >> Glen >> >> >> >> Am Mittwoch, den 17.10.2007, 11:11 +0800 schrieb Jeff Yu: >> >> >> >>> Hi, >> >>> >> >>> There is an easy way that I came up is to use a filter in web.xml > to >> >>> restrict the access. >> >>> >> >>> Say there are three services: A,B,C , we want to restrict the B,C >> >>> service. we can pulish the services as following: >> >>> >> >>> http://host.com/services/secure/B >> >>> http://host.com/services/secure/C >> >>> http://host.com/services/A. >> >>> >> >>> And then we will config a filter to restrict the >> >>> http://lhost.com/service/secure url to do the authentication. >> >>> >> >>> So people can access the A service without any restriction, but > need >> >>> to get authentication to access B,C service. >> >>> >> >>> Thanks >> >>> Jeff >> >>> >> >>> >> >>> Egor Samarkhanov wrote: >> >>> >> >>>> Hello ! >> >>>> >> >>>> How can I restrict access to WSDL of my service? >> >>>> I don't want someone to access the >> >>>> http//host.com/services/myservice?wsdl content. >> >>>> And I use Servlet transport. >> >>>> >> >>>> Thanks, >> >>>> Egor Samarkhanov ([EMAIL PROTECTED]) >> >>>> >> >>>> >> >>>> >> >>>> >> >> >> >> >> > > > ---------------------------- > IONA Technologies PLC (registered in Ireland) > Registered Number: 171387 > Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland > > -- View this message in context: http://www.nabble.com/Disable-access-to-wsdl-in-Servlet-transport-tf4636104.html#a13254817 Sent from the cxf-user mailing list archive at Nabble.com.
