In Tomcat 4, you can also set up a "Remote Access Filter Valve" in the
web.xml file. Here is an explanation of it:
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/valve.html
I have not used this for the SOAP administrator, but I have used it in
other cases and it works.
Mark
At 05:
First, did you also follow these instructions from the docs?
>>>
Controlling Access to the ServiceManager
Although the SOAP interface for deploying/undeploying services can be
very useful during development, it is not always desirable to expose
such capabilities in a runtime environment. Apache
