Hi Just an update that adding an "org.apache.cxf.endpoint.private" (either as a jaxws:property or jaxrs:property) to jaxws/jaxrs endpoints will let users 'hide' links to SOAP or JAXRS-based endpoints from the services page. I've also updated JAXRS WADLGenerator to return 401 for private endpoints but didn't do it for WSDLQueryHandler, was not quite sure if it was a safe thing to do. I had to add this property for Atom feed jaxrs endpoints be able to stay 'private', as far as the CXF services page is concerned...
cheers, Sergey
