Hello everyone! I'm currently in a tug-of-war with the folks over in our network "security" department over a web service I'm attempting to deploy.
My web service is a one-way transaction. The security folks are complaining because they are seeing HTTP 202 ACCEPTANCE messages in their network logs without any associated HTTP 200 OK message. They insist that my web service is broken because it doesn't notify the client via a HTTP 200 message that processing is complete. The person I'm in a tug-of-war with has gone so far as to "convince" our IT Director that my web service is broken and shouldn't be allowed to be deployed. the "security" person insists my web service is leaving things open and is a very large security risk. I've shown my management all of the documentation about HTTP 202 messages that I can find - none of which indicates my web service is truly broken. Is my Web Service truly broken? I've replaced my web service with a simple stub that does nothing more than return - and my result from Axis is a HTTP 202 message of zero length. Is it possible to replace the 202 message with a 200 message to get the Network Security people off my back? Thanks in advance! Bob
