Hi Devs,
Currently there isn't a way provided by the Carbon Server to block Admin
Service WSDLs to outside parties. I am looking at a way to fix this. I had a
offline discussion with Azeez on $subject.
Recently, Azeez has done a change to Axis2 trunk to have the following
property.
<parameter name="exposeServiceMetadata">true</parameter>
It will decide whether the metadata (WSDL, schema, policy) of the services
deployed on Axis2, should be visible to the incoming ?wsdl, ?wsdl2, ?xsd,
?policy requests.
The idea is to implement the $subject in following way.
In the carbon.xml have a parameter named ShowAdminServiceMetadata. which
will have the default value to false. That means the AdminServies are
blocked by default. Then the carbon.core.DeploymentInterceptor will be
modified in a such a way that if a service being deployed is an AdminService
the above mentioned, exposeServiceMetadata property will be added.
I just wanted to inform you before I do the change. Your feedback and ideas
are welcome.
Regards,
Heshan.
--
Regards,
Heshan Suriyaarachchi
Software Engineer
WSO2 Inc.; http://wso2.com/
Blog: http://heshans.blogspot.com/
_______________________________________________
Carbon-dev mailing list
[email protected]
https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
