On Tue, Jan 25, 2011 at 3:38 PM, Heshan Suriyaarachchi <[email protected]>wrote:
> Hi Devs, > > Currently there isn't a way provided by the Carbon Server to block Admin > Service WSDLs to outside parties. I am looking at a way to fix this. I had a > offline discussion with Azeez on $subject. > Since our products are open source there is nothing we can hide by just blocking wsdl for Admin services. thanks, Amila. > > Recently, Azeez has done a change to Axis2 trunk to have the following > property. > <parameter name="exposeServiceMetadata">true</parameter> > It will decide whether the metadata (WSDL, schema, policy) of the services > deployed on Axis2, should be visible to the incoming ?wsdl, ?wsdl2, ?xsd, > ?policy requests. > > The idea is to implement the $subject in following way. > > In the carbon.xml have a parameter named ShowAdminServiceMetadata. which > will have the default value to false. That means the AdminServies are > blocked by default. Then the carbon.core.DeploymentInterceptor will be > modified in a such a way that if a service being deployed is an AdminService > the above mentioned, exposeServiceMetadata property will be added. > > I just wanted to inform you before I do the change. Your feedback and ideas > are welcome. > > > Regards, > Heshan. > > > -- > Regards, > Heshan Suriyaarachchi > Software Engineer > WSO2 Inc.; http://wso2.com/ > > Blog: http://heshans.blogspot.com/ > > _______________________________________________ > Carbon-dev mailing list > [email protected] > https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >
_______________________________________________ Carbon-dev mailing list [email protected] https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
