On Tue, Jan 25, 2011 at 5:16 PM, Prabath Siriwardana <[email protected]>wrote:
> > > On Tue, Jan 25, 2011 at 4:54 PM, Amila Suriarachchi <[email protected]>wrote: > >> >> >> On Tue, Jan 25, 2011 at 3:38 PM, Heshan Suriyaarachchi >> <[email protected]>wrote: >> >>> Hi Devs, >>> >>> Currently there isn't a way provided by the Carbon Server to block Admin >>> Service WSDLs to outside parties. I am looking at a way to fix this. I had a >>> offline discussion with Azeez on $subject. >>> >> >> Since our products are open source there is nothing we can hide by just >> blocking wsdl for Admin services. >> > > +1 > +1. I don't see a need to having a global server-level parameter as admin services are already secure through our permission model. If any 3rd party admin service needs it, may be it should be a service level parameter. Also, having this at the global level will reduce the flexibility and the usefulness of such a parameter, IMHO. Thanks, Senaka. > > Thanks & regards, > -Prabath > > >> >> thanks, >> Amila. >> >>> >>> Recently, Azeez has done a change to Axis2 trunk to have the following >>> property. >>> <parameter name="exposeServiceMetadata">true</parameter> >>> It will decide whether the metadata (WSDL, schema, policy) of the >>> services deployed on Axis2, should be visible to the incoming ?wsdl, ?wsdl2, >>> ?xsd, ?policy requests. >>> >>> The idea is to implement the $subject in following way. >>> >>> In the carbon.xml have a parameter named ShowAdminServiceMetadata. which >>> will have the default value to false. That means the AdminServies are >>> blocked by default. Then the carbon.core.DeploymentInterceptor will be >>> modified in a such a way that if a service being deployed is an AdminService >>> the above mentioned, exposeServiceMetadata property will be added. >>> >>> I just wanted to inform you before I do the change. Your feedback and >>> ideas are welcome. >>> >>> >>> Regards, >>> Heshan. >>> >>> >>> -- >>> Regards, >>> Heshan Suriyaarachchi >>> Software Engineer >>> WSO2 Inc.; http://wso2.com/ >>> >>> Blog: http://heshans.blogspot.com/ >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > > -- > Thanks & Regards, > Prabath > > http://blog.facilelogin.com > http://RampartFAQ.com > > _______________________________________________ > Carbon-dev mailing list > [email protected] > https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > -- *Senaka Fernando* Product Manager - WSO2 Governance Registry; Associate Technical Lead; WSO2, Inc.; http://wso2.com* Member; Apache Software Foundation; http://apache.org E-mail: senaka AT wso2.com **P: +1 408 754 7388; ext: 51736*; *M: +94 77 322 1818 Linked-In: http://www.linkedin.com/in/senakafernando *Lean . Enterprise . Middleware
_______________________________________________ Carbon-dev mailing list [email protected] https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
