It doesn't hurt to have the ability to turn off WSDLs for all admin services. The other option is for the admin service OSGi bundle authors to explicitly declare the 'exposeServiceMetadata' parameter in the respective services.xml files.
Azeez On Tue, Jan 25, 2011 at 5:57 AM, Heshan Suriyaarachchi <[email protected]>wrote: > Sometime back one of our customers were asking whether we supported this > features. > > On Tue, Jan 25, 2011 at 6:49 PM, Afkham Azeez <[email protected]> wrote: > >> How did this requirement originate? Did one of our customers or users ask >> for it? >> >> >> On Tue, Jan 25, 2011 at 3:48 AM, Heshan Suriyaarachchi >> <[email protected]>wrote: >> >>> Hi Amila, >>> >>> Yes, your point is correct. But say for example a user who has deployed a >>> Carbon based server in production wants to block publishing unwanted >>> information to outside. Now there is no way of doing this. >>> >>> Another point is that say for example a user in production has developed >>> custom bundles and exposed their services as AdminServices. Then in >>> situation like that also we might need to block WSDLs. >>> >>> On Tue, Jan 25, 2011 at 4:54 PM, Amila Suriarachchi <[email protected]>wrote: >>> >>>> >>>> >>>> On Tue, Jan 25, 2011 at 3:38 PM, Heshan Suriyaarachchi <[email protected] >>>> > wrote: >>>> >>>>> Hi Devs, >>>>> >>>>> Currently there isn't a way provided by the Carbon Server to block >>>>> Admin Service WSDLs to outside parties. I am looking at a way to fix >>>>> this. I >>>>> had a offline discussion with Azeez on $subject. >>>>> >>>> >>>> Since our products are open source there is nothing we can hide by just >>>> blocking wsdl for Admin services. >>>> >>>> thanks, >>>> Amila. >>>> >>>>> >>>>> Recently, Azeez has done a change to Axis2 trunk to have the following >>>>> property. >>>>> <parameter name="exposeServiceMetadata">true</parameter> >>>>> It will decide whether the metadata (WSDL, schema, policy) of the >>>>> services deployed on Axis2, should be visible to the incoming ?wsdl, >>>>> ?wsdl2, >>>>> ?xsd, ?policy requests. >>>>> >>>>> The idea is to implement the $subject in following way. >>>>> >>>>> In the carbon.xml have a parameter named ShowAdminServiceMetadata. >>>>> which will have the default value to false. That means the AdminServies >>>>> are >>>>> blocked by default. Then the carbon.core.DeploymentInterceptor will be >>>>> modified in a such a way that if a service being deployed is an >>>>> AdminService >>>>> the above mentioned, exposeServiceMetadata property will be added. >>>>> >>>>> I just wanted to inform you before I do the change. Your feedback and >>>>> ideas are welcome. >>>>> >>>>> >>>>> Regards, >>>>> Heshan. >>>>> >>>>> >>>>> -- >>>>> Regards, >>>>> Heshan Suriyaarachchi >>>>> Software Engineer >>>>> WSO2 Inc.; http://wso2.com/ >>>>> >>>>> Blog: http://heshans.blogspot.com/ >>>>> >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> [email protected] >>>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> [email protected] >>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>>> >>> >>> >>> -- >>> Regards, >>> Heshan Suriyaarachchi >>> Software Engineer >>> WSO2 Inc.; http://wso2.com/ >>> >>> Blog: http://heshans.blogspot.com/ >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> >> -- >> *Afkham Azeez* >> Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com, >> * >> * >> *Member; Apache Software Foundation; >> **http://www.apache.org/*<http://www.apache.org/> >> * >> email: **[email protected]* <[email protected]>* cell: +94 77 3320919 >> blog: **http://blog.afkham.org* <http://blog.afkham.org>* >> twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> >> * >> linked-in: **http://lk.linkedin.com/in/afkhamazeez* >> * >> * >> *Lean . Enterprise . Middleware* >> >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > > -- > Regards, > Heshan Suriyaarachchi > Software Engineer > WSO2 Inc.; http://wso2.com/ > > Blog: http://heshans.blogspot.com/ > > _______________________________________________ > Carbon-dev mailing list > [email protected] > https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > -- *Afkham Azeez* Senior Software Architect & Senior Manager; WSO2, Inc.; http://wso2.com, * * *Member; Apache Software Foundation; **http://www.apache.org/*<http://www.apache.org/> * email: **[email protected]* <[email protected]>* cell: +94 77 3320919 blog: **http://blog.afkham.org* <http://blog.afkham.org>* twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez> * linked-in: **http://lk.linkedin.com/in/afkhamazeez* * * *Lean . Enterprise . Middleware*
_______________________________________________ Carbon-dev mailing list [email protected] https://wso2.org/cgi-bin/mailman/listinfo/carbon-dev
