Hi, We've a requirements in DSS to restrict access to operations for specific user roles. We use a similar method to do content filtering by associating a required role to a specific data output field. So a possibility to achieve the same behaviour for service operation invocation,
* Use the data service's associated external services.xml to define these restrictions for service operations. * Use the data service description file (.dbs file) to define these properties as we do with content filtering. The editing the .dbs maybe more convenient to the user in a way that, then the data service is self contained and it will not depend on another service.xml file, to define such behaviour. Currently the services.xml in data service is mainly used for special functionality such as setting axis2 service parameters, for making it an admin/hidden service and so on. I was talking with Amila earlier and his idea is, this should be a general feature that should be common to all services and this type of functionality should be defined in the security wizard. So will such a feature be added in the near by future? .. or shall we continue by defining our own functionality into DSS. Any thoughts are welcome. Cheers, Anjana. -- Anjana Fernando Software Engineer WSO2, Inc.; http://wso2.com lean.enterprise.middleware _______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
