I know of a couple of options.. Change the URL for the JSP page where you can deploy, etc.
Modify the code in rpcrouter so that it can't change the services. Make the file that contains the deployed SOAP services read-only. Put a proxy or firewall in front of your soap server that filters out any requests that aren't the SOAP calls that you are expecting. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 29, 2001 8:23 AM To: [EMAIL PROTECTED] Subject: Security issue - deploy Hi all, do you know any way to prevent "malicious" persons from deploying (undeploying) a service in my SOAP Server? I mean, is there anything integrated ni SOAP to accept "deploy" ("undeploy") calls only from specific IPs or something? I wouldn't like my services being undeployed by anyone.... Thank you...
