Bence- How did the requirement to have the ability to dynamically add and remove services come about? I ask this, because it may be more work that it is worth to implement and I'm not aware of any technology that would make this practical on either end.
I don't know of any tool that can dynamically generate a WSDL based on a dynamic list of available services, so you either have to write that, or manually update the WSDL file every time you deploy an internal service. Secondly, most clients need to have the WSDL defined ahead of time in order to code against it. Having the services change dynamically will break clients that have coded against a service that has since been removed. I would suggest first implementing the base service and get that working, and then consider implementing an authentication system that limits access to methods based on a role or user scheme for additional services that are deployed. There is little damage a client can do if they just 'know' of the service, but don't have permission to execute it. You can also have a check down by logging access to services and methods by user so you'll be able to see if customers access something they are not supposed to. Just a thought. Matt Pavlovich -- View this message in context: http://www.nabble.com/Servicemix-as-single-access-point-to-several-web-services-tp17129303p17347695.html Sent from the ServiceMix - User mailing list archive at Nabble.com.
