You are viewing a plain text version of this content. The canonical link for it is here.

Posted to soap-user@xml.apache.org by David Wall <dw...@Yozons.com> on 2001/04/25 05:28:05 UTC

Security of deploying and undeploying services

>From what I can, there's no apparent security associated with deploying and undeploying services.  It seems that if I do an HTTP GET/POST to the right URL, that I can deploy and undeploy.  Using Apache, I could probably password-protect that URL, but even that's hard since the main URL just points to the rpcrouter servlet.

And what keeps someone from using org.apache.soap.server.ServiceManagerClient to deploy/undeploy on my server?  I figure I'm just missing something, but I can't figure it out.

Thanks,
David