You are viewing a plain text version of this content. The canonical link for it is here.

Posted to soap-user@xml.apache.org by Mike Spreitzer <ms...@us.ibm.com> on 2000/12/07 22:21:40 UTC

How to secure the administrative interface to a SOAP server?

Suppose I want to make a SOAP server (specifically, one using IBM-SOAP-1.2 
or Apache SOAP 2.0) available for public use.  That is, I want Joe Anybody 
to be able to make calls on my services.  But I don't want Joe Anybody 
administering my soap server, neither through its convenient web interface 
nor its command line interface that I see takes a URL that I have to 
expose for base-level operation.  Is there any way, using either of the 
above SOAP implementations and either Tomcat 3.1 or 3.2, to do this?

Thanks,
Mike