You are viewing a plain text version of this content. The canonical link for it is here.
Posted to soap-user@ws.apache.org by "Khamesra, SandeepX" <sa...@intel.com> on 2001/06/16 21:24:41 UTC
Using SOAP A good Idea or bad ???????????
Guys,
I am planning to move to SOAP for my message passing and RPC. This will be
between Windows box and Linux box. I am just wondering How stable the SOAP
is and will there be any issues ? any one very confident about the SOAP
tech. or it is just another hype.. Please help me in making a decision here
..
Thanx
Sandeep
---------------------------------------------------------------------
To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
For additional commands, email: soap-user-help@xml.apache.org
Re: Using SOAP A good Idea or bad ???????????
Posted by Sanjiva Weerawarana <sa...@watson.ibm.com>.
Re: configuring Apache SOAP remotely via the ServiceManager service.
You can turn that off by writing a custom config manager (see the
docs) which does not allow the deploy and undeploy functions. That
would turn off the ability to configure Apache SOAP remotely.
Sanjiva.
----- Original Message -----
From: "David Wall" <dw...@Yozons.com>
To: <so...@xml.apache.org>
Sent: Saturday, June 16, 2001 3:39 PM
Subject: Re: Using SOAP A good Idea or bad ???????????
>
> > is and will there be any issues ? any one very confident about the SOAP
> > tech. or it is just another hype.. Please help me in making a decision
> here
>
> I think you'll find there are still interoperability issues between
> platforms and SOAP toolkits.
>
> I'm also concerned that the Apache soap router appears to be configurable
by
> sending it messages, but I don't see a clear scheme for saying how to
secure
> that capability (like the Deploy and Undeploy options). While I'm not
sure
> doing a deploy/undeploy itself is such a security hole, it could certainly
> be a DoS by undeploying so thats continually get errors. I doubt somebody
> could deploy anything since there would need to be a service to accept the
> newly deployed service, but there may be cases where a fake deploy could
> trick an existing service that was not tightly written.
>
> Despite that, we are still moving ahead with our SOAP implementations for
> e-signatures at Yozons....
>
> David
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
> For additional commands, email: soap-user-help@xml.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
For additional commands, email: soap-user-help@xml.apache.org
Re: Using SOAP A good Idea or bad ???????????
Posted by Sanjiva Weerawarana <sa...@watson.ibm.com>.
Re: configuring Apache SOAP remotely via the ServiceManager service.
You can turn that off by writing a custom config manager (see the
docs) which does not allow the deploy and undeploy functions. That
would turn off the ability to configure Apache SOAP remotely.
Sanjiva.
----- Original Message -----
From: "David Wall" <dw...@Yozons.com>
To: <so...@xml.apache.org>
Sent: Saturday, June 16, 2001 3:39 PM
Subject: Re: Using SOAP A good Idea or bad ???????????
>
> > is and will there be any issues ? any one very confident about the SOAP
> > tech. or it is just another hype.. Please help me in making a decision
> here
>
> I think you'll find there are still interoperability issues between
> platforms and SOAP toolkits.
>
> I'm also concerned that the Apache soap router appears to be configurable
by
> sending it messages, but I don't see a clear scheme for saying how to
secure
> that capability (like the Deploy and Undeploy options). While I'm not
sure
> doing a deploy/undeploy itself is such a security hole, it could certainly
> be a DoS by undeploying so thats continually get errors. I doubt somebody
> could deploy anything since there would need to be a service to accept the
> newly deployed service, but there may be cases where a fake deploy could
> trick an existing service that was not tightly written.
>
> Despite that, we are still moving ahead with our SOAP implementations for
> e-signatures at Yozons....
>
> David
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
> For additional commands, email: soap-user-help@xml.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
For additional commands, email: soap-user-help@xml.apache.org
Re: Using SOAP A good Idea or bad ???????????
Posted by David Wall <dw...@Yozons.com>.
> is and will there be any issues ? any one very confident about the SOAP
> tech. or it is just another hype.. Please help me in making a decision
here
I think you'll find there are still interoperability issues between
platforms and SOAP toolkits.
I'm also concerned that the Apache soap router appears to be configurable by
sending it messages, but I don't see a clear scheme for saying how to secure
that capability (like the Deploy and Undeploy options). While I'm not sure
doing a deploy/undeploy itself is such a security hole, it could certainly
be a DoS by undeploying so thats continually get errors. I doubt somebody
could deploy anything since there would need to be a service to accept the
newly deployed service, but there may be cases where a fake deploy could
trick an existing service that was not tightly written.
Despite that, we are still moving ahead with our SOAP implementations for
e-signatures at Yozons....
David
---------------------------------------------------------------------
To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
For additional commands, email: soap-user-help@xml.apache.org
Re: Using SOAP A good Idea or bad ???????????
Posted by David Wall <dw...@Yozons.com>.
> is and will there be any issues ? any one very confident about the SOAP
> tech. or it is just another hype.. Please help me in making a decision
here
I think you'll find there are still interoperability issues between
platforms and SOAP toolkits.
I'm also concerned that the Apache soap router appears to be configurable by
sending it messages, but I don't see a clear scheme for saying how to secure
that capability (like the Deploy and Undeploy options). While I'm not sure
doing a deploy/undeploy itself is such a security hole, it could certainly
be a DoS by undeploying so thats continually get errors. I doubt somebody
could deploy anything since there would need to be a service to accept the
newly deployed service, but there may be cases where a fake deploy could
trick an existing service that was not tightly written.
Despite that, we are still moving ahead with our SOAP implementations for
e-signatures at Yozons....
David
---------------------------------------------------------------------
To unsubscribe, e-mail: soap-user-unsubscribe@xml.apache.org
For additional commands, email: soap-user-help@xml.apache.org