You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Luis Mariano Luporini <ll...@gmail.com> on 2007/05/24 22:55:24 UTC
Axis2 service level access by IP address
Hi,
I been trying since this morning to get around this but did not
succeeded. I'm starting to get a little frustrated so I think, by now,
the best path is to trust in others knowledge.
Anyway, I'm using Axis2 1.2, Tomcat 6.0.10 and Sun J2SE 1.5.0.11 on FC5
Linux.
I'm trying to figure out a way to restrict access to services based on
client IP address.
Let's say I have 3 services:
1. MyPublicService: This needs to be available for any client IP address.
2. MyPrivateService: This needs to be available for my local subnet, for
example 192.168.0.0/24 only.
3. MyPremiumService: This needs to be available for a list of configured
IP addresses.
I need a way to restrict access following above requirements and without
the need to write code for that.
Is there a way to configure this behavior somewhere or I will need to
rely on some kind of reverse proxy (Apache, Lighty, etc) to control
access based on URL pattern matching and client IP?
Hope someone can give me a pointer.
Thanks in advance.
Luis
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Axis2 service level access by IP address
Posted by Luis Mariano Luporini <ll...@gmail.com>.
Well Paul, that is really great to hear. I will be trying these products.
I do not think I'll have a particular config, but anyway your help is
really appreciated.
I come from a C background and sometimes I'm a little hesitant when a
Java project involves with scalability matters. But again, I know am
overparanoid about it.
I've just realized that there is a C implementation of WSF and also a
PHP binding too. They could be really helpful to me.
I will do some simple testing on these products and provide feedback in
the next days.
Thanks for your help and valuable answers.
Regards,
Luis
Paul Fremantle escribió:
> Luis
>
> We are planning our 1.0 any day. We believe that Synapse is close to
> production. If you have a specific config, we might be able to do some
> extended testing in our test lab. And the ESB comes with full
> production support.
>
> Paul
>
> On 5/24/07, Luis Mariano Luporini <ll...@gmail.com> wrote:
>> Paul:
>>
>> This seems very interesting. I will go deeper on it.
>>
>> The only concern (at this point I spent just a few minutes
>> navigating the sites) could be that I need to go to production with a
>> solution and maybe I'll need too much test on these ones (I'm a little
>> paranoid usually).
>>
>> Anyway, these do seem very powerful.
>>
>> I'll test them and provide feedback.
>>
>> Thanks again for your help.
>>
>> Luis
>>
>> Paul Fremantle escribió:
>> > Another approach without using code is Apache Synapse
>> > (http://ws.apache.org/synapse). In Synapse we offer the ability to do
>> > Regex type matching on properties. The WSO2 throttling code is also
>> > available on top of Synapse inside the WSO2 ESB
>> > (http://wso2.org/projects/esb/java) (basically Synapse+ an AJAX GUI).
>> >
>> > Our early tests show that for 1k in/1k out messages sizes the overhead
>> > of using Synapse is <1ms for simple routing. I imagine an IP based
>> > check would fit into this range.
>> >
>> > Paul
>> >
>> > On 5/24/07, Luis Mariano Luporini <ll...@gmail.com> wrote:
>> >> Paul, you are right.
>> >>
>> >> I would like to handle this at a configuration level instead of
>> relying
>> >> on coding.
>> >>
>> >> I know I can make a module for this, think something like Marcello
>> >> pointed to me some minutes ago
>> >> (http://wso2.org/projects/commons/throttle).
>> >>
>> >> I was hoping to find a way to handle it natively in a tomcat/axis2
>> setup
>> >> but maybe it's not yet there without involving code.
>> >>
>> >> Thanks for your response.
>> >>
>> >> Luis
>> >>
>> >> Paul Fremantle escribió:
>> >> > Luis
>> >> >
>> >> > According to JIRA 1610 you can retrieve the IP address this way:
>> >> > String remoteClientAddress =
>> >> > messageContext.getProperty(MessageContext.REMOTE_ADDR);
>> >> >
>> >> > Paul
>> >> >
>> >> > On 5/24/07, Luis Mariano Luporini <ll...@gmail.com> wrote:
>> >> >> Hi,
>> >> >>
>> >> >> I been trying since this morning to get around this but did not
>> >> >> succeeded. I'm starting to get a little frustrated so I think, by
>> >> now,
>> >> >> the best path is to trust in others knowledge.
>> >> >>
>> >> >> Anyway, I'm using Axis2 1.2, Tomcat 6.0.10 and Sun J2SE 1.5.0.11
>> >> on FC5
>> >> >> Linux.
>> >> >>
>> >> >> I'm trying to figure out a way to restrict access to services
>> >> based on
>> >> >> client IP address.
>> >> >>
>> >> >> Let's say I have 3 services:
>> >> >>
>> >> >> 1. MyPublicService: This needs to be available for any client IP
>> >> >> address.
>> >> >> 2. MyPrivateService: This needs to be available for my local
>> >> subnet, for
>> >> >> example 192.168.0.0/24 only.
>> >> >> 3. MyPremiumService: This needs to be available for a list of
>> >> configured
>> >> >> IP addresses.
>> >> >>
>> >> >> I need a way to restrict access following above requirements and
>> >> without
>> >> >> the need to write code for that.
>> >> >>
>> >> >> Is there a way to configure this behavior somewhere or I will
>> need to
>> >> >> rely on some kind of reverse proxy (Apache, Lighty, etc) to
>> control
>> >> >> access based on URL pattern matching and client IP?
>> >> >>
>> >> >> Hope someone can give me a pointer.
>> >> >>
>> >> >> Thanks in advance.
>> >> >>
>> >> >> Luis
>> >> >>
>> >> >>
>> >> >>
>> >> >>
>> ---------------------------------------------------------------------
>> >> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> >> >> For additional commands, e-mail: axis-user-help@ws.apache.org
>> >> >>
>> >> >>
>> >> >
>> >> >
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> >> For additional commands, e-mail: axis-user-help@ws.apache.org
>> >>
>> >>
>> >
>> >
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>>
>>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Axis2 service level access by IP address
Posted by Paul Fremantle <pz...@gmail.com>.
Luis
We are planning our 1.0 any day. We believe that Synapse is close to
production. If you have a specific config, we might be able to do some
extended testing in our test lab. And the ESB comes with full
production support.
Paul
On 5/24/07, Luis Mariano Luporini <ll...@gmail.com> wrote:
> Paul:
>
> This seems very interesting. I will go deeper on it.
>
> The only concern (at this point I spent just a few minutes
> navigating the sites) could be that I need to go to production with a
> solution and maybe I'll need too much test on these ones (I'm a little
> paranoid usually).
>
> Anyway, these do seem very powerful.
>
> I'll test them and provide feedback.
>
> Thanks again for your help.
>
> Luis
>
> Paul Fremantle escribió:
> > Another approach without using code is Apache Synapse
> > (http://ws.apache.org/synapse). In Synapse we offer the ability to do
> > Regex type matching on properties. The WSO2 throttling code is also
> > available on top of Synapse inside the WSO2 ESB
> > (http://wso2.org/projects/esb/java) (basically Synapse+ an AJAX GUI).
> >
> > Our early tests show that for 1k in/1k out messages sizes the overhead
> > of using Synapse is <1ms for simple routing. I imagine an IP based
> > check would fit into this range.
> >
> > Paul
> >
> > On 5/24/07, Luis Mariano Luporini <ll...@gmail.com> wrote:
> >> Paul, you are right.
> >>
> >> I would like to handle this at a configuration level instead of relying
> >> on coding.
> >>
> >> I know I can make a module for this, think something like Marcello
> >> pointed to me some minutes ago
> >> (http://wso2.org/projects/commons/throttle).
> >>
> >> I was hoping to find a way to handle it natively in a tomcat/axis2 setup
> >> but maybe it's not yet there without involving code.
> >>
> >> Thanks for your response.
> >>
> >> Luis
> >>
> >> Paul Fremantle escribió:
> >> > Luis
> >> >
> >> > According to JIRA 1610 you can retrieve the IP address this way:
> >> > String remoteClientAddress =
> >> > messageContext.getProperty(MessageContext.REMOTE_ADDR);
> >> >
> >> > Paul
> >> >
> >> > On 5/24/07, Luis Mariano Luporini <ll...@gmail.com> wrote:
> >> >> Hi,
> >> >>
> >> >> I been trying since this morning to get around this but did not
> >> >> succeeded. I'm starting to get a little frustrated so I think, by
> >> now,
> >> >> the best path is to trust in others knowledge.
> >> >>
> >> >> Anyway, I'm using Axis2 1.2, Tomcat 6.0.10 and Sun J2SE 1.5.0.11
> >> on FC5
> >> >> Linux.
> >> >>
> >> >> I'm trying to figure out a way to restrict access to services
> >> based on
> >> >> client IP address.
> >> >>
> >> >> Let's say I have 3 services:
> >> >>
> >> >> 1. MyPublicService: This needs to be available for any client IP
> >> >> address.
> >> >> 2. MyPrivateService: This needs to be available for my local
> >> subnet, for
> >> >> example 192.168.0.0/24 only.
> >> >> 3. MyPremiumService: This needs to be available for a list of
> >> configured
> >> >> IP addresses.
> >> >>
> >> >> I need a way to restrict access following above requirements and
> >> without
> >> >> the need to write code for that.
> >> >>
> >> >> Is there a way to configure this behavior somewhere or I will need to
> >> >> rely on some kind of reverse proxy (Apache, Lighty, etc) to control
> >> >> access based on URL pattern matching and client IP?
> >> >>
> >> >> Hope someone can give me a pointer.
> >> >>
> >> >> Thanks in advance.
> >> >>
> >> >> Luis
> >> >>
> >> >>
> >> >>
> >> >> ---------------------------------------------------------------------
> >> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> >> >> For additional commands, e-mail: axis-user-help@ws.apache.org
> >> >>
> >> >>
> >> >
> >> >
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> >> For additional commands, e-mail: axis-user-help@ws.apache.org
> >>
> >>
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
--
Paul Fremantle
Co-Founder and VP of Technical Sales, WSO2
OASIS WS-RX TC Co-chair
blog: http://pzf.fremantle.org
paul@wso2.com
"Oxygenating the Web Service Platform", www.wso2.com
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Axis2 service level access by IP address
Posted by Luis Mariano Luporini <ll...@gmail.com>.
Paul:
This seems very interesting. I will go deeper on it.
The only concern (at this point I spent just a few minutes
navigating the sites) could be that I need to go to production with a
solution and maybe I'll need too much test on these ones (I'm a little
paranoid usually).
Anyway, these do seem very powerful.
I'll test them and provide feedback.
Thanks again for your help.
Luis
Paul Fremantle escribió:
> Another approach without using code is Apache Synapse
> (http://ws.apache.org/synapse). In Synapse we offer the ability to do
> Regex type matching on properties. The WSO2 throttling code is also
> available on top of Synapse inside the WSO2 ESB
> (http://wso2.org/projects/esb/java) (basically Synapse+ an AJAX GUI).
>
> Our early tests show that for 1k in/1k out messages sizes the overhead
> of using Synapse is <1ms for simple routing. I imagine an IP based
> check would fit into this range.
>
> Paul
>
> On 5/24/07, Luis Mariano Luporini <ll...@gmail.com> wrote:
>> Paul, you are right.
>>
>> I would like to handle this at a configuration level instead of relying
>> on coding.
>>
>> I know I can make a module for this, think something like Marcello
>> pointed to me some minutes ago
>> (http://wso2.org/projects/commons/throttle).
>>
>> I was hoping to find a way to handle it natively in a tomcat/axis2 setup
>> but maybe it's not yet there without involving code.
>>
>> Thanks for your response.
>>
>> Luis
>>
>> Paul Fremantle escribió:
>> > Luis
>> >
>> > According to JIRA 1610 you can retrieve the IP address this way:
>> > String remoteClientAddress =
>> > messageContext.getProperty(MessageContext.REMOTE_ADDR);
>> >
>> > Paul
>> >
>> > On 5/24/07, Luis Mariano Luporini <ll...@gmail.com> wrote:
>> >> Hi,
>> >>
>> >> I been trying since this morning to get around this but did not
>> >> succeeded. I'm starting to get a little frustrated so I think, by
>> now,
>> >> the best path is to trust in others knowledge.
>> >>
>> >> Anyway, I'm using Axis2 1.2, Tomcat 6.0.10 and Sun J2SE 1.5.0.11
>> on FC5
>> >> Linux.
>> >>
>> >> I'm trying to figure out a way to restrict access to services
>> based on
>> >> client IP address.
>> >>
>> >> Let's say I have 3 services:
>> >>
>> >> 1. MyPublicService: This needs to be available for any client IP
>> >> address.
>> >> 2. MyPrivateService: This needs to be available for my local
>> subnet, for
>> >> example 192.168.0.0/24 only.
>> >> 3. MyPremiumService: This needs to be available for a list of
>> configured
>> >> IP addresses.
>> >>
>> >> I need a way to restrict access following above requirements and
>> without
>> >> the need to write code for that.
>> >>
>> >> Is there a way to configure this behavior somewhere or I will need to
>> >> rely on some kind of reverse proxy (Apache, Lighty, etc) to control
>> >> access based on URL pattern matching and client IP?
>> >>
>> >> Hope someone can give me a pointer.
>> >>
>> >> Thanks in advance.
>> >>
>> >> Luis
>> >>
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> >> For additional commands, e-mail: axis-user-help@ws.apache.org
>> >>
>> >>
>> >
>> >
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>>
>>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Axis2 service level access by IP address
Posted by Paul Fremantle <pz...@gmail.com>.
Another approach without using code is Apache Synapse
(http://ws.apache.org/synapse). In Synapse we offer the ability to do
Regex type matching on properties. The WSO2 throttling code is also
available on top of Synapse inside the WSO2 ESB
(http://wso2.org/projects/esb/java) (basically Synapse+ an AJAX GUI).
Our early tests show that for 1k in/1k out messages sizes the overhead
of using Synapse is <1ms for simple routing. I imagine an IP based
check would fit into this range.
Paul
On 5/24/07, Luis Mariano Luporini <ll...@gmail.com> wrote:
> Paul, you are right.
>
> I would like to handle this at a configuration level instead of relying
> on coding.
>
> I know I can make a module for this, think something like Marcello
> pointed to me some minutes ago (http://wso2.org/projects/commons/throttle).
>
> I was hoping to find a way to handle it natively in a tomcat/axis2 setup
> but maybe it's not yet there without involving code.
>
> Thanks for your response.
>
> Luis
>
> Paul Fremantle escribió:
> > Luis
> >
> > According to JIRA 1610 you can retrieve the IP address this way:
> > String remoteClientAddress =
> > messageContext.getProperty(MessageContext.REMOTE_ADDR);
> >
> > Paul
> >
> > On 5/24/07, Luis Mariano Luporini <ll...@gmail.com> wrote:
> >> Hi,
> >>
> >> I been trying since this morning to get around this but did not
> >> succeeded. I'm starting to get a little frustrated so I think, by now,
> >> the best path is to trust in others knowledge.
> >>
> >> Anyway, I'm using Axis2 1.2, Tomcat 6.0.10 and Sun J2SE 1.5.0.11 on FC5
> >> Linux.
> >>
> >> I'm trying to figure out a way to restrict access to services based on
> >> client IP address.
> >>
> >> Let's say I have 3 services:
> >>
> >> 1. MyPublicService: This needs to be available for any client IP
> >> address.
> >> 2. MyPrivateService: This needs to be available for my local subnet, for
> >> example 192.168.0.0/24 only.
> >> 3. MyPremiumService: This needs to be available for a list of configured
> >> IP addresses.
> >>
> >> I need a way to restrict access following above requirements and without
> >> the need to write code for that.
> >>
> >> Is there a way to configure this behavior somewhere or I will need to
> >> rely on some kind of reverse proxy (Apache, Lighty, etc) to control
> >> access based on URL pattern matching and client IP?
> >>
> >> Hope someone can give me a pointer.
> >>
> >> Thanks in advance.
> >>
> >> Luis
> >>
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> >> For additional commands, e-mail: axis-user-help@ws.apache.org
> >>
> >>
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
--
Paul Fremantle
Co-Founder and VP of Technical Sales, WSO2
OASIS WS-RX TC Co-chair
blog: http://pzf.fremantle.org
paul@wso2.com
"Oxygenating the Web Service Platform", www.wso2.com
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Axis2 service level access by IP address
Posted by Luis Mariano Luporini <ll...@gmail.com>.
Paul, you are right.
I would like to handle this at a configuration level instead of relying
on coding.
I know I can make a module for this, think something like Marcello
pointed to me some minutes ago (http://wso2.org/projects/commons/throttle).
I was hoping to find a way to handle it natively in a tomcat/axis2 setup
but maybe it's not yet there without involving code.
Thanks for your response.
Luis
Paul Fremantle escribió:
> Luis
>
> According to JIRA 1610 you can retrieve the IP address this way:
> String remoteClientAddress =
> messageContext.getProperty(MessageContext.REMOTE_ADDR);
>
> Paul
>
> On 5/24/07, Luis Mariano Luporini <ll...@gmail.com> wrote:
>> Hi,
>>
>> I been trying since this morning to get around this but did not
>> succeeded. I'm starting to get a little frustrated so I think, by now,
>> the best path is to trust in others knowledge.
>>
>> Anyway, I'm using Axis2 1.2, Tomcat 6.0.10 and Sun J2SE 1.5.0.11 on FC5
>> Linux.
>>
>> I'm trying to figure out a way to restrict access to services based on
>> client IP address.
>>
>> Let's say I have 3 services:
>>
>> 1. MyPublicService: This needs to be available for any client IP
>> address.
>> 2. MyPrivateService: This needs to be available for my local subnet, for
>> example 192.168.0.0/24 only.
>> 3. MyPremiumService: This needs to be available for a list of configured
>> IP addresses.
>>
>> I need a way to restrict access following above requirements and without
>> the need to write code for that.
>>
>> Is there a way to configure this behavior somewhere or I will need to
>> rely on some kind of reverse proxy (Apache, Lighty, etc) to control
>> access based on URL pattern matching and client IP?
>>
>> Hope someone can give me a pointer.
>>
>> Thanks in advance.
>>
>> Luis
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>>
>>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Axis2 service level access by IP address
Posted by Paul Fremantle <pz...@gmail.com>.
Luis
According to JIRA 1610 you can retrieve the IP address this way:
String remoteClientAddress =
messageContext.getProperty(MessageContext.REMOTE_ADDR);
Paul
On 5/24/07, Luis Mariano Luporini <ll...@gmail.com> wrote:
> Hi,
>
> I been trying since this morning to get around this but did not
> succeeded. I'm starting to get a little frustrated so I think, by now,
> the best path is to trust in others knowledge.
>
> Anyway, I'm using Axis2 1.2, Tomcat 6.0.10 and Sun J2SE 1.5.0.11 on FC5
> Linux.
>
> I'm trying to figure out a way to restrict access to services based on
> client IP address.
>
> Let's say I have 3 services:
>
> 1. MyPublicService: This needs to be available for any client IP address.
> 2. MyPrivateService: This needs to be available for my local subnet, for
> example 192.168.0.0/24 only.
> 3. MyPremiumService: This needs to be available for a list of configured
> IP addresses.
>
> I need a way to restrict access following above requirements and without
> the need to write code for that.
>
> Is there a way to configure this behavior somewhere or I will need to
> rely on some kind of reverse proxy (Apache, Lighty, etc) to control
> access based on URL pattern matching and client IP?
>
> Hope someone can give me a pointer.
>
> Thanks in advance.
>
> Luis
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
--
Paul Fremantle
Co-Founder and VP of Technical Sales, WSO2
OASIS WS-RX TC Co-chair
blog: http://pzf.fremantle.org
paul@wso2.com
"Oxygenating the Web Service Platform", www.wso2.com
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Axis2 service level access by IP address
Posted by Luis Mariano Luporini <ll...@gmail.com>.
Wow, that was a quick response.
I've just went to the link you provided, I will need to go deeper but it
may seem like a solution for my needs.
Anyway, I will have to test how this scales in production as opposed to
a proxy-like setup filtering directly on HTTP URL and client IP.
I will provide more info after researching on this.
Thanks Marcello, this was very helpful.
Luis
Marcello Sales escribió:
> Hello Luiz,
>
> I think you are talking about Throttling mechanism, right? If so,
> there's a project at wso2.org, which description is as follows
> (http://wso2.org/projects/commons/throttle):
>
> "WSO2 Throttle is an add-on module for Apache Axis2/WSO2 WSAS 1.1 and
> above. This module is used for controlling client access to Web
> services. Access throttling can be configured at a global level, service
> level or operation level."
>
> ... Is there anyone from WSO2 who could talk about that???
>
> Thanks!
>
> Marcello
>
> -----Original Message-----
> From: Luis Mariano Luporini [mailto:lluporini@gmail.com]
> Sent: Thursday, May 24, 2007 1:55 PM
> To: axis-user@ws.apache.org
> Subject: Axis2 service level access by IP address
>
> Hi,
>
> I been trying since this morning to get around this but did not
> succeeded. I'm starting to get a little frustrated so I think, by now,
> the best path is to trust in others knowledge.
>
> Anyway, I'm using Axis2 1.2, Tomcat 6.0.10 and Sun J2SE 1.5.0.11 on FC5
> Linux.
>
> I'm trying to figure out a way to restrict access to services based on
> client IP address.
>
> Let's say I have 3 services:
>
> 1. MyPublicService: This needs to be available for any client IP
> address.
> 2. MyPrivateService: This needs to be available for my local subnet, for
> example 192.168.0.0/24 only.
> 3. MyPremiumService: This needs to be available for a list of configured
> IP addresses.
>
> I need a way to restrict access following above requirements and without
> the need to write code for that.
>
> Is there a way to configure this behavior somewhere or I will need to
> rely on some kind of reverse proxy (Apache, Lighty, etc) to control
> access based on URL pattern matching and client IP?
>
> Hope someone can give me a pointer.
>
> Thanks in advance.
>
> Luis
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
RE: Axis2 service level access by IP address
Posted by Marcello Sales <ms...@collab.net>.
Hello Luiz,
I think you are talking about Throttling mechanism, right? If so,
there's a project at wso2.org, which description is as follows
(http://wso2.org/projects/commons/throttle):
"WSO2 Throttle is an add-on module for Apache Axis2/WSO2 WSAS 1.1 and
above. This module is used for controlling client access to Web
services. Access throttling can be configured at a global level, service
level or operation level."
... Is there anyone from WSO2 who could talk about that???
Thanks!
Marcello
-----Original Message-----
From: Luis Mariano Luporini [mailto:lluporini@gmail.com]
Sent: Thursday, May 24, 2007 1:55 PM
To: axis-user@ws.apache.org
Subject: Axis2 service level access by IP address
Hi,
I been trying since this morning to get around this but did not
succeeded. I'm starting to get a little frustrated so I think, by now,
the best path is to trust in others knowledge.
Anyway, I'm using Axis2 1.2, Tomcat 6.0.10 and Sun J2SE 1.5.0.11 on FC5
Linux.
I'm trying to figure out a way to restrict access to services based on
client IP address.
Let's say I have 3 services:
1. MyPublicService: This needs to be available for any client IP
address.
2. MyPrivateService: This needs to be available for my local subnet, for
example 192.168.0.0/24 only.
3. MyPremiumService: This needs to be available for a list of configured
IP addresses.
I need a way to restrict access following above requirements and without
the need to write code for that.
Is there a way to configure this behavior somewhere or I will need to
rely on some kind of reverse proxy (Apache, Lighty, etc) to control
access based on URL pattern matching and client IP?
Hope someone can give me a pointer.
Thanks in advance.
Luis
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org