servicemix-http and service endpoints

[Michael Studman <ms...@ovid.com>]

Hi,

 

It seems that when using servicemix-http (M2) to add a WS binding to a
JBI service, a WS-Addressing "To" header will override the
service/endpoint name specified in the SU's configuration. This allows
sending a message to one JBI service's web service but have it
ultimately delivered to a totally different service.

 

I need the WS-Addressing goodness so I can specify the
operation/interface name through "Action" header but would like to keep
a tight rein on exactly what I allow exposed as a web service. Can any
servicemix developers recommend how I do this?

 

Michael.

Re: servicemix-http and service endpoints

[Guillaume Nodet <gn...@gmail.com>]

The only option I see while keeping WS-Addressing is to use
the authentication / authorization mechanism to only allow
some endpoint to be targeted for a given role.
This is not documented yet, but you will find example in
the junit tests.
Else, you could use some kind of content based routing and
have a better control on the targets you allow.


On 7/27/06, Michael Studman <ms...@ovid.com> wrote:
>
> Hi,
>
>
>
> It seems that when using servicemix-http (M2) to add a WS binding to a
> JBI service, a WS-Addressing "To" header will override the
> service/endpoint name specified in the SU's configuration. This allows
> sending a message to one JBI service's web service but have it
> ultimately delivered to a totally different service.
>
>
>
> I need the WS-Addressing goodness so I can specify the
> operation/interface name through "Action" header but would like to keep
> a tight rein on exactly what I allow exposed as a web service. Can any
> servicemix developers recommend how I do this?
>
>
>
> Michael.
>
>
>


-- 
Cheers,
Guillaume Nodet