axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ramon Turnes <ramon.turnes-pe...@hermes.si>
Subject RE: Hiding access to Admin Servlet
Date Mon, 15 Apr 2002 08:29:29 GMT

But how do I go about limiting access to individual web services? 
Basically I am interesed in the following two cases:

1. How can I limit the access to the AdminService 
2. I want to administer my Web Services so I would they could actually
have a broader interface for administrators (let's say through an 
"admin" method. Is it possible to control the access on a method 
basis? 

Thanks.

Ramón.


> -----Original Message-----
> From: Bryan Field-Elliot [mailto:bryan_lists@netmeme.org]
> Sent: Wednesday, April 10, 2002 8:50 PM
> To: axis-user@xml.apache.org
> Subject: Re: Hiding access to Admin Servlet
> 
> 
> This is all contained in "web.xml" (under WEB-INF). web.xml is
> Servlet-generic (rather than webserver-specific) and is 
> well-documented
> in the Sun Servlet spec. You can modify web.xml to change the
> AdminServlet path, remove it entirely, or add authorization 
> constraints
> to it.
> 
> 
> 
> 
> On Wed, 2002-04-10 at 10:31, Iain Darroch wrote:
> > 
> > Hi, 
> > 
> > I've found that browsing to 
> http://machine:8080/axis/servlet/AdminServlet
> > allows me to start and stop the AxisServlet.  No big surprise
> > there.  However the problem is that I can access this page from any
> > webbrowser running anywhere.  I would like to be able to 
> restirict access
> > so only the host machine would be allowed access.
> > 
> > Is there a way for doing this in access or is it webserver specific?
> > I'm using tomcat.
> > 
> > Thanks
> > 
> > Iain
> 

Mime
View raw message