xml-soap-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Wouter Cloetens" <wcloe...@raleigh.ibm.com>
Subject Re: add doGet support
Date Fri, 11 Aug 2000 04:24:54 GMT
On Fri, 11 Aug 2000 09:52:23 -0400, dug@raleigh.ibm.com wrote:

>I have a change to RPCRouterServlet.java that I'd like to
>get feedback on.  Rather than simply returning an error on a
>doGet request, I've added code so that doGet will support
>some of the simple ServiceManagerClient requests.

Uh, are you sure that's a good idea? I'm thinking security here. I
don't want everybody who can send SOAP requests to my server to
actually be able to *administer* my SOAP service manager... I'm not
sure all webservers out there have the ACL granularity allowing POST
requests to go unauthenticated, but forcing a login for GET to the same
URI.

bfn, Wouter
--
http://www.workspot.net/~zombie/soap/
My opinions are irrelevant. They will be assimilated by my employer.


Mime
View raw message