SOAP frustrations

Derek Thomson derek at wedgetail.com
Sat Oct 19 05:46:42 CEST 2002


Andrew Dalke wrote:
> Derek Thomson wrote:
> 
>> I predict it won't be easier to run SOAP through firewalls for long. 
>> Wait until sysadmins realize you are running RPC calls ever port 80, 
>> and filter incoming SOAP requests out.
>>
>> I know forwarding thinking sysadmins already starting to do this, as 
>> port 80 was *not* opened for RPC, and any attempt to use it as such 
>> would violate their organization's security policies, and requires 
>> explicit permission.
> 
> 
> Yeah?  And when they find out I'm running CGI scripts accessible
> through port 80 then they'll shut down those RPCs too?

In most environments, CGI scripts have to be carefully vetted and approved.

That's the point. You can't, and shouldn't, "hack around" the 
organisation's security. You *have* to get authorization for this stuff. 
Therefore SOAP hasn't solved anything, and you are back to square one - 
needing authorization to run this stuff over the firewall.

This is my point - it's not any "easier" to go over a firewall using 
SOAP, as the problem is non-technical in nature.

--
D.




More information about the Python-list mailing list