SOAP frustrations

Andrew Dalke adalke at mindspring.com
Fri Oct 18 22:29:54 CEST 2002


Derek Thomson wrote:
> I predict it won't be easier to run SOAP through firewalls for long. 
> Wait until sysadmins realize you are running RPC calls ever port 80, and 
> filter incoming SOAP requests out.
> 
> I know forwarding thinking sysadmins already starting to do this, as 
> port 80 was *not* opened for RPC, and any attempt to use it as such 
> would violate their organization's security policies, and requires 
> explicit permission.

Yeah?  And when they find out I'm running CGI scripts accessible
through port 80 then they'll shut down those RPCs too?

Shouldn't the filtering be done on the URI for the SOAP request?
That is, only requests to public/published requests should go through
and others are blocked?

It's besides the point in that the service I'm helping provide (I'm
the OP for this thread) is all behind the firewall and only for internal
users.  Ditto for the CGI scripts.  Though I don't know if they have
internal firewalls.

					Andrew
					dalke at dalkescientific.com




More information about the Python-list mailing list