SOAP frustrations

John Keeling johnfkeeling at yahoo.com
Fri Oct 18 22:01:51 CEST 2002


Derek, I totally agree with you. The only extra that I can offer to
what you are saying is that when the organizational politics is
sorted, SOAP/HTTP will offer better a compromise to all parties than
CORBA/IIOP, in general. This is due to the issue that each CORBA
server on a host must have its own port, and the typical
implementation of a CORBA system uses multiple servers per host and
hence multiple ports. SOAP systems are typically designed with much
more conservative use of ports.
Cheers,
John

Derek Thomson <derek at wedgetail.com> wrote in message news:<3db01b05$0$18872$afc38c87 at news.optusnet.com.au>...
> Hi John,
> 
> John Keeling wrote:
> > 
> > Over the internet, you really want to use Web Services rather than
> > CORBA, because CORBA/IIOP uses multiple ports that have to be
> > explicitly allowed on the firewall ( on both the client and server
> > side). This is an admin and security issue.
> 
> Yes. It *is* a security issue. By misusing port 80 for remote procedure 
> calls, you are violating the contract between you and your sysadmin, and 
> quite likely violating your organization's (our your client's) security 
> policy. That port was opened to allow web pages to be served up, not to 
> run bits of arbitrary code on request.
> ....



More information about the Python-list mailing list