SOAP UI access control
SOAP UI is an open source tool and it is currently used in our project for testing multiple services.Our client has security concerns since anyone who has service endpoint can invoke the service using...
Forum Discussion
SmartBear_Suppo
Alumni
AlumniRight. This security concern should be implemented at the web service level. You should easily restrict the web service to use WS-Security, user authentication, or some network restriction like a application server whitelist to include your authorized users.
SoapUI can then be used to test and send in authentication if need be, but as a tool itself, it doesn't implement security on your web service for you. Even without SoapUI, people can still access your web service with curl scripts and other methods while your web service is unsecured.
Thanks,
Michael Giller
SmartBear Software
SoapUI can then be used to test and send in authentication if need be, but as a tool itself, it doesn't implement security on your web service for you. Even without SoapUI, people can still access your web service with curl scripts and other methods while your web service is unsecured.
Thanks,
Michael Giller
SmartBear Software