[wsas-java-dev] Security improvements to WSAS
James Clark
james at wso2.com
Sun Feb 4 22:42:32 PST 2007
>
> Why should the initial setup be that secure? I do not think anyone would
> deploy the initial setup in a production environment.
The short answer is that we should make things secure even for people
that are not sophisticated, competent and security-savvy.
The simplest, more direct way to get something deployed on some server
is to set things up directly on that server. Obviously eBay isn't going
to do that, but maybe some overworked admin who's deploying on some
virtual hosted system somewhere might do. If they don't deploy it
directly, then they have to somehow move it over, which may not be
trivial: they may not have any local systems that are similar to the
production system. Also think of the case of using WSAS for the mashup
server: this is running on users' PCs that are connected directly to the
internet.
James
More information about the Wsas-java-dev
mailing list