Hello all,
I am a newbie in WebServices. I wonder if all WSDLs are public? Aren’t there any WSDLs that are kept after a login process like in OWASP’s WebGoat project?
Thanks in advance.
It means that it happens but in so rare situations. Thanks a lot for your reply.
Completely private WSDL is kind of self-defeating, no? There are some folks who hide the WSDL so as not to expose their API, but that is getting to be rarer and rarer these days. Hiding your WSDL is fundamentally security by obscurity which is never a good thing to rely upon.