[Erlyaws-list] yaws 1.62
Gaspar Chilingarov
nm@REDACTED
Sun Jun 11 20:44:49 CEST 2006
Hi, Yariv!
Yariv Sadan wrote:
> Hi,
>
> Is there a way of exposing only specific functions/modules to JSON-RPC
> and making the rest inaccessible (for security)?
>
> Thanks
> Yariv
you are expriclity passing to yaws_(json|xml)rpc:handler(_session) which
Module:Function should be called ;)
*RPC methods are passed as one of the arguments to that function -- i.e.
in payload which have {call, Method, Arguments} form, Method is an atom.
so you can define
handle_rpc(State, {call, add, [ A, B ]}) ->
{false, {response, [ A + B ]}};
handle_rpc(State, {call, substract, [ A, B ]}) ->
{false, {response, [ A - B ]}}.
Thus you will explictly allow RPC caller use 2 methods - add and substract.
Regards, Gaspar
x-posted to erlang-questions too.
--
Gaspar Chilingarov
System Administrator,
Network security consulting
t +37493 419763 (mob)
i 63174784
e nm@REDACTED
More information about the erlang-questions
mailing list