For all those that ignored security as a major concern of SOA (me included), here’s an excerpt from the soapUI welcome screen today:
Warning! Do not use soapUI to withdraw money!
Eviware software has been alerted to users using soapUI to withdraw large sums of money from the European National Bank.
So far millions of Euro has left the European National Bank further enhancing the credit crisis in Europe. The Perpetrators has been downloading a WSDL from the European National Banks Web Service using a security flaw to retrieve large sums of money from the European National Bank, “The Fort Knox of Europe”.
“At eviware we take this issue seriously and are working with the people at the ENB to solve the problem” says Dain Nilsson, Security Expert from eviware Switzerland, “The solution is not many days away, but due to the complexity of the Web Services and the powerful features of soapUI, the WSDL allows for untraceable withdrawals from the ENB.” At eviware we urge all users not to download the WSDL found here and take advantage of a critical situation. Europe has a tough time as it is.
Scary isn’t it? Might happen to YOUR SOA if you don’t do your security homework.