I have Fedora-Commons 3.6.2 configured and secured with XACML. However in what looks to be an oversight, the SOAP API hasn't been secured within the purview of the XACML. In other words, the API-A operations require authentication via HTTP (Rest) but pass unauthenticated via SOAP. Could someone please suggest the parameter, that I could use to shut down the SOAP interface altogether.
Thanks, John