Skip Headers
Oracle® Fusion Middleware Security and Administrator's Guide for Web Services
11g Release 1 (11.1.1.7)

Part Number B32511-08
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

4 Examining the Rearchitecture of Oracle WSM in Oracle Fusion Middleware

In Oracle Fusion Middleware 11g Release 1, Oracle Web Services Manager (WSM) security and management has been completely redesigned and rearchitected. The previous release, Oracle WSM 10g, was delivered as a standalone product or as a component of the Oracle SOA Suite. In the 11g release, Oracle WSM has been integrated with Oracle WebLogic Server as part of the Oracle Fusion Middleware SOA Suite.

This chapter contains the following sections:

How Oracle WSM 10g is Redesigned in Oracle Fusion Middleware 11g Release 1

Oracle WSM 10g has been rearchitected in Oracle Fusion Middleware 11g Release 1, as follows:

Some Oracle WSM 10g features will not be supported in the first release of Oracle Fusion Middleware:

The comparison between 10g and 11g components is summarized in Table 4-1 and the components are identified in Figure 4-1 and Figure 4-2.

Table 4-1 Comparison of Oracle WSM 10g and Oracle Fusion Middleware 11g Release 1


Description of Functionality Oracle WSM 10g Component Oracle Fusion Middleware 11g Release 1 Component

1

Policy enforcement point

Oracle WSM Server and Client Agents, Oracle WSM Gateway

Oracle WSM Agent which manages the policy interceptors There is no equivalent component for the Oracle WSM Gateway in Oracle Fusion Middleware 11g Release 1.

2

GUI Component to author policies and attach policies to Web services

Web Services Manager Control

Oracle Enterprise Manager Fusion Middleware Control

3

Component to manage policies

Oracle WSM Policy Manager

Oracle WSM Policy Manager

4

Component used to monitor Web services data

Oracle WSM Monitor

Oracle Enterprise Manager Fusion Middleware Control and Oracle Enterprise Manager Grid Control

5

Policy Store

Oracle WSM Database

Oracle WSM Repository


Figure 4-1 illustrate the Oracle WSM 10g components, and the numbers in Table 4-1 identify the components in this figure.

Figure 4-1 Oracle WSM 10g Components

Description of Figure 4-1 follows
Description of "Figure 4-1 Oracle WSM 10g Components"

Figure 4-2 shows the Oracle Fusion Middleware 11g Release 1 components, and the numbers in Table 4-1 correspond to the components in the figure.

Figure 4-2 Oracle Fusion Middleware 11g Web Services Security Components

Description of Figure 4-2 follows
Description of "Figure 4-2 Oracle Fusion Middleware 11g Web Services Security Components"

Comparing Oracle WSM 10g and Oracle WSM 11g Policies

In both Oracle WSM 10g and Oracle WSM 11g, policies are used to enforce security. However, the structure of the policies is somewhat different. In Oracle WSM 10g a policy consists of a Request Pipeline and a Response Pipeline, each comprised of one or more policy steps.

For example, in Figure 4-3, the Request Pipeline consists of the following policy steps: Extract Credentials, LDAP Authenticate, and LDAP Authorize. The Response Pipeline contains a different policy step, XML Encrypt. The Request Pipeline and Response Pipelines can be comprised of different policy steps, and, therefore, different behaviors can be executed in the request and response messages.

Figure 4-3 Oracle WSM 10g Policy Pipeline

Description of Figure 4-3 follows
Description of "Figure 4-3 Oracle WSM 10g Policy Pipeline"

In Oracle WSM 11g, policies are comprised of one or more assertions, and you control the assertions that are used in the request and response messages. For example, in Figure 4-4, the example 11g policy contains two assertions:

  1. wss11-username-with-certificates

  2. binding-authorization

Figure 4-4 Oracle WSM 11g Policy Pipeline

Description of Figure 4-4 follows
Description of "Figure 4-4 Oracle WSM 11g Policy Pipeline"

When the request message is sent to the Web service, the assertions are executed in the order shown. When the response message is returned to the client, the same assertions are executed, but this time in reverse order. The behavior of the assertion for the request message differs from the behavior for the response message. And, in some instances, it is possible that nothing happens on the response. For example, in the example above, the authorization assertion is only executed as part of the request.

For information about how the Oracle WSM 10.1.3 policy steps can be mapped to Oracle WSM 11g predefined policies, see "Upgrading Oracle Web Services Manager Policies" in Oracle Fusion Middleware Upgrade Guide for Oracle SOA Suite, WebCenter Portal, and ADF Release 11g.

Comparing Oracle Application Server 10g WS-Security with Oracle WSM 11g

The following list identifies the primary enhancements to Oracle WSM 11g over Oracle Application Server 10g WS-Security:

Interoperability and Upgrade

Oracle WSM 11g can interoperate with the following 10.1.3 components:

In addition, you can interoperate with the following components:

You can upgrade the following 10.1.3 features to Oracle Fusion Middleware 11g Release 1: