What's New

11g Release 1 (11.1.1) includes a complete redesign of Oracle Web Services Manager 10g and Web services security management. For more details about what has changed in Release 11g, see Chapter 4, "Examining the Rearchitecture of Oracle WSM in Oracle Fusion Middleware."

The following topics provide a summary of the features and enhancements in each of the 11g Release 1 releases:

11g Release 1 (

11g Release 1 ( includes the following new features and enhancements:

Global Policy Attachment Enhancements

The global policy attachment feature has been enhanced as follows:

Run-Time Constraints

Oracle WSM provides the ability to specify a run-time constraint that determines the context in which the policy set is relevant, for example external clients outside a firewall versus internal clients. For more information, see "Specifying Run-time Constraints in Policy Sets".

Oracle SPARC Server T-Series Cryptographic Acceleration Support

Ability to configure Oracle WSM to take advantage of Oracle SPARC Server Cryptographic Acceleration. For more information, see "Configuring Oracle WSM for Oracle SPARC T4 Cryptographic Acceleration".

Enhanced Support for WebLogic Java EE Clients in Fusion Middleware Control

Ability to use Fusion Middleware Control to view and monitor Java EE clients and attach Oracle WSM policies.

Test Web Service Enhancements

Enhanced ability to test Web service security using Oracle WSM policies. For more information, see Chapter 12, "Testing Web Services."

Derived Keys and Encrypt Signature Controls Enabled in Fusion Middleware Control

Oracle WSM supports the Derived Key setting in wss11 message protection policies and the Encrypt Signature setting in wss10 and wss11 message protection policies. You can now enable these features using Fusion Middleware Control in the Message Security settings in message protection policies. For more information about these settings, refer to the message protection assertion templates described in Appendix C, "Predefined Assertion Templates."

No Server Restart Required for JKS Keystore Changes

You no longer need to restart the server when you make changes to the JKS keystore. For more information about the JKS keystore, see "Generating Private Keys and Creating the Java Keystore".

Support for Anonymous User with SAML Policies

Oracle WSM supports propagating the anonymous user with SAML policies. For more information, see "Using Anonymous Users with SAML Policies".

Database Support

Oracle WSM is certified with MySQL and Oracle Edition Based Redefinitions (EBR).

Versioned Web Services

Oracle WSM supports multiple versions (namespaces) of a Web service. Service names in WLST input and output, and Fusion Middleware Control, now require the use of the namespace with the service name, for example {http://mynamespace/}myService. For more information, see the following topics:

SAML Issuer Changes

You no longer need to define SAML issuers in the SAML login module. In this release, if you define a SAML issuer using the Platform Policy Configuration page, any issuers added in the SAML login module are ignored. Also, when SAML issuers are added using the platform policy configuration, you do not need to restart the server. For more information, see "Defining Trusted Issuers and Trusted Distinguished Name List for Signing Certificates".

Additional OR Groups Added to wss11_saml_or_username_token_with_message_protection_service_policy

The oracle/wss11_saml_or_username_token_with_message_protection_service_policy now includes five assertions:

For more information, see "Configuring a Policy With an OR Group".

11g Release 1 (

11g Release 1 ( includes the following updates and enhancements:

11g Release 1 (

11g Release 1 ( includes the following new features:

Global Policy Attachments

Oracle Infrastructure Web services provide the ability to create and attach policy sets to subjects on a global scope (domain, server, application, or SOA composite). See:

Oracle Web Services Manager and Oracle Infrastructure Web Services supported on IBM WebSphere

Differences in behavior, and any limitations, are described in "Managing Web Services on IBM WebSphere" in the Oracle Fusion Middleware Third-Party Application Server Guide.

SAML 2.0 Support

There is new configuration control for overriding policy attachments and new predefined SAML 2.0 policies.

Client-side WS-Trust Support

Support for WS-Trust 1.3 policies has been added. WS-Trust extensions provide methods for issuing, renewing, and validating security tokens. See "WS-Trust Policies and Configuration Steps".

Hardware Token Support

Oracle WSM provides the ability to use the LunaSA Hardware Security Manager (HSM) for key storage. See "Using Hardware Security Modules With Oracle WSM".

Oracle WebLogic Web Services Monitoring Enhancements

The Web Service Endpoint page in Oracle Enterprise Manager Fusion Middleware Control provides the ability to monitor policy violations for WebLogic JAX-WS Web services. In addition, the tab that displays Oracle WSM policy information has been renamed to OWSM Policies. For WebLogic JAX-RPC Web services, the endpoint tab is labeled WebLogic Policy Violations.

For more information on monitoring Web services, see "Monitoring the Performance of Web Services".

Usage Analysis Enhancements

The Usage Analysis page in Oracle Enterprise Manager Fusion Middleware Control provides:

For more information on policy usage analysis, see "Analyzing Policy Usage".

Test Web Service Enhancements

The Request/Response tabs on Test Web Services page in Oracle Enterprise Manager Fusion Middleware Control have enhanced usability, as follows:

For more information on testing Web services, see "Testing Web Services".

Install Oracle WSM on a Standalone WebLogic Server

If you have a standalone WebLogic Server environment with JAX-WS Web services and clients deployed, you can install Oracle WSM and use it to secure your Web services and clients. For more information, see "Installing Oracle WSM on WebLogic Server".

Enhanced Specification Support for WS-Policy 1.5 and WS-SecurityPolicy 1.2, 1.3

Supported versions, with links to the specifications, are provided in "Supported Standards" in Developer's Guide for Oracle Infrastructure Web Services.

For information about valid version combinations, see "Policy Advertisement".

New Extensibility Guide for Creating Custom Assertions

All information related to developing custom assertions has been moved from this guide and into the new Extensibility Guide for Oracle Web Services Manager.

11g Release 1 (

11g Release 1 ( includes the following new features:

11g Release 1 (

11g Release 1 ( includes the following new features:

11g Release 1 (11.1.1)

11g Release 1 (11.1.1) includes the following new features: