Configure the following fields on the Settings tab:
Resource:
Enter the URL for the target resource (for example, Web Service). Alternatively,
if this policy is reused for multiple services, enter a URL using message attribute
properties, which are expanded at runtime to the value of the specified attribute.
For example:
| | |
|
${http.destination.protocol}://${http.destination.host}:${http.destination.port}${http.request.uri}
| |
| | |
|
Resource Naming Authority:
Enter gatewayResource to match the Naming Authority Definition
loaded in the Oracle Entitlements Server settings. For more details, see
Oracle Security Service Module Settings.
Action:
Enter the HTTP verb (for example, POST , GET ,
DELETE , and so on). Alternatively, if this policy is reused
for multiple services, enter a message attribute property, which is
expanded at runtime to the value of the specified attribute
(for example, ${http.request.verb }).
Action Naming Authority:
Enter gatewayAction to match the Naming Authority Definition
loaded in the Oracle Entitlements Server settings. For more details, see
Oracle Security Service Module Settings.
How access request is processed:
Select one of the following options:
ONCE |
Specifies that the authorization query is only asked once
for a resource and action. |
POST |
Specifies that the authorization query is asked after a resource
is acquired, but before it has been processed or presented. |
PRIOR |
Specifies that the authorization query is asked before a resource
is acquired. |
|