This chapter documents the Applications page in the Mobile Security Access Server (MSAS) console. To open this page from the Mobile Security Launch Pad, select Applications in the Mobile Security Access Server section.
The following topics are covered:
The Mobile Security Access Server (MSAS) provides a central access control point in the DMZ to secure traffic from mobile devices to back-end URLs. It can act as a reverse proxy (URL virtualization) and a forward proxy.
For URL virtualization you create a virtual URL for an existing back-end URL, where the virtual URL acts like a reverse proxy for the back-end URL. In reverse proxy, the client does not know anything about the back-end URL. It is hidden and the client sees only the virtual URL. In the forward proxy case, the clients know about the back-end URL and can hit it directly with MSAS as the proxy server.
Mobile Security Access Server applications group related URLs to be proxied through the server. Each application:
Contains the definition of one or more virtual URLs or proxy URLs.
Contains related security artifacts and access policies attached to each URL.
The applications are deployed to MSAS instances, and can be exported and imported from test to production environments.
When you create an MSAS instance, several reserved applications are created by default. For details about these applications, see "Reserved Applications in MSAS" in Administering Oracle Mobile Security Access Server.
Use the MSAS Applications page to:
View a list of applications across all MSAS instances or an individual instance.
Search for applications.
Import an application.
Create a virtual or proxy application.
Navigate to the MSAS Applications Detail page where you can view, edit, and export an application.
Delete or export an application.
The MSAS Applications page is arranged in the following sections:
Use the Search section of the MSAS Applications page to perform an advanced search for applications in the repository. The results that are returned are the applications that meet the conditions specified in the Search and Type fields, and sorted as specified in the drop-down.
Element | Description |
---|---|
Search |
Select the operator to use to refine the search and enter the search value in the search field. Valid search operators are:
Use percent |
Type | Specify the type of applications for which you want to search and display in the results. Valid options are:
|
Sort By | Select the order in which the results are displayed: Name, MSAS Instance Name, or Last Modified. |
Perform the following actions on this page to add applications to the instance.
Action | Description |
---|---|
Import |
Import a zip archive containing an MSAS application. You can use this feature in combination with Export to move applications between different repositories. Click Import, then click Browse to locate the zip archive in your local directory that contains the application to be imported, and click Import.
The imported application is added to the list of applications in the Applications table. Notes: The applications to be imported must use the following directory structure:
|
+Create |
Use this action to create a new virtual or proxy application.
Virtual applications include one or more virtual URLs, or reverse-proxy URLs. In reverse-proxy, you create a virtual URL to hide the actual URL from the client. Proxy applications include one or more forward proxy URLs. In forward proxy, the client is aware of the URL and can access it directly using a proxy server configured on the client side. |
Virtual Application |
Select Virtual Application to display the Create Virtual Application window. |
Name |
Enter an application name that adheres to the XML xs:NCName format using only valid NCName ASCII characters. For example, it must start with a letter or underscore (_ ), and cannot contain any space characters or colons (: ). It must be unique within the MSAS instance. Non-ASCII characters are not supported. This field is required.
The NCName format is defined in the W3C document Namespaces in XML 1.0 (Third Edition) at |
Display Name |
Optionally, enter a name used to clearly identify the instance in the console. |
Description |
Optionally, provide a description of the application. |
MSAS Instance |
Select the MSAS instance that will contain this application. This field is required. |
Save |
Save the application and display the URL summary page where you can add URLs to the application. |
Cancel |
Exit the Create Virtual Application window without creating the application. |
Proxy Application |
Select Proxy Application to display the Create Proxy Application window. |
Name |
Enter an application name that adheres to the XML xs:NCName format using only valid NCName ASCII characters. For example, it must start with a letter or underscore (_ ), and cannot contain any space characters or colons (: ). It must be unique within the MSAS instance. Non-ASCII characters are not supported. This field is required.
The NCName format is defined in the W3C document Namespaces in XML 1.0 (Third Edition) at |
Display Name |
Optionally, enter a name used to clearly identify the application in the console. |
Description |
Optionally, provide a description of the application. |
MSAS Instance |
Select the MSAS instance that will contain this application. This field is required. |
Save |
Save the application and display the URL summary page where you can add URLs to the application. |
Cancel |
Exit the Create Proxy Application window without creating the application. |
The Applications table displays a list of the applications in the repository that match the criteria specified in the Search fields. The results are displayed as specified in the Sort By field.
The following information is provided for each application.
Element | Description |
---|---|
Icon |
Each application is indicated by an icon that represents the type of application. Click the icon to open the MSAS Applications Detail page to view or edit the application.
|
Name/Instance |
Application name and the associated MSAS instance. Click the application name to access the MSAS Applications Detail page to view or edit the application. |
Type |
Type of application, either Virtual Application, Proxy Application, Direct URL, or Blocked URL. |
Tag |
Optional user-defined tag used to categorize the applications. |
Updated By/Last Modified |
Name of the user that updated the application and the length of time that has elapsed since it was last updated. |
![]() |
Click to access the Delete and Export actions. |
Delete |
Delete an application in the instance. In the Delete Application window click Delete to delete the application or Cancel to cancel the operation.
Note: Reserved applications, such as BLOCK, DIRECT, msm, and msm-reverse-proxy, cannot be deleted. |
Export |
Export a zip archive containing the application to your local directory. Reserved applications, such as BLOCK, DIRECT, msm, and msm-reverse-proxy, cannot be exported. You can use this feature in combination with Import to move applications between different repositories.
Select Export from the menu and save the zip archive to your file system. The directory structure for each application is maintained in the archive file using the following structure:
|
Load More Items | Use this action to view additional applications in the Applications table. By default, five rows are displayed. Each time you click Load More Items an additional five rows are shown. |
"Managing Mobile Security Access Server Applications" in Administering Oracle Mobile Security Access Server
Use the MSAS Applications Detail page to:
View and edit the details of an application.
View the number of URLs configured in the application and navigate to a page where you can view or search for configured URLs and add URLs.
Navigate to the Application Roles page where you can view or search for configured roles and add roles.
View and edit the tags associated with the application.
Export the application.
The MSAS Applications Detail page provides general summary information about the application and the ability to edit the configuration.
Element | Description |
---|---|
Icon |
Indicates representing the type of application:
|
Name |
Name that you specified in the Display Name field when you created the application. If you did not provide a display name, this field is blank. To edit or add a display name, click in the name field and make the desired changes. |
Description |
Description of the application. To add or edit the description, click in the description field and make the desired changes. |
|
The number of URLs configured in the application. Click the search icon to open the URL or Proxy URL page. Use this page to view or search for configured URLs, and to edit the security configuration of the URL. |
|
Click the search icon to display the Application Roles page. Use this page to view or search for configured application roles, and to add roles. From the Application Roles page you can click Add Roles to display the Create Application Role pages.
For more information, see Application Roles Summary Page. |
Tags |
List of tags configured for the application. You can use tags to categorize applications to make them easier to locate in the console.
Click the icon to open the Tags window where you can edit existing tags or add new tags. To add a tag, click Add and enter the tag name in the Tag field. When finished, click OK. |
Application Information |
Summary information about the application. |
MSAS Instance Name |
Name of the MSAS instance on which the application is deployed. |
Security Context |
App stripe used for security artifacts such as authorization policies. |
Last Modified |
The length of time that has elapsed since the application was updated. |
Updated By |
User that last updated the application. |
Perform the following actions on the MSAS Applications Detail page.
Action | Description |
---|---|
Export |
Export a zip archive containing the application to your local directory. Reserved applications, such as BLOCK and DIRECT, cannot be exported. You can use this feature in combination with Import to move applications between different repositories.
Select Export from the menu and save the zip archive to your file system. The directory structure for each policy is maintained in the archive file using the following structure:
|
Apply |
If you have made changes to the application, click Apply to save the changes. |
Revert |
Click Revert to cancel any changes made to the application. |
"Managing Mobile Security Access Server Applications" in Administering Oracle Mobile Security Access Server
Use the Mobile Security Access Server Proxy URLs page to:
View a list of the proxy URLS configured in a proxy application.
Search for proxy URLs in the application.
Add proxy URLs to an application.
Delete proxy URLs from an application.
Navigate to the URL Policy Configuration page where you can secure the URL using policies and assertions.
The Proxy URLs page is arranged in the following sections:
Use the Search section of the Proxy URLs page to search for URLs configured in the application. The results that are returned are the URLs that meet the conditions specified in the Search field, and sorted as specified in the Sort By drop-down.
Element | Description |
---|---|
Search |
Enter all or part of a proxy URL name in the search field and click the search icon.
Use percent |
Sort By | Select the order in which the results should be sorted, either by Name or by Last Modified date. |
Perform the following action on this page to add proxy URLs to the application.
Action | Description |
---|---|
+ ProxyURL |
Use this action to add a proxy URL to the application. |
Add |
Click Add to add one or more proxy URLs to the application. To add multiple URLs, click Add multiple times. |
Host URL |
Enter the URL to add to the application. It must be unique to all applications in the MSAS instance. |
Name |
Enter a meaningful name for the proxy URL. |
Description |
Optionally, provide a description of the proxy URL. |
2-Way SSL |
Reserved for future use. |
Save |
Save the proxy URL in the application and display the URL summary page. |
Cancel |
Exit the Add Proxy URL window without adding the proxy URLs to the application. |
The Proxy URLs table displays a list of the proxy URLs configured in the application and that match the criteria specified in the Search field. The results are displayed as specified in the Sort By field.
The following information is provided for each proxy URL.
Element | Description |
---|---|
|
Click the Proxy URL icon to access the URL configuration page to attach policies or assertions to secure the access. |
Name |
Name of the proxy URL that you specified in the Name field when you added the URL to the application. Click the URL name to access the URL configuration page to secure the URL. |
URL |
URL that you specified in the Host URL field that you added to the application. |
Updated By/Last Modified |
Name of the user that updated the application and the length of time that has elapsed since it was last updated. |
![]() Options menu |
Click the options menu icon to access the Delete and Edit actions. |
Delete |
Delete the URL from the application. In the Delete URL window, click Delete to delete the URL or Cancel to cancel the operation. |
Edit |
Edit the proxy URL. In the Edit Proxy URL window, enter the desired changes in the fields and click Apply to save the changes or Cancel to exit the window without saving the changes. |
Load More Items | Use this action to view additional URLs in the Proxy URLs table. By default, five rows are displayed. Each time you click Load More Items an additional five rows are shown. |
"Managing URLs in an MSAS Application" in Administering Oracle Mobile Security Access Server
Use the Mobile Security Access Server URLs page to:
View a list of URLS configured in a virtual application.
Search for URLs in the application.
Add URLs to an application.
Delete URLs from an application.
Navigate to the URL Policy Configuration page where you can secure the URL using policies and assertions.
The URLs page is arranged in the following sections:
Use the Search section of the URLs page to search for URLs configured in the application. The results that are returned are the URLs that meet the conditions specified in the Search field, and sorted as specified in the Sort By drop-down.
Element | Description |
---|---|
Search |
Enter the URL name, or partial name, in the search field and click the search icon.
Use percent |
Sort By | Select the order in which the results should be sorted, either by Name or by Last Modified date. |
Perform the following actions on this page to add virtual URLs to the application.
Action | Description |
---|---|
+URL |
Use this action to add a virtual URL to the application. |
Add |
Click Add to add one or more URLs to the application. To add multiple URLs, click Add multiple times. |
Host URL |
Enter the URL to add to the application. This URL will not be visible to clients. |
Name |
Enter a name for the virtual URL. |
MSAS URI |
Enter the virtual URL that will be visible to clients. It must be unique within the MSAS instance. For example virtualURL01 . |
Description |
Optionally, provide a description of the virtual URL. |
HTTP Method |
HTTP method to use for the virtual URL. Valid options are:
For details about HTTP methods, see the Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content RFC document at |
2-Way SSL |
Reserved for future use. |
Save |
Save the URL in the application and display the URL summary page. |
Cancel |
Exit the Add URL window without adding the URLs to the application. |
The URLs table displays a list of the virtual URLs configured in the application and that match the criteria specified in the Search field. The results are displayed as specified in the Sort By field.
The following information is provided for each virtual URL.
Element | Description |
---|---|
|
Click the URL icon to access the URL configuration page to attach policies or assertions to secure the access to the URL. |
Name/Description |
Name and description of the virtual URL that you specified when you added the URL to the application. Click the URL name to access the URL configuration page to secure the access to the URL. |
HTTP Method |
The MSAS URI and the associated HTTP method that you specified when you added the URL. |
Updated By/Last Modified |
Name of the user that updated the application and the length of time that has elapsed since it was last updated. |
![]() Options menu |
Click the options menu icon to access the Delete and Edit actions. |
Delete |
Delete the virtual URL from the application. In the Delete URL window click Delete to delete the URL or Cancel to cancel the operation. |
Edit |
Edit the virtual URL. In the Edit URL window, enter the desired edits in the fields and click Apply to save the changes or Cancel to exit the window without saving the changes. |
Load More Items | Use this action to view additional URLs in the URLs table. By default, five rows are displayed. Each time you click Load More Items an additional five rows are shown. |
"Managing URLs in an MSAS Application" in Administering Oracle Mobile Security Access Server
Use the URL Policy Configuration page to:
View the policies or assertions attached to a URL.
Attach policies or assertions to policy enforcement points of a URL. You can attach policies and assertions on request from the client to MSAS, at invoke from MSAS to the back-end web application, and on response from MSAS to the client.
View the details of a policy attached to a URL.
Override configuration properties for an attached policy.
Validate that the policy attachments adhere to the validation rules.
The URL Policy Configuration page provides the ability to attach policies and assertions to policy enforcement points in URLs and to configure property overrides in a policy.
Element | Description |
---|---|
Icon/Name | URL icon and name of the URL that you specified when you added the URL to the application. This field is read-only. |
Host URL | The URL to be secured in the application. For virtual URLs, this represents the back-end URL to be hidden from the client. This field is read-only. |
Description | Description that you provided when you added the URL to the application. This field can be blank. |
2-way SSL | Indicates whether 2-way SSL is enabled or disabled |
MSAS URI | The virtual URI that will be exposed to the client in place of the host URL. This field appears for virtual URLs only. |
HTTP Method | Action that should be performed when the URI is invoked. This field is displayed for virtual URLs only. |
Policies tab |
Displays the policy enforcement points to which you can attach policies and assertions. |
On-Request |
Use this field to attach one or more policies or assertions to secure access from the client to MSAS. Click the options menu and select Add Assertion, Add Policy, or Reorder from the menu. |
Add Assertion |
Attach one or more assertions to the policy enforcement point. The Add Assertion page is displayed with a list of all the available assertions that are applicable. Use this page to search for existing assertion templates and use them to attach assertions to the policy enforcement point.
In the Add Assertion page, provide search parameters in the Name and Category fields and click Search. The results that match the search criteria are displayed in the search results table. In the search results table, select the assertion or assertions to be attached and click Add Selected. To attach all the listed assertions, click Add All. The selected assertions are displayed in the Selected Assertion Templates table. In the Selected Assertion Templates table, review the selections. To remove one or more assertions from this table, click Remove Selected or Remove All. When you have confirmed the assertion selection, click Add Assertion. Click Add Assertion to attach the assertions to the policy enforcement point, or Cancel to exit the window without attaching assertions. Note: When you attach an assertion to the on-request policy enforcement point, the compatible assertion is automatically attached to the on-response endpoint. |
Add Policy |
Attach one or more policies to the policy enforcement point. The Attach Policies page is displayed with a list of all the available policies that are applicable. Use this page to search for existing polices and use them to attach policies to the policy enforcement point.
In the Attach Policies page, provide search parameters in the Name and Category fields and click Search. The results that match the search criteria are displayed in the search results table. In the search results table, select the policy or policies to be attached and click Add Selected. To attach all the listed policies, click Add All. The selected policies are displayed in the Selected Policies table. In the Selected Policies table, review the selections. To remove one or more policies from this table, click Remove Selected or Remove All. When you have confirmed the policy selection, click Attach Policies. Note: When you attach a policy to the on-request policy enforcement point, the compatible policy is automatically attached to the on-response endpoint. |
Reorder |
Reorder the attached policies and assertions. In the Reorder window, select the desired assertion or policy and click the up or down arrow to change the order. Click OK when finished to save the changes, or Cancel to exit the window without changing the assertion order. |
Invoke Proxy/Invoke |
Use this field to attach policies or assertions used to invoke the back-end web application (URL). Click the options menu icon and select Add Assertion, Add Policy, or Reorder from the menu. |
Add Assertion |
Attach one or more assertions to the policy enforcement point. The Add Assertion page is displayed with a list of all the available assertions that are applicable. Use this page to search for existing assertion templates and use them to attach assertions to the policy enforcement point.
In the Add Assertion page, provide search parameters in the Name and Category fields and click Search. The results that match the search criteria are displayed in the search results table. In the search results table, select the assertion or assertions to be attached and click Add Selected. To attach all the listed assertions, click Add All. The selected assertions are displayed in the Selected Assertion Templates table. In the Selected Assertion Templates table, review the selections. To remove one or more assertions from this table, click Remove Selected or Remove All. When you have confirmed the assertion selection, click Add Assertion. |
Add Policy |
Attach one or more policies to the policy enforcement point. The Attach Policies page is displayed with a list of all the available policies that are applicable. Use this page to search for existing polices and use them to attach policies to the policy enforcement point.
In the Attach Policies page, provide search parameters in the Name and Category fields and click Search. The results that match the search criteria are displayed in the search results table. In the search results table, select the policy or policies to be attached and click Add Selected. To attach all the listed policies, click Add All. The selected policies are displayed in the Selected Policies table. In the Selected Policies table, review the selections. To remove one or more policies from this table, click Remove Selected or Remove All. When you have confirmed the policy selection, click Attach Policies. |
Reorder |
Reorder the attached policies and assertions. In the Reorder window, select the desired assertion or policy and click the up or down arrow to change the order. Click OK when finished to save the changes, or Cancel to exit the window without changing the assertion order. |
On-Response |
Use this field to attach policies or assertions to secure the response message sent back to the client. Click the options menu icon and select Add Assertion, Add Policy, or Reorder from the menu. |
Add Assertion |
Attach one or more assertions to the policy enforcement point. The Add Assertion page is displayed with a list of all the available assertions that are applicable. Use this page to search for existing assertion templates and use them to attach assertions to the policy enforcement point.
In the Add Assertion page, provide search parameters in the Name and Category fields and click Search. The results that match the search criteria are displayed in the search results table. In the search results table, select the assertion or assertions to be attached and click Add Selected. To attach all the listed assertions, click Add All. The selected assertions are displayed in the Selected Assertion Templates table. In the Selected Assertion Templates table, review the selections. To remove one or more assertions from this table, click Remove Selected or Remove All. When you have confirmed the assertion selection, click Add Assertion. Click Add Assertion to attach the assertions to the URL, or Cancel to exit the window without attaching assertions. Note: When you attach an assertion to the on-request policy enforcement point, the compatible assertion is automatically attached to the on-response endpoint. |
Add Policy |
Attach one or more policies to the policy enforcement point. The Attach Policies page is displayed with a list of all the available policies that are applicable. Use this page to search for existing polices and use them to attach policies to the policy enforcement point.
In the Attach Policies page, provide search parameters in the Name and Category fields and click Search. The results that match the search criteria are displayed in the search results table. In the search results table, select the policy or policies to be attached and click Add Selected. To attach all the listed policies, click Add All. The selected policies are displayed in the Selected Policies table. In the Selected Policies table, review the selections. To remove one or more policies from this table, click Remove Selected or Remove All. When you have confirmed the policy selection, click Attach Policies. Note: When you attach a policy to the on-request policy enforcement point, the compatible policy is automatically attached to the on-response endpoint. |
Reorder |
Reorder the attached policies and assertions. In the Reorder window, select the desired assertion or policy and click the up or down arrow to change the order. Click OK when finished to save the changes, or Cancel to exit the window without changing the assertion order. |
When you attach a policy or assertion to a policy enforcement point, it is listed beneath the policy enforcement point to which it is attached. Click the options menu icon for an attached policy or assertion to perform the following actions.
Action | Description |
---|---|
Edit |
Use this action to view or edit the details for an attached policy or assertion. |
General |
For attached policies, this tab displays general information about the policy in read-only format, including the name, display name, description, the type of endpoints to which the policy can be attached, and so on.
For attached assertions, this tab displays details about the assertion including the name, the category to which the assertion belongs (for example security/authentication or security/msg-protection), the type of assertion (for example The Details or Settings section provides the ability to view the settings for the selected assertion. Assertion template details vary based on the type of assertion. For example, assertions that include message protection will include settings that are specific to message security. |
Versioning History |
Click Versioning History to open the Policy Version History page that you use to view a list of all versions of the policy, view the details of any policy version in read-only format, activate any version of a policy, and delete or export any version of a policy.
You cannot edit a policy from the Policy Version History page. You must edit and save the policy in the Policy Details page. |
Assertions |
If you selected an attached policy, click this tab to view the assertions in the policy. Click an assertion to view details about the assertion including the name, the category to which the assertion belongs (for example security/authentication or security/msg-protection), the type of assertion (for example http-jwt-token ), and whether the assertion is enforced and advertised.
The Details section provides the ability to view the settings for the selected assertion. Assertion template details vary based on the type of assertion. For example, assertions that include message protection will include settings that are specific to message security. |
Overrides |
Click this tab to view the configuration properties for the policy/assertion. Configuration properties vary based on the assertion. Use these fields to override a property on a per-attachment basis.
To override a property, enter the override value in the Value field and press Enter or click anywhere on the page to activate Apply and Revert. To save your changes, click Apply. To cancel the changes before saving, click Revert. Note that for some policies that contain a |
After attaching or detaching policies or assertions, or overriding the configuration properties for an attached policy or assertion, perform the following actions to validate and save and changes.
Action | Description |
---|---|
Validate | When you have finished attaching policies or assertions to the policy enforcement points, click Validate to dynamically check whether the combination of attached policies and assertions is valid. |
Apply | Click Apply to save changes to the application or overrides on a policy or assertion. |
Revert | Click Revert to cancel any changes. |
"Securing Mobile Security Access Server Resources" in Administering Oracle Mobile Security Access Server
In Mobile Security Access Server, the scope of an application role is the MSAS application. That is, the roles in one MSAS application apply only to that application and are not visible to other MSAS applications. Application roles are supported in both virtual and proxy applications and are used with the authorization policy to configure role-based authorization.
Use the Mobile Security Access Server Application Roles Summary page to:
View a list of the application roles configured in the application.
Search for application roles in the application.
Navigate to the Application Roles page where you can create and add roles to an application, edit existing roles, manage application role hierarchy, and map users to application roles.
Delete application roles from an application.
Perform the following actions on this page to search for roles and to add roles to the application.
Action | Description |
---|---|
Search |
Enter all or part of a role name in the search field and click Search.
Wildcards are not recognized and are treated as plain text. Searches are case-insensitive. |
Add Role |
Use this action to access the Create Application Roles page where you can add roles to the application. |
The Application Roles table displays a list of the roles configured in the application and that match the criteria specified in the Search field.
Element | Description |
---|---|
Role Icon |
Click the icon to access the Application Roles page where you can add or change the role hierarchy and mappings. |
Name |
Name or display name that you specified when you created the role. If specified, this field uses the display name. If no display name was specified, it uses the application role name. |
Description |
The role description you specified when you created the role. |
![]() Options menu |
Click the options menu icon to access the Delete Role and Edit Role actions. |
Edit Role |
Edit the application role. When you click Edit Role the Application Roles page displays. Enter the desired edits in the fields and click Apply to save the changes or Revert to exit the window without saving the changes. |
Delete Role |
Delete a role in the application. In the Remove App Role window, click Remove to delete the application role or Cancel to cancel the operation. |
Load More Items | Use this action to view additional application roles in the table. By default, five rows are displayed. Each time you click Load More Items an additional five rows are shown. |
"Configuring Authorization in MSAS Applications" in Administering Oracle Mobile Security Access Server
"Managing Roles in an MSAS Application" in Administering Oracle Mobile Security Access Server
Use the Application Roles page to:
View the details for an application role.
Create a new application role in the application if you access this page using Add Role on the Application Roles Summary page.
Edit an existing application role in the application.
Manage Application Role hierarchy—Roles can be combined in a hierarchy where higher-level roles subsume permissions owned by sub-roles.
Map application roles to external roles
Map application roles to users
The Application Roles page provides general information about the role.
Element | Description |
---|---|
Name |
Name of the application role. It must be unique in the application. This field is required. |
Display Name |
Optionally, enter a name used to clearly identify the role in the console. |
Description |
Optionally, provide a description for the application. |
The page also provides three tabs which allow you to define the role hierarchy and map the role to users and externally.
The App Role Hierarchy tab creates role relationships between roles. Roles can be combined in a hierarchy where higher-level roles subsume permissions owned by sub-roles.
Field | Description |
---|---|
Inherits From | Specify the application roles from which the current application role (the role being created or edited) should inherit permissions. |
Search | Enter all or part of a role name and click Search to display the results. Empty strings fetch all roles in the application. |
Add to hierarchy |
Create a role relationship between the current role and the selected role. The selected role is added to the App Roles table. |
App Roles |
Table listing the application roles from which the current role has inherited permissions. |
Remove |
Remove the relationship between the selected role in the App Roles table and the current role. |
Inherited By | Click this tab to view the application roles that inherit the permissions of this role. |
Use the External Role Mapping tab to map the selected role to external roles.
Field | Description |
---|---|
Search | Enter all or part of a role name and click Search to display the results. Empty strings fetch all roles configured in the WebLogic Server domain. |
Map to Role |
Select the external role to map to the application role and click Map to Role. The selected role is added to the Mapped Roles table. |
Mapped Roles | Table listing the external roles mapped to the application role. Each row lists the role name and description. |
Remove |
Remove the mapping between the selected external role and the application role. |
Use the User Mapping tab to map the selected role to existing users.
Field | Description |
---|---|
Search | Enter all or part of a user name and click Search to display the results. Empty strings fetch all users with the appropriate privileges in the identity store. |
Map to Role | Select the user to map to the application role and click Map to Role. The selected user is added to the Mapped Users table |
Mapped Users | Table listing the users mapped to the application role. Each row lists the user name and description. |
Remove |
Remove the user mapping from the application role. |
"Configuring Authorization in MSAS Applications" in Administering Oracle Mobile Security Access Server
"Managing Roles in an MSAS Application" in Administering Oracle Mobile Security Access Server