Contents
This filter enables you to authorize an authenticated user for a particular resource against Oracle Entitlements Server (OES) 11g. The user must first have been authenticated to OES 11g (for example, using the HTTP basic authentication or HTTP digest authentication filter).
This filter enables you to configure the API Gateway to delegate authorization to OES 11g. You can configure the API Gateway to authorize an authenticated user for a particular resource against OES 11g. Credentials used for authentication can be extracted from the HTTP Basic header, WS-Security username token, or the message payload. After successful authentication, the API Gateway can authorize the user to access a resource using OES 11g.
Configure the following fields on the filter screen:
Name:
Enter an appropriate descriptive name for this filter.
Resource:
Enter the URL for the target resource to be authorized (for example, Web service). Alternatively, if this policy is reused for multiple services, enter a URL using selectors, which are expanded at runtime to the value of the specified attributes. For example:
${http.destination.protocol}://${http.destination.host}:${http.destination.port} ${http.request.uri}
Action:
Enter the HTTP verb (for example, POST
, GET
, DELETE
,
and so on). Alternatively, if this policy is reused for multiple services, enter a selector,
which is expanded at runtime to the value of the specified attribute (for example,
${http.request.verb
}). For more details on selectors, see
Selecting configuration values at runtime.
Environment/Context attributes:
Click Add to specify optional Application Contexts as name-value pairs. Enter a Name and Value in the Properties dialog. Repeat to specify multiple properties.