| Oracle® Retail Process Orchestration and Monitoring Security Guide Release 4.0.1 F17860-01 |
|
 Previous |
 Next |
| Oracle® Retail Process Orchestration and Monitoring Security Guide Release 4.0.1 F17860-01 |
|
Previous |
Next |
The chapter provides the details on how to setup security for Representational State Transfer (ReST) Services.
The following topics are covered in this chapter:
With one-way SSL, the server is required to present a certificate to the client, but the client is not required to present a certificate to the server. To successfully negotiate an SSL connection, the client must authenticate the server, but the server will accept a connection from any client. One-way SSL is common on the Internet where customers want to create secure connections before they share personal data. Often, clients will also use SSL to log on for the server to authenticate them.
ReST Committee recommends the use of one way SSL over ReST Services for 16.0.
See the following sequence:
ADF Mobile Security Set at the Mobile Client Level to Allow Authentication.
ADF Mobile Client Injects Authorization Header for Every Service Call (configuration changes).
J2EE-based Basic Authentication (SSL) is configured in the ReST Service Web Application Descriptor to allow secure connectivity to the ReST Service.
