| Oracle® Retail Integration Bus Implementation Guide Release 13.0 |
|
 Previous |
 Next |
Security in the integration layer is a big concern for every retail enterprise. The security system should be open enough to allow trusted remote applications to integrate easily and, at the same time, lock down unauthorized remote access. To address security concerns RIB utilizes the security modules available in the Oracle middle ware and database systems.
There are two categories of administrators in RIB: RIB System Administrators and RIB Application Administrators. The RIB System Administrators are involved in installing, configuring, deploying defect fixes, and making sure that the integration infrastructure is up and running properly. The RIB Application Administrators are the people who are mostly concerned with the business side of the integration system. These users (RIB application administrators) mostly bring up or down RIB adapters and fix data issues with message payloads using RIHA. There are different realms, roles and users defined for each category of RIB administrators.
For each rib-<app>.ear deployed, RIB creates a security realm called ribadminrealm. This realm defines a role called ribadminrole. By default, RIB creates a user called ribadmin that belongs to the ribadminrole. The default password for ribadmin user is ribadmin. The RIB System Administrators can manage rib-<app> application's users and access control through the Oracle Application Server Control (em). The default realm, role and user that RIB creates must not be deleted or modified.
The RIB System Administrators mainly focus on managing access the RIB's JMS server, application server instances, RIB Hospital database, and the rib-home workspace. RIB can be deployed with a user other than the OAS default oc4jadmin user, to configure a riboc4jadmin user see the RIB Installation Guide.
