| Oracle® Retail Integration Bus Integration Gateway Services Guide 14.0 E49473-01 |
|
 Previous |
IGS services can be secured by attaching Web service policies to the service. When the services are secured, the service consumers call the services with credentials and/or certificates. If the Retail Service Backbone (RSB) is installed in your enterprise, the IGS services are called via the RSB layer. In that case, the RSB should also be secured. Since the Web service invocation syntax and credentials have to satisfy the security policies at each layer, a set of policies are identified and supported by RSB that are compatible from the consumer to RSB and then to the provider (IGS in this case). These compatible policies are called Policy A and Policy B. Although the services can be secured with any of the Web services policies, the scripting and automation support is available only for policies included in Policy A and Policy B. We believe these configurations satisfy most of the common security requirements of the customers. Any requirements outside these configurations will have to be configured manually.
Policy A is SSL with UsernameToken. The transport layer of the service invocation uses https for this policy. The consumers will have to provide the username and password for invoking the service. Policy B is message protection with UsernameToken. Policy B should be called with http. The encryption is at the message level, instead of transport layer.
IGS services can be secured in the same way as any other Web service provided by Oracle Retail is secured.
|
Note: For more information on securing the IGS services, see the Oracle Retail Service Backbone Security Guide. |
|
 Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|