The following topics introduce the new and changed features of Oracle Web Services Manager (OWSM) and other significant changes that are described in this guide, and provides pointers to additional information.
Oracle Fusion Middleware 12c (12.2.1) includes the following new and changed features for this document:
Support for OAuth 2.0 for REST and SOAP Services and Clients. For more information, see "Understanding OAuth 2.0 for REST and SOAP Services and Clients".
Introducing REST APIs for Managing Credentials and Keystores. For more information, see "Understanding REST APIs for Managing Credentials and Keystores."
Oracle Fusion Middleware 12c (12.1.3) includes the following new and changed features for this document:
Security enhancements, including:
Integration of OWSM with Oracle Entitlements Server (OES). For more information, see "Understanding Fine-Grained Authorization Using Oracle Entitlements Server".
Ability to protect Personally Identifiable Information (PII) for SOA composites and SOA and Oracle Service Bus JCA adapters. For more information, see "Understanding Personally Identifiable Information".
Support for Oracle Service Bus and Oracle SOA Suite (SOAP/RESTful web services and JCA adapters), and Oracle Enterprise Scheduler. References to these components are included throughout this document as necessary. The policy subjects to use when attaching OWSM policies to these components are specified in "Understanding Policy Subjects".
Oracle Fusion Middleware 12c (12.1.2) includes the following new and changed features for this document:
Security enhancements, including:
Secure conversation, as described in "Understanding Secure Conversation".
Kerberos security enhancements, including credential delegation and single sign-on using SPNEGO, and derived key support, as described in "Understanding the Kerberos Protocol".
Digest authentication, as described in "About Digest Authentication".
Federated STS trust and token caching support, as described in "Understanding Web Services Trust".
RESTful Web services security using Oracle Web Services Manager (OWSM) policies, as described in "Understanding Web Service Policies".
New policy categories, as described in "Policy Categories".
New and updated subject types, as described in "Policy Subjects and Resource Scopes".
For 12c (12.1.2), this guide has been updated in several ways. Following are the sections that have been added or changed.
In this release, the Security and Administrator's Guide for Web Services delivered in Oracle Fusion Middleware 11g, has been split up into the following documents:
Chapter 1, "Introducing Oracle Web Services Manager," has been updated to reflect OWSM 12c features and architecture.
The policy interceptor pipelines illustrated in Figure 3-5, "Policy Interceptors Acting on Messages Between a Client and Web Service (SOAP)" have been updated to reflect the complete set of policy interceptors supported in 12c.
Direct and global policy attachment descriptions have been enhanced, as described in "Overview of Attaching Policies to Policy Subjects".