About Security in Oracle SOA Cloud Service
You can secure applications deployed to your Oracle SOA Cloud Service instance through the capabilities of Oracle Cloud and Oracle WebLogic Server.
An Oracle SOA Cloud Service instance includes an Oracle WebLogic Server domain, which is comprised of an Administration Server and one or more Managed Servers. A domain also defines a security realm that controls authentication, authorization, role mapping, credential mapping and security auditing across all of the servers in the domain. Java applications deployed to this WebLogic Server domain can be associated with security roles and policies that protect the applications against unauthorized access. WebLogic Server supports various security providers that assign an identity to the requesting user. By default, users, groups, roles and policies are all maintained in WebLogic Server’s embedded LDAP server.
To provide the highest level of network security, Oracle SOA Cloud Service implements an “access by exception” architecture. You must explicitly grant network access to your service instance for administrators, application users or other cloud services. By default, a service instance is accessible only through secure protocols like HTTPS and SSH, and only using specific ports. You’re also able to customize the default network security configuration to support different access rules and security policies.