Oracle Web Services Manager Support
Note: Customers using annotations can also use Oracle Web Services Manager policies by specifying the F1-OWSM Policy type as an annotation.
Note: Customers wanting to use Oracle Web Services Manager within the product domain should use the Full JRF Profile not the Restricted JRF Profile as recommended as a minimum for the product installation.
Oracle Web Services Manager can be used to secure individual Inbound Web Services providing
additional WS-Policies and access control support. As with Oracle WebLogic WS-Policy support, configuration is performed using the Oracle WebLogic console by specifying individual policies on individual Inbound Web Services by using the policy type of Oracle Web Services Manager (OWSM).
Refer to
Using Oracle Web Service Manager Security Policies for additional information about Oracle Web Services Manager.
Access Control Support
Note: By default, all Inbound Web Services are accessible by all valid users.
Oracle Web Services Manager allows for access controls to be configured for Inbound Web Services to provide additional security access controls. This facility allows for multiple rules to be configured implementing access rules across the following areas:
• Basic Policies: Policies relating to identity, group, role, environment mode and generic global rules.
• Date and Time Policies: Policies relating to specific dates and times including periods of access.
• Context Element Policies: Policies relating to data within the service itself.
Policies can be individually specified per service operation or combined to implement complex access requirements.
Refer to Security Policy Conditions for more information about specific policies and how to enable policies on services.