Managing Web Services Users
From a product perspective, a Web Service is a channel into the objects within Oracle Utilities Work and Asset Management. Any of the objects, services and scripts available in the product can be exposed as
JAX-WS 2.0 based Web Service. From a security perspective Web Services uses the following security mechanisms:
To manage Web Services security users the following is recommended:
• Users for authentication are added to the security repository configured with Oracle WebLogic. This should match the Login Id used for the authorization model.
• Security Policies need to be attached to Web Services using Oracle WebLogic. For Oracle WebLogic the security policies available using Oracle Web Services Manager are available for use with individual Web Services. Multiple policies are supported. Refer to the
Securing WebLogic Web Services for Oracle WebLogic Server for more information and the policies available.
• Users must be defined to the authorization model with appropriate access to underlying services used by the Web Service. For Web Services based upon business objects, services and scripts, users need appropriate access to the Application Service defined on these objects.
• Transaction Types in the Web Services translate to Access Modes within the Application Service calls.
For more information about Inbound Web Services, refer to the
Web Services Best Practices (Doc Id:
2214375.1).