1.4 Application Server Security

This topic describes about application server security.

Refer to the Oracle Web Logic Security specification document for make the environment more safer and secure.

Oracle Banking Liquidity Management supports the following authentication schemes for the online web application:

• Standard LDAP Directory (e.g. OUD/AD)
• SSO with OAM (Oracle Access Manager – Part of the Oracle Identity Management Suite)
• SAML assertions with a Service Provider protecting the resource and an Identity Provider.

Oracle Banking Liquidity Management supports the following authentication scheme for the API layer:

• OAuth (CLIENT CREDENTIALS) with OAM
• OAuth (CLIENT CREDENTIALS) without OAM

In case the customer does not have OAM, they can use OAUTH without OAM or it is expected that the customer has an enterprise API Management Layer that protects Oracle Banking Liquidity Management API layer with the same controls (i.e., OAuth)

Support for SSL (Secure Transformation of Data)

The Oracle Banking Liquidity Management should be configured that all HTTP connections to the application over SSL/TLS. In other words, all HTTP traffic in clear is prohibited and only HTTPS traffic is allowed. It is highly recommended to enable this option is a production environment, especially when the WebLogic Server acts as the SSL terminator.