What's New in This Guide
Learn about the new and changed features of Oracle Web Services Manager (OWSM) that are described in this guide.
Topics:
New and Changed Features for 12c (12.2.1.4.0)
Oracle Web Services Manager 12c (12.2.1.4) includes the following new and changed features.
These updates are summarized in the following table:
Features in Oracle Web Services Manager 12.2.1.4.0
Feature | Description |
---|---|
OWSM introduces new REST APIs for domain-level configuration properties token issuer trust configurations, and managing policies |
The OWSM REST APIs enables you to set domain-level configuration properties, manage token issuer trust configurations, and to work with policies and policy sets such as viewing, attaching, detaching, editing and overriding policies and policy sets.
|
Support for AES-GCM encryption. |
|
Support for OAuth Based Anonymous User Authentication. |
|
Support for Proxy Configuration for Outbound OAuth 2.0 on the Client Application |
See About Proxy Configuration for Outbound OAuth 2.0 on the Client Application |
Support for OAuth 2.0 Tokens with Application Defined Scopes |
See About Support for OAuth 2.0 Tokens with Application Defined Scopes |
Support for OAuth Token Validation for multiple tenants |
New and Changed Features for 12c (12.2.1.3.0)
Oracle Web Services Manager 12c (12.2.1.3) includes the following new and changed features for this document.
These updates are summarized in the following table:
Features in Oracle Web Services Manager 12.2.1.3.0
Feature | Description |
---|---|
Support for Google and Twitter OAuth Servers |
OWSM supports integration with Google and Twitter OAuth Servers. |
Support for trust scopes and tags | Trust scopes define how an OAuth client accesses
resources. Trust scopes allow a trusted or confidential client
application to acquire an access token that gives access to any of
the resources within a domain (Account), to other resources based on
defined tags (Tags), or to only those services where an explicit
association between the client and the service (Explicit) exists.
|
Enable user assertion using a user name and a password in OAuth policy |
For more information, see Enabling User Assertion by Username/Password in OAuth Policy. |
New OAuth2 Client API |
OAuth2 Client API feature allows to get access token without the need of creating any rest client, it enables consumer of API to fetch access token and use it in any outbound request. For more information, see About OWSM OAuth2 Client API . |
Support for configuring Security Policy Enforcement. |
You can tune the configuration of security policy enforcement using Fusion Middleware Control. See Configuring Security Policy Enforcement Using Fusion Middleware Control |
|
See Configuring Security Policy Enforcement Using Fusion Middleware Control |
New |
New property |
Support for new policies and assertion templates for HTTP-based client endpoint. |
Following Oracle Web Services Manager security predefined policies are provided for HTTP-based client endpoint: |
|
|
New security policies for enabling anonymous access to the RESTful web services. |
Following Oracle Web Services Manager security predefined policies are provided for enabling anonymous access to the RESTful web services: |
Support for Remote header password. |
Following Oracle Web Services Manager security predefined policies are provided: |
Support for password derived key for OWSM integration with back-end services which uses |
Following Oracle Web Services Manager security predefined policies are provided for password derived key support:
|
Support for using a a Single OWSM Repository Instance for Multiple Domains. |
See Configuring Multiple Domains for a Single OWSM Repository Instance. |
Global policy attachment support to secure URI patterns for resources in RESTful Web Services. |
See About Securing the URI patterns for Resources in RESTful Web Services. |
JWK for external key rotating external identity providers | See Overview of JWK Document Trust Configuration |
IDCS support in OWSM for single tenant and multi tenant |
|
OWSM policy support for OAuth based anonymous user authentication |
|
Token Audience configuration |
|
Uptake IDCS Discovery service |
New and Changed Features for 12c (12.2.1.2.0)
Oracle Fusion Middleware 12c (12.2.1.2) includes the following new and changed features for this document:
Table -1 Features in Oracle Web Services Manager 12.2.1.2.0
Feature | Description |
---|---|
Oracle health checker utility has been upgraded to include support for additional components. |
See Understanding the Use of checkWSMStatus Command to Identify Domain Configuration Issues. |
|
See Updating Bootstrap Configuration Properties Using the setWSMBootstrapConfig Command. |
New and Changed Features for 12c (12.2.1.1.0)
Oracle Fusion Middleware 12c (12.2.1.1) includes the following new and changed features for this document:
Table -2 Features in Oracle Web Services Manager 12.2.1.1.0
Feature | Description |
---|---|
New sha256 predefined policies. |
|
New predefined policy, HTTP Oauth2 Token Over SSL Salesforce JWT Client Policy. |
See oracle/http_oauth2_token_over_ssl_salesforce_jwt_client_policy. |
Support for JWT trusted issuer configuration. |
See Configuring JWT Trusted Issuers and DN Lists Using Fusion Middleware Control. |
Support for refreshing Configuration Cache in OWSM manually by using Fusion Middleware Control or WLST. |