What's New in This Guide

Learn about the new and changed features of Oracle Web Services Manager (OWSM) that are described in this guide.

Topics:

• New and Changed Features for 12c (12.2.1.3.0)

• New and Changed Features for 12c (12.2.1.2.0)

• New and Changed Features for 12c (12.2.1.1.0)

New and Changed Features for 12c (12.2.1.3.0)

Oracle Web Services Manager 12c (12.2.1.3) includes the following new and changed features for this document.

These updates are summarized in the following table:

Features in Oracle Web Services Manager 12.2.1.3.0

Feature	Description
Support for Google and Twitter OAuth Servers	OWSM supports integration with Google and Twitter OAuth Servers. About OWSM Integration with Twitter OAuth server About OWSM Integration with Google OAUTH2 Server
Enable user assertion using a user name and a password in OAuth policy	For more information, see Enabling User Assertion by Username/Password in OAuth Policy.
New OAuth2 Client API	OAuth2 Client API feature allows to get access token without the need of creating any rest client, it enables consumer of API to fetch access token and use it in any outbound request. For more information, see About OWSM OAuth2 Client API .
Support for configuring Security Policy Enforcement.	You can tune the configuration of security policy enforcement using Fusion Middleware Control. See Configuring Security Policy Enforcement Using Fusion Middleware Control
Signature Cache Enable property added in OWSM.	See Configuring Security Policy Enforcement Using Fusion Middleware Control
New auth.header.token.type property.	New property auth.header.token.type added in oracle/http_saml20_token_bearer_client_template and oracle/http_saml20_token_bearer_service_template. See auth.header.token.type.
Support for new policies and assertion templates for HTTP-based client endpoint.	Following Oracle Web Services Manager security predefined policies are provided for HTTP-based client endpoint: oracle/http_mutual_auth_over_ssl_client_policy oracle/http_mutual_auth_over_ssl_service_policy oracle/http_mutual_auth_over_ssl_client_template oracle/http_mutual_auth_over_ssl_service_template
Confirm Signature property added in the assertion templates of the WSS10 policies.	See Oracle Web Services Manager Predefined Policies
New security policies for enabling anonymous access to the RESTful web services.	Following Oracle Web Services Manager security predefined policies are provided for enabling anonymous access to the RESTful web services: oracle/multi_token_rest_access_service_policy oracle/multi_token_rest_access_over_ssl_service_policy oracle/http_anonymous_rest_service_policy oracle/http_anonymous_rest_over_ssl_service_policy anonymous.access
Support for Remote header password.	Following Oracle Web Services Manager security predefined policies are provided: oracle/multi_token_sso_over_ssl_rest_service_policy oracle/multi_token_sso_rest_service_policy oracle/http_oam_token_service_template oracle/http_oam_token_service_policy oracle/multi_token_rest_service_policy oracle/multi_token_over_ssl_rest_service_policy remote-user
Support for password derived key for OWSM integration with back-end services which uses wsse or wsse11 element in the username token.	Following Oracle Web Services Manager security predefined policies are provided for password derived key support: oracle/wss11_username_token_derivedkey_with_message_protection_service_policy oracle/wss11_username_token_derivedkey_with_message_protection_signature_only_client_policy oracle/wss11_username_token_derivedkey_with_message_protection_encryption_only_client_policy oracle/wss11_username_token_derivedkey_with_message_protection_signature_only_client_template oracle/wss11_username_token_derivedkey_with_message_protection_encryption_only_client_template iterations user.csf.key
Support for using a a Single OWSM Repository Instance for Multiple Domains.	See Configuring Multiple Domains for a Single OWSM Repository Instance.
Global policy attachment support to secure URI patterns for resources in RESTful Web Services.	See About Securing the URI patterns for Resources in RESTful Web Services.
JWK for external key rotating external identity providers	See Overview of JWK Document Trust Configuration
IDCS support in OWSM for single tenant and multi tenant	See Oracle Web Services Manager Predefined Policies
OWSM policy support for OAuth based anonymous user authentication	See About OAuth Based Anonymous User Authentication
Token Audience configuration	See About Token Audience Configuration
Uptake IDCS Discovery service	See About IDCS Discovery Service

New and Changed Features for 12c (12.2.1.2.0)

Oracle Fusion Middleware 12c (12.2.1.2) includes the following new and changed features for this document:

Table -1 Features in Oracle Web Services Manager 12.2.1.2.0

Feature	Description
Oracle health checker utility has been upgraded to include support for additional components.	See Understanding the Use of checkWSMStatus Command to Identify Domain Configuration Issues.
setWSMBootstrapConfig WLST command for updating bootstrap configuration properties..	See Updating Bootstrap Configuration Properties Using the setWSMBootstrapConfig Command.

New and Changed Features for 12c (12.2.1.1.0)

Oracle Fusion Middleware 12c (12.2.1.1) includes the following new and changed features for this document:

Table -2 Features in Oracle Web Services Manager 12.2.1.1.0

Feature	Description
New sha256 predefined policies.	See Security Policies-Sha256 Only.
New predefined policy, HTTP Oauth2 Token Over SSL Salesforce JWT Client Policy.	See oracle/http_oauth2_token_over_ssl_salesforce_jwt_client_policy.
Support for JWT trusted issuer configuration.	See Configuring JWT Trusted Issuers and DN Lists Using Fusion Middleware Control.
Support for refreshing Configuration Cache in OWSM manually by using Fusion Middleware Control or WLST.	About Refreshing Configuration Cache in OWSM Manually by using Fusion Middleware Control. About Refreshing Configuration Cache in OWSM Manually by using WLST.