Configure Web-Tier Security and Role Authorization in Oracle Identity Cloud Service
Before deploying your updated application to your production environment, you need to configure web-tier security and role authorization in Oracle Identity Cloud Service.
Configure Web-Tier Security
With Oracle Java Cloud
Service - SaaS Extension, web-tier security for an application was typically implemented with a deployment
descriptor within web.xml
. With Oracle Identity Cloud
Service, web-tier and OAuth security are implemented with Oracle Identity Cloud
Service Confidential Application configuration, specifically associated with the Fusion SaaS
extension app in the Oracle Identity Cloud
Service Administrative Console.
Configure Role Authorization in Oracle Identity Cloud Service
If your extension application uses Oracle Platform Security Services (OPSS), you need to integrate OPSS user and group APIs with Oracle Identity Cloud Service.
A domain that uses Oracle Identity Cloud
Service is associated with a confidential application, which grants Oracle WebLogic Server one or more Oracle Identity Cloud
Service client roles. By default, this confidential application has a single role,
Authenticator Client
, which enables Java applications to use
the OPSS authentication APIs. If your Java applications use the OPSS APIs to look up
user and group information, then you must add more roles to the confidential
application.
The full procedure is provided in the Oracle WebLogic Server for OCI product documentation.