Copyright © 2013, 2016, Oracle and/or its affiliates. All rights reserved.
This graphic shows how coarse-grained authorizations are performed.
The web service client sends a SOAP or XML request. OWSM performs authentication and invokes OES for the access request. OES determines access based on the subject, resource, and action information and responds with a permit or deny.