Chapter 24 – Security

This chapter discusses various aspects of security in and round the SOA Suite. First we discuss access of human actors – administrators – to the SOA Suite run time tooling and the contents of service messages handled by service components. Next we look at accessibility of the services themselves: how to prevent unwarranted use of the services exposed from the SOA Suite?

Service security also stretches to the content of the messages sent to and from the services: we need to protect the confidentiality of certain messages (prevent unauthorized parties from reading them) as well as their integrity (make sure these messages cannot be tampered with). After discussing various inbound challenges we also discuss how we can invoke services from Service Bus and SOA composite applications, that are themselves protected by security measures. Finally we address auditing activities in and around the SOA Suite.

Sections in this chapter:

Sources for this chapter can be found on Github: Chapter 24 sources.

Supporting On Line Documents

Lucas Jellema on the AMIS Technology Blog: Oracle SOA Suite 12c – Create, Deploy, Attach and Configure a Custom OWSM Policy – to report on service execution

Documentation on Web Services Manager – OWSM

Geef een reactie

Het e-mailadres wordt niet gepubliceerd. Verplichte velden zijn gemarkeerd met *

De volgende HTML tags en attributen zijn toegestaan: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>