Securing Web Services
As discussed in Chapter 3, our pricing application exposes a single operation (modifyModel) that is used to modify the pricing model for a given product. It is used solely by components behind the firewall. Therefore, we will not be focusing on data-encryption-related policies. We will apply the binding_permission_authorization_policy using Fusion Middleware Control. The binding_permission_authorization_policy ensures that the subject has permission to perform the operation with our PricingModelWebService. Here are the steps:
1. From the left pane of Fusion Middleware Control, under WebLogic Domain, expand pricingdomain and select Pricing1.
2. From the WebLogic Server menu, select Web Services.
3. From the list of policies, ...
Get Oracle Fusion Middleware 11g Architecture and Management now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
