Database Reference
In-Depth Information
and Frameworks
), vertically and horizontally. Simply put, this kind of anticipation and
countermeasure planning must be commenced right from the service design stage, even
before the first line of code is written. Your first WSDL is a good basis for this work.
However, what if we cannot anticipate all the possible error situations? Well, manual re-
covery using SOA Suite Human Workflow is still acceptable for cases that cannot be iden-
tified, but the number of these cases must be kept to a minimum. This will ensure that
manual recovery operations will be performed in minutes.
For instance, in the article
Protecting IDPs from Malformed SAML Requests
(Steffo
Webber, Oracle), the discussion of OEG policies for securing SAML tokens clearly state
that for mitigating SSL flaws, the manual reaction of the vulnerabilities of an SAML
token on these threats is acceptable as long as the policy allows you to catch the event and
send the alert.
We also have to take into account that any centralization will require storage for policy as-
sertions, and as long as we deal with different policy formats, these assertions have to be
expressed in a form that is suitable for the following:
• Transformation and quantification
• Should be understood by humans (ops, rule designers, and business analysts),
with possible alterations only by an authorized personnel
Logically, Service Repository would be our first choice with the Service Repository end-
point available.
While talking about storages and logs, we have to make one distinction between Audit
and Exceptions. This difference is clear in service components' design where we handle
errors in the
catch{}
block, and Audit any data using
log.info()
or any other com-
mand/library you want. At the OFM tools' level, it's also obvious; for instance, OSB has
log activity. The situation is not always clear when we are dealing with orchestration en-
gines where dehydration storage can also be the source of Audit; for custom packages, it
can be a common logic. In general, the level of Audit and error reporting is not the same,
especially in Identity Management and Perimeter Protection. Also, regarding the Oracle
Fusion Audit Framework, you should be aware that applications will not stop operating if
the Audit is malfunctioning. Standalone applications can be included into the OFM Audit
Framework through the configuration of the
jps-config.xml
file.
Now, we will consolidate the results of our analysis into common but detailed require-
ments, which are suitable for extending Oracle's Exception Handling facilities.
Search WWH ::
Custom Search