Databases Reference
In-Depth Information
Security model
The web services manager allows security to be applied to services and operators to
monitor services, without a need to modify the service. The model for this is shown
as follows.
Access to services (access control) is always through a gateway or agent component
supplied by the web services manager. The endpoint of the service is exposed as the
gateway or agent endpoint. The agents embedded within SOA Suite are known as
interceptors. Gateways and agents are explained later in this chapter.
Rules for who can access the service (authorization), how they are authenticated, and
the access they are allowed (access control) are determined by the policies provided
by the policy manager component of the web services manager. These policies are
pushed to individual agents and gateways.
Policies may also specify specific logging requirements or encryption requirements
(message integrity) for the data.
Policies are determined by an administrator using the Enterprise Manager Console
and enforced using policy enforcement points (interceptors). Policy enforcement
points are provided by agents known as interceptors or by a gateway.
