Databases Reference
In-Depth Information
Some policies can only be applied to certain entities. For example, the authentication
policies generally require access to the original message, including transport data,
and so only apply to
Service Endpoints
.
Oracle-recommended naming conventions for polices
Oracle recommends the following naming convention for policies:
{Path Location}/{Web Services Standard}_{Authentication Token}_{Message
Protection}_{Policy Type}
•
Path Location is the directory to store the policy. It is recommended by
Oracle that this be separate from the Oracle directory used by Oracle
pre-configured policies.
Web Services Standard is the appropriate standard being used, such as Web
Services Security (WSS).
Authentication Token is the means of identifying the requestor, for example,
a SAML token or a username/password.
Message Protection is the message integrity and encryption being applied.
Policy Type is used to indicate if this is a policy or a template to be used in
creating policies.
•
•
•
•
When looking at predefined policies and templates, this naming convention helps to
identify what the policies do.
