Database Reference
In-Depth Information
<class>oracle.security.jps.JpsPermission</class>
<name>
soadeploy
</name>
</permission>
</permissions>
</grant>
Should you need custom authorization policies, we recommend adding your own
by granting proper permissions to your application roles and not modifying the
default ones. You can even create a policy by granting permissions to specific
users or groups, instead of application roles, but this tight association between
physical principles and permissions is not recommended.
Configuring keystores and credential stores
for OWSM
Ensure that you have JDK 6 in
CLASSPATH
to generate a keystore compatible
with OWSM. You can then create a keystore with a key pair (self-signed certific-
ate or one issued by a trusted CA) in it with the help of the Java keytool utility.
Before you proceed with any configurations to set up OWSM-based security on
the infrastructure, we recommend taking a backup of the
jps-config.xml
and
cwallet.sso
files in the
$DOMAIN_HOME/config/fmwconfig
direct-
ory. The following steps describe how to configure the keystore:
1.
Open a prompt or terminal and go to the
$DOMAIN_HOME/config/fmw-
config
directory.
2.
A keystore with a key-pair can be created by executing the following com-
mand. For example:
keytool -genkeypair -keyalg RSA -alias
storekey
-keypass
welcome123
-keystore
default-keystore.jks
-storepass
welcome123
-validity 3600
3.
You will need to enter several subparts, which will form the distinguished
name of your keystore, as shown in the following screenshot: