In a first post over security I explained how to authenticate a user using ws-security for a webservice in the SOA Suite 11G. Previously we create a user Hugo which was a member of the Test-group. We now want to secure the webservice so that only members of this group can access it. How do we do this?
When you build a component which has an exposed service, you want to make sure that it is secure. This means we have to apply authentication and authorization to the service in question. Lets see how we can get this done in the SOA Suite 11G (PS2).
When you are building a composite using the SOA Suite you quite often want to call an external webservice. These services can have a form of security on them….wss-username-token in our example. To attach the policy to the service in the SOA Suite is quite straight forward.