Forum Stats

  • 3,853,742 Users
  • 2,264,263 Discussions
  • 7,905,440 Comments

Discussions

How to restrict access to web-service application deployed in weblogic for group of user only

Salman5
Salman5 Member Posts: 206
edited Sep 4, 2014 12:41AM in JDeveloper and ADF

I built web-service application in jdevelopler 11.1.1.7. Their is security policy applied in the web service from the default Oracle policies which is (policy:Wssp1.2-2007-Https-UsernameToken-Plain.xml)

Now any one want to access the web-service application have to provide the username/password in the header section for the SOAP request to fulfill the policy requirement.

using the following steps I am trying to restrict the access to the web-service application to be with in specific group of users among weblogic users:

  Login to the weblogic admin console

  Create user or group of users

  Click the deployments links

  Select your web-service

  Click the Security tab

  Click the Policies sub-tab

  Choose your authorization provider from the drop down (sounds like the default)

  Choose Add Conditions -> Group -> Type in the group name

  Finish

But the access is still available for all weblogic users (i.e users not in the group specified in the above security configuration). How can I restrict access to only allowed group? Any thing missing in my approach?

Best Answer

  • Salman5
    Salman5 Member Posts: 206
    Answer ✓

    There is nothing wrong with the steps mentioned in the question. In addition to that you should do the following

    At the time of deploying  application when it comes to the security part there is a list under the question (What security model do you want to use with this application?)

    you should select (

Answers

  • Salman5
    Salman5 Member Posts: 206
    Answer ✓

    There is nothing wrong with the steps mentioned in the question. In addition to that you should do the following

    At the time of deploying  application when it comes to the security part there is a list under the question (What security model do you want to use with this application?)

    you should select (

This discussion has been closed.