Skip to Main Content

Java Development Tools

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

How to restrict access to web-service application deployed in weblogic for group of user only

Salman5Jul 10 2014 — edited Sep 4 2014

I built web-service application in jdevelopler 11.1.1.7. Their is security policy applied in the web service from the default Oracle policies which is (policy:Wssp1.2-2007-Https-UsernameToken-Plain.xml)

Now any one want to access the web-service application have to provide the username/password in the header section for the SOAP request to fulfill the policy requirement.

using the following steps I am trying to restrict the access to the web-service application to be with in specific group of users among weblogic users:

  Login to the weblogic admin console

  Create user or group of users

  Click the deployments links

  Select your web-service

  Click the Security tab

  Click the Policies sub-tab

  Choose your authorization provider from the drop down (sounds like the default)

  Choose Add Conditions -> Group -> Type in the group name

  Finish

But the access is still available for all weblogic users (i.e users not in the group specified in the above security configuration). How can I restrict access to only allowed group? Any thing missing in my approach?

This post has been answered by Salman5 on Sep 4 2014
Jump to Answer

Comments

Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Oct 2 2014
Added on Jul 10 2014
1 comment
243 views