Oracle Web Service Manager
Another environment we should get familiar with…
The Oracle Web Service Manger will enable you to implement security without modifications to the existing Web Services, it will as a matter of fact create a gateway through which you access existing services.
Every service you register to the gateway will be made available through a new service URL and you can modify the security, logging or content validation of the service by using the Oracle Web Service Manger. You can, for instance, change the way a request is handled by adding additional steps to the request processing.
By default a request “pipeline” (that’s how the different steps in the processing are called) will write log information to the database. This pipeline can be extended without coding by adding different pipeline steps. During the workshop we added steps to extract credentials from the HTTP Request (or SOAP envelope), authenticate to a LDAP Directory and authorize using service roles which are defined in the LDAP Directory.
All of this was configured and tested within 5 minutes!!
I’m looking forward to the production release of Oracle Web Service Manager because sometimes we had to “stop and start all services” to work around some strange behaviour…