|
|
|
SOA Security Manager access management models let you define access permissions for applications and their respective user populations. An access management model establishes the following:
Almost all SOA Security Manager functionality is available, regardless of which model you use. The primary difference between the models is the level of SOA Security Manager knowledge required to configure each. The following Administrative UI objects represent the policy management models:
Note: The following SOA Security Manager core objects are required to configure an application or SOA Security Manager policy object:
For more information about these objects, see the [set the co variable for your book].
The recommended method for creating and managing new security policies for your SOA environment is to define application objects that represent one or more related web services and then generate the component and resource settings that define what to protect from associated WSDL files.
Note: Application objects do not support policy expressions using variable objects. Content-based authorization using variables must be implemented using policy domains and policies.
For Policy Server administrators already comfortable with SOA Security Manager r12.0 or TransactionMinder, policy management using policy domains and domain objects (realms, rules, responses, policies, and so on) — can still be used to perform manual configuration of security policies for web service resources.
Domains and domain objects must also be used in the following situations:
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |