|
|
|
SOA Security Manager enterprise policy management uses application objects to provide an intuitive method for creating and managing security policies for the web services in your SOA environment.
An application defines a complete security policy for one or more related web services. For example, an organization that divides its web service resources by business unit might create an application for marketing, a separate application for engineering, and so on. Applications associate resources with user roles to specify entitlement policies that determine what web service users can access what web service application resources. Roles identify the set of users who have access to a resource or group of resources in terms of a named or unnamed expression.
When using application objects, you are only required to provide data for configuration settings that do not have defaults; modifying other settings is optional. You can manipulate additional settings that allow you to define more fine-grained protection of an application; however, this is not required.
For the administrator already familiar with traditional policy management, there is a relationship between the application-oriented concepts and the underlying Policy Server objects, which is reflected in the Administrative UI. The following table shows this relationship.
|
Application Dialogs and Group Boxes |
Equivalent Policy Server Objects |
|---|---|
|
General application settings |
Policy domain |
|
Components |
Realms |
|
Resources |
Rules |
|
Application Roles |
Replaces the function of user directory lookups in authorization polcies |
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |