Chapter - 4 : Security Configuration

The critical security features for OIDG are:

  • Authentication – is provided by the authentication provider in WebLogic. OIDG can authenticate against any WebLogic supported LDAP credential store. The embedded WebLogic LDAP credential store is used by default.
  • Authorization – is achieved through a set of pre-defined OIDG application roles which are mapped to users and groups in the WebLogic security realm. Users and groups can be assigned to application roles using the Fusion Middleware Control application that comes with the SOA Suite infrastructure. It provides authorization and security policy services that are used by OIDG to authorize access to UI pages and web services.
  • Audit – authentication events are recorded in the WebLogic authentication log. This log is not enabled by default and does not does not contain application specific security information.
Image represents security configuration
Figure 4.1 - Security configuration