Web Service Security

Oracle Insurance Rules Palette

You are here: Security > Application Security > Company Security > Web Service Security

 

Web Service Security

The Rules Palette supports versioning of Web Services records, the Release Management process for the Web Services records and security privileges for viewing and editing Web Services entries. Web Services security is managed through the Admin Explorer under Security | Application Security | Security Groups | Name of the Security Group | Company Security. Open the Web Services folder and check-out the Company file listed there. This will launch the Web Services security editor.   

 

Each record from the AsAuthWebService table has a check box in the editor. If a checkbox is selected, then the users of the security group can access the Web Service. Users can be granted access to any or all available Web Services.      

 

When the security group is checked in, AsAuthCompanyWebService records are created or removed depending on the value of the security check box and the changes made during the session. Each node with a security check box checked will have a record in AsAuthCompanyWebService that links AsAuthCompany to the unique Web Service record. 

 

Versioning

Each Web Service name is versioned when the file is checked-in. The version's field XML clob contains the version guids of each AsAuthWebService record belonging to the Web Service name. The Web Service name's version is not incremented unless at least one of the records changes; meaning a record is modified, added and/or deleted. Each version guid in the XML clob contains the column data in individual IVSVersionField records. Versions are not incremented unless the AsAuthWebService record changes.    

 

Examples of Versioning

ServiceName1 exists as version 3. It contains three AsAuthWebService record versions with the versions 1,3 and 2. ServiceName1 may be checked out and the version will not be incremented if, upon check in, none of the AsAuthWebService records are changed.     

 

ServiceName1 may be checked-out and the third record (with version 2) is updated. Upon check-in, ServiceName1 version is incremented to 4 and contains versions of AsAuthWebService records of 1, 3 and 3. 

 

ServiceName1 may be checked-out and the first record (with version 1) is deleted. In addition, a new AsAuthWebService record is added to the Web Service name. When checked-in, ServiceName1 version is incremented to 5 and contains versions 3, 3, and 1.  

 

Steps to Grant a User Access to a Web Service

  1. Navigate to the Admin Explorer and open Security | Application Security | Security Groups | Name of the Security Group | Company Security | WebService Security.  

  2. Right-click on the Company name listed under the WebService Security folder and select Check-out. A list of all Web Service Methods and File ID combinations will display. 

  3. Click the checkbox next to each Web Service, Web Service Method and File ID combination the user should be able to access.

  4. Right-click on the Company name listed under the WebService Security folder and select Check-in. The security settings will be saved. 

 

Web Service Security

Web Service Security in Admin Explorer

 

 

Copyright © 2009, 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices