OWSM is the policy framework used by Oracle SOA Suite 11g to implement service level security. This chapter covered a huge amount of information surrounding the ability to secure your Oracle SOA Suite 11g services. Not only that, but numerous topics including logging, exporting, importing, and versioning by using a combination of WLST and console approaches were introduced. Web services security is a vast topic in itself, and this chapter focused on certain core concepts followed by explanations on how to administer, monitor, and promote these policies.
To understand how the OWSM framework works as well as cover various areas of administration surrounding it, this chapter covered the following points:
An overview of the OWSM policy framework
Policy interceptors, assertions, and templates
Concepts surrounding the credentials and keystores, and how to configure them
Managing OWSM policies at runtime, such as attaching/removing policies from services as well as enabling/disabling policies...