Editing Message-Level Access Policies

Use the View Policy Details page to edit the message-level access control policy of a proxy service that is a Web Service and is configured to require message-level security. The page displays the information shown in Table 22-11.

Table 22-11 Policy Details 
Property
Description
Proxy Service Name
Displays the name of the proxy service name for which you selected View Policies on the Access Control for Proxy Services page.
Providers
Displays the authorization providers that are configured for the realm.
Operation
Lists the operation in the proxy service that can be secured.
Policy Conditions
Displays the conditions that determine which users can invoke the operations that are selected under Service Operations.

  1. Log in to the ALSB Console as a user with WebLogic Server Admin privileges. Only users in the Admin role can modify security configuration data. See Configuring Administrative Security in the AquaLogic Service Bus Security Guide.
  2. Locate the access policy. See Locating Access Control Policies.
  3. On the Security page, in the Message Access Control column, click the name of the proxy service or the particular operation in that proxy service. The policy editor is displayed.
  4. You can edit an access control policy from inside a session.

  5. In the Authorization Providers field, select an authorization provider. BEA recommends that you select the XACMLAuthorizer.
  6. Note: As of release 3.0, ALSB deprecates support for the WebLogic Default Authorization provider. Instead, BEA recommends that you use the WebLogic XACML Authorization provider. See Supported Standards and Security Providers in AquaLogic Service Bus Security Guide.
  7. Add policy conditions. See Adding Policy Conditions.
  8. When you have finished entering conditions in the Policy Conditions section, click Save.