If you are using an identity service provider with human workflow or attaching authentication and authorization policies, you must perform additional setup tasks.

• Identity service provider for human workflow

  By default, the identity service uses the embedded LDAP server in Oracle WebLogic Server as the default authentication provider. If you are using human workflow, you can configure Oracle WebLogic Server to use an alternative identity service provider, such as Oracle Internet Directory, Microsoft Active Directory, or Oracle iPlanet. For more information, see Administering Oracle SOA Suite and Oracle Business Process Management Suite. The embedded LDAP server is not supported in clustered environments.

• Authentication provider (OWSM policies)

  Policies that use certain types of tokens (for example, the username, X.509, and SAML tokens) require an authentication provider. For information about selecting and configuring an authentication provider, see Securing Web Services and Managing Policies with Oracle Web Services Manager.

• Authorization provider (OWSM policies)

  After a user is authenticated, you must verify that the user is authorized to access a web service with an authorization policy. You can create an authorization policy with several types of assertion templates. For information about authorization policies and which resources to protect, see Securing Web Services and Managing Policies with Oracle Web Services Manager.