Skip Headers
Oracle® Fusion Middleware Developer's Guide for Imaging and Process Management
11g Release 1 (11.1.1)
Part Number E12784-01
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Feedback page
Contact Us
Go to previous page
Previous		 Go to current chapter
Up		 Go to next page
Next
View PDF

3.1 HTTP Basic Authentication

When first installed, the Oracle I/PM Web Services are configured with no Oracle Web Service Manager security policies applied. When no security policies are applied, the services leverage the HTTP Basic Authentication mechanism where by user credentials (user ID and password) are transmitted in the web service HTTP message header. This mechanism is, however, not very secure since the users credentials are not encrypted in any way unless a Secure Socket Layer (SSL) transport mechanism is used. If SSL is properly configured for the Oracle I/PM server instance, I/PM can be configured to force the use of SSL in all web service communication. This done by setting the I/PM configuration MBean “RequireBasicAuthSSL” to true. By default, it is false. [Note, the RequireBasicAuthSSL setting only applies when no HTTP Basic Authentication is in use because no OWSM security policies have been applied.]

Go to previous page
Previous		 Go to current chapter
Up		 Go to next page
Next
Go to Documentation Home
Home		 Go to Book List
Book List		 Go to Table of Contents
Contents		 Go to Index
Index		 Go to Feedback page
Contact Us