Web Service Role Authorization No Longer Applied After Migrating From WLS11g To 12c
(Doc ID 2435136.1)
Last updated on AUGUST 15, 2018
Applies to:Oracle WebLogic Server - Version 184.108.40.206.0 and later
Information in this document applies to any platform.
On : 220.127.116.11.0 version, WLS Security
As part of an application, a set of web services is delivered in an ear file in which secure access is arranged by default requiring basic authentication. When using WLS 11g (10.3.6) the default security realm of WLS could be used to define global roles and weblogic users to arrange authorization per web service and if needed per web service operation.
After migrating to WLS12c (18.104.22.168.3) and deploying exactly the same ear file in the same way as under WLS 11g the user authentication works fine (authentication is ok) but whatever roles are defined this configuration is completely ignored. Each new user that is defined in the default realm has access to all services.
The security configuration actions undertaken for 12c are identical to 11g. It is expected that a new user must not be entitled to access application.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!