Users Are Not Restricted To Access A Particular Service
(Doc ID 2640140.1)
Last updated on AUGUST 02, 2023
Applies to:
Oracle API Gateway - Version 11.1.2.4.0 and laterInformation in this document applies to any platform.
Symptoms
Even after adding one user to one group and restricting the service to that group, it is allowing all users in the local store to access the service.
The policy is being accessed successfully but to all users instead of to one user
STEPS
------
1. Create a group.
2. Add the user to that group
3. Add Check Group Membership filter as a Start and connect it to WS-Security Username Token filter with a success path and connect this filter to the Service Handler
4. Deploy
5. Access the service from SoapUI using the OAG virtualized URL.
6. All the users can access the service. The expected behavior is that only the user belonging to the group should be able to access the service.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |
References |