Users Are Not Restricted To Access A Particular Service
(Doc ID 2640140.1)
Last updated on FEBRUARY 07, 2022
Applies to:Oracle API Gateway - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
Even after adding one user to one group and restricting the service to that group, it is allowing all users in the local store to access the service.
The policy is being accessed successfully but to all users instead of to one user
1. Create a group.
2. Add the user to that group
3. Add Check Group Membership filter as a Start and connect it to WS-Security Username Token filter with a success path and connect this filter to the Service Handler
5. Access the service from SoapUI using the OAG virtualized URL.
6. All the users can access the service. The expected behavior is that only the user belonging to the group should be able to access the service.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document