I'm looking into Middleware security in our Oracle Fusion 12c environment.
Context: I'm attempting to pull together a high-level Middleware Security Reference Architecture which will help aid decisions on service security, particularly in the areas of Authentication, Authorisation and Message Protection.
Anyway I keep thinking I understand it and then another massive framework jumps out and just confuses the days out of me. I'm looking for somebody to help me join up the dots really.
I would like to know the relationship between the following if at all possible. Perhaps there isn't a relationship between some of these components but there certainly seems to be overlap. It may be use case dependent? I'm just a little confused in all honesty.
High level clarity of relationships and associations between the following would be fantastic:
- Weblogic Security Realms (including the Security Providers)
- Oracle Webservice Manager (Policy Agent, Manager and the OWSM Repository (particularly in the context of it's relationship with the OPSS Security Store, if there is one))
- Credential Security Framework (CSF)
- Oracle Platform Security Service (OPSS)
Hopefully this question makes sense, if you need me to be a bit more specific then do say and I'll try to explain in a bit more detail where I'm getting stuck.
Thanks in advance!
