Taxonomic Classifications Basic Concepts of the UDDI Specification
1.3.3. Security Considerations
UDDI specification does not define an access control mechanism. The UDDI specification allows modification of the specific entity only by its owner creator. This does not scale in the enterprise environment where the right to modify or delete a specific UDDI entity must be assigned with more identities or even better with some role. Oracle Service Registry addresses this issue with the ACL Access Control List extension to the UDDI security model. Every UDDI entity can be associated with the ACL that defines who can find list it in some UDDI query result, get retrieve all details of the UDDI object, modify or delete it. The ACL can reference either the specific user account or user group. The UDDI v3 specification provides support for digital signatures. In Oracle Service Registry, the publisher of a UDDI structure can digitally sign that structure. The digital signature can be validated to verify the information is unmodified by any means and confirm the publishers identity.1.3.4. Notification and Subscription
The UDDI v3 specification introduces notification and subscription features. Any UDDI registry user can subscribe to a set of UDDI entities and monitor their creation, modification and deletion. The subscription is defined using standard UDDI get or find API calls. The UDDI registry notifies the user whenever any entity that matches the subscription query changes even if the change causes the entity to not match the query anymore. It also notifies about entities that were changed in a way that after the change they match the subscription query. The notification might be synchronous or asynchronous. By synchronous, we mean solicited notification when the interested party explicitly asks for all changes that have happened since the last notification. Asynchronous notifications are run periodically in a configurable interval and the interested party is notified whenever the matched entity is created, modified, or deleted.1.3.5. Replication
Content of the UDDI registry can be replicated using the simple master-slave model. The UDDI registry can replicate data according to multiple replication definitions that are defined using UDDI standard queries. The master-slave relationship is specific to the replication definition. So one registry might be master for one specific replication definition and slave for another. The security settings ACL, users, and groups are not subject to replication but you can set permissions on replicated data.1.3.6. UDDI APIs
The core data management tools functions of a UDDI registry are: • Publishing information about a service to a registry. • Searching a UDDI registry for information about a service. The UDDI specification also includes concepts of: • Replicating and transferring custody of data about a service. • Registration key generation and management. • Registration subscription API set. • Security and authorization. The UDDI specification divides these functions into Node API sets that are supported by a UDDI server and Client API Sets that are supported by a UDDI client . Page 1571.3.6. UDDI APIs
1.3.7. Technical Notes
Technical Notes TN are non-normative documents accompanying the UDDI Specification that provide guidance on how to use UDDI registries. Technical Notes can be found at http:www.oasis-open.orgcommitteesuddi-specdoctns.htm . One of the most important TNs is Using WSDL in a UDDI Registry.1.3.8. Benefits of UDDI Version 3
The most important features include: • User-friendly identifiers facilitate reuse of service descriptions among registries. • Support for digital signatures allows UDDI to deliver a higher degree of data integrity and authenticity. • Extended discovery features can combine previous, multi-step queries into a single-step, complex query. UDDI now also provides the ability to nest sub-queries within a single query, letting clients narrow their searches much more efficiently.1.4. Subscriptions in Oracle Service Registry
Subscriptions are used to alert interested users in changes made to structures in Oracle Service Registry. The Oracle Service Registry Subscription API provides users the ability to manage save and delete subscriptions and evaluate notification. Notifications are lists of changes made within a specified time interval. The Subscription mechanism allows the user to monitor new, changed, and deleted entries for businessEntities, businessServices, bindingTemplates, tModels or publisherAssertions. The set of entities in which a user is interested is expressed by a SubscriptionFilter, which can be any one of the following UDDI v3 API queries: • find_business , find_relatedBusinesses, find_services, find_bindings, find_tmodel • get_businessDetail , get_serviceDetail, get_bindingDetail, get_tModelDetail, get_assertionStatusReport Note In Business Service Control, users can also create subscriptions also resources WSDL, XML, XSD and XSLT without a detailed knowledge of how resources are mapped to UDDI data structures.1.4.1. Subscription Arguments
A subscription is the subscribers interest in changes made to entities as defined by the following arguments: • SubscriptionKey - The identifier of the subscription, as generated by the server when the subscription is registered. • Subscription Filter - Specifies the set of entities in which the user is interested. This field is required. Note that once the subscription filter is set, it cannot be changed. • Expires After - The time after which the subscription is invalid optional. • Notification Interval - How often the client will be notified optional. The server can extend it to the minimum supported notification interval supported by the server as configured by the administrator. For more information, please see Administrators Guide, Section 2, Registry Configuration . • Max Entities - how many entities can be listed in a notification optional. When the number of entities in a notification exceeds max entities, the notification will contain only the number of entities specified here or in the registry configuration. A chunkToken different from 0 will be specified in the notification. This chunkToken can be used to retrieve trailing entities. Page 1581.4.1. Subscription Arguments
Parts
» OSR11gR1ProductDocumentation
» Oracle Service Registry Features Overview
» UDDI Version 3 Specification Known Issues
» UDDI Version 2 Specification Database
» Supported Platforms OSR11gR1ProductDocumentation
» Specifications OSR11gR1ProductDocumentation
» Document Conventions OSR11gR1ProductDocumentation
» The Apache XML Security License, Version 1.1
» The Apache XML License, Version 1.1
» Apache Jakarta License, Version 1.1
» CUP Parser Generator Third Party Licenses
» Jetty License, Version 3.6 Third Party Licenses
» W3C Software Notice and License
» Xalan, Version 2.5.1 Third Party Licenses
» XML Pull Parser for Java, 1.1.1
» Support OSR11gR1ProductDocumentation
» Java™ Platform System Requirements
» Relational Database System Requirements
» Installation Type SMTP Configuration
» Setup Administrator Account Database Settings
» Application Server Settings Installation Panels
» Confirmation and Installation Process
» Clustering Oracle Service Registry with Oracle WebLogic Server
» Directory Structure Installation Summary
» Registry Endpoints Installation Summary
» Setup Signer Command-line Scripts
» Registry Installation Options Command-line Options Reconfiguring After Installation
» Using the syslog Daemon with Oracle Service Registry
» Running Oracle Service Registry as a UNIX Daemon
» Database Creation Method Database Installation
» Oracle Data Source Creation JDBC Driver
» Account Backend Database Installation
» Oracle MSSQL DB2 Multilingual Data
» Alternative JDBC Drivers JDBC Drivers
» Discovery Registry Installation Publication Registry Installation
» Intermediate Registry Installation Approval Process Registry Installation
» LDAP with a Single Search Base
» LDAP with Multiple Search Bases
» LDAP Configuration Examples Oracle Internet Directory with Single Search Base
» Custom Non-LDAP External Accounts Integration
» Cluster operation Cluster Configuration
» Cluster installation Cluster Configuration
» Sharing Token Key Setting Up Security
» WebLogic specific configuration for use with cluster
» HTTP Basic Authentication Configuration
» Netegrity SiteMinder Authentication Configuration
» SSL Client authentication with Embedded HTTPHTTPS Server
» SSL Client Authentication in Oracle WebLogic
» Internal SSL Client Authentication Mapping in J2EE
» Disabling Normal Authentication Authentication Configuration
» Consoles Configuration Authentication Configuration
» Outgoing Connections Protected with SSL Client Authentication
» Uninstallation OSR11gR1ProductDocumentation
» UDDIs Role in the Web Services World - UDDI Benefits
» Typical Application of a UDDI Registry
» UDDI Data Model Basic Concepts of the UDDI Specification
» Taxonomic Classifications Basic Concepts of the UDDI Specification
» Security Considerations Notification and Subscription
» Replication Basic Concepts of the UDDI Specification
» UDDI APIs Basic Concepts of the UDDI Specification
» Technical Notes Basic Concepts of the UDDI Specification
» Subscription Arguments Subscriptions in Oracle Service Registry
» Suppressing Empty Notifications Subscriptions in Oracle Service Registry
» Requestors Actions Approval Process in Oracle Service Registry
» Approvers Actions Approval Process in Oracle Service Registry
» Synchronization of Data Approval Process in Oracle Service Registry
» Mail notification in approval process
» Related Links Approval Process in Oracle Service Registry
» Registry Consoles OSR11gR1ProductDocumentation
» Demo Data for Business Service Control
» Demo data for Registry Control and demos
» Overview Business Service Control
» User Profile Fields The My Profile tab has the following fields:
» Searching Providers Searching Endpoints
» Reports Business Service Control
» Subscription On Selected Entities Subscription from Search Query
» Requestors Actions Approval Process
» Approvers Actions Approval Process
» Explicit Permissions Data Access Control: Principles
» Permission Rules Data Access Control: Principles
» Composite Operations Data Access Control: Principles
» Pre-installed Groups Data Access Control: Principles
» ACL tModels Data Access Control: Principles
» Setting ACLs on UDDI v3 Structures
» Setting ACLs on UDDI v1v2 Structures
» Generating Keys Publisher-Assigned Keys
» Affiliations of Registries Publisher-Assigned Keys
» Taxonomy Types Taxonomy: Principles, Creation and Validation
» Validation of Values Taxonomy: Principles, Creation and Validation
» Types of keyValues Taxonomy: Principles, Creation and Validation
» Taxonomy API Taxonomy: Principles, Creation and Validation
» Predeployed Taxonomies Taxonomy: Principles, Creation and Validation
» RegisterCreate Account Register Registry Console Reference
» Main Menu Tabs Browse Menu Bar
» Tree Display Area Main Display Area
» Display Tabs Action Icons Action Icons Context Menu
» Browsing Registry Console Reference
» Publishing Registry Console Reference
» Starting the Signer Main Screen
» Signer Configuration Signer Tool
» Integrating with Oracle JDeveloper
» How To Configure the Inquiry URL, UDDI Service Key, and Endpoint Address for Runtime
» Integrating with Oracle Enterprise Repository
» Integrating wih Oracle Service Bus
» Enabling Dynamic Lookup of BPEL Partner Link Endpoints
» Enabling Dynamic Lookup of ESB SOAP Endpoints Integrating with Oracle Web Services Manager WSM
» Create Account Account Management
» Accessing Permission Management Permissions
» Editing and Deleting Permissions
» Adding Taxonomies Taxonomy Management
» Understanding Replication Replication Management
» Master Registry Setup Replication Management
» Slave Registry Setup Replication Management
» Create Requestor Approval Process Management
» Replacing tModel keys Replacing UDDI Keys
» Replace URLs Registry Statistics
» Current configurations and their history View configuration
» Named collections of configuration List of named collections
» Core Config Database Registry Configuration
» Security Account Registry Configuration
» Group Subscription Registry Configuration
» Paging Limits Figure 46. Business Service Control Configuration - Paging Limits UI Configuration
» Customizable Taxonomies Business Service Control Configuration
» Customizing Individual Pages Business Service Control Configuration
» Web Interface Configuration Figure 54. Registry Console Configuration - Web Interface Tab
» Paging Configuration Figure 55. Registry Console Configuration - Paging Tab
» Permissions Definitions Permissions: Principles
» Oracle Service Registry Permission Rules
» Setting Permissions Permissions: Principles
» Permissions and User Roles ApiManagerPermission Reference
» Requestor Approval Process Roles
» Approver Approval Process Roles
» autoApprover Approval Process Roles
» Administrator Approval Process Roles
» Optional Content Checking Setup
» Commands Description PStore Tool
» Open Next Protected Store Copy Data Between Protected Stores
» User Store PStore Tool - GUI Version
» Associating an SSL client identity with a registry client
» WSDL PortTypes WSDL Bindings
» UDDI Version 2 UDDI Version 3 UDDI Version 3 Extension
» Administration Utilities Advanced APIs
» Replication Statistics Advanced APIs
» WSDL Publishing Advanced APIs
» XML Publishing Advanced APIs
» XSD Publishing Advanced APIs
» XSLT Publishing Advanced APIs
» Client Package Registry Client
» JARs on the Client Classpath
» Example Client Client Authentication
» Accessing Backend APIs Server-Side Development
» Accessing Registry APIs Custom Registry Modules
» Custom Module Sample Custom Registry Modules
» Creating and Deploying Interceptors
» Logging Interceptor Sample Interceptors
» Request Counter Interceptor Sample
» Deploying Validation Service Writing a Custom Validation Service
» External Validation Service Writing a Custom Validation Service
» Sample Files Writing a Subscription Notification Service
» Architecture Description Registry Web Framework
» Directory Structure Registry Web Framework
» Framework Configuration Registry Web Framework
» Where can I find the code which generates the page header?
» How do I change the text displayed on a pages title bar?
» Where is the right place to include my own JavaScript files?
» Where is it possible to change the text displayed in the page footer?
» Business Service Control Localization
» Directory Structure Business Service Control Framework
» Business Service Control Configuration
» Entity Configuration Business Service Control Framework
» Permission support Business Service Control Framework
» Components and Tags Business Service Control Framework
» Connecting to Oracle Service Registry from JDeveloper
» Running SOAPSpy SOAPSpy Tool
» Prerequisites and Preparatory Steps: Code
» Presentation and Functional Presentation
Show more