4-26 Oracle Fusion Middleware Administrators Guide for Oracle Real-Time Decisions

4.7.4.5 Creating a New Application Policy

The following is an overview of the process to create a new application policy:

1. Log into Fusion Middleware Control, as described in

Section 2.1.1, Logging into Fusion Middleware Control.

2. In the Target Navigation Pane, from either the server-level OracleRTD entry under

Application Deployments, or the bifoundation_domain entry under WebLogic Domain, right-click and select Security, then Application Policies.

3. Select and search for security grants in the Application Stripe obi click the button

beside the Permission box.

4. Select an Application Policy in the search results.

5. Click Create...

6. In the Create Application Grant page:

■ Add, edit or delete one or more Permissions ■ Add, edit, or delete one or more Grantees When creating an application grant, you must add at least one permission and one grantee. Add One or More Permissions In the Add Permission window, search for the Resources available for the Permission Class oracle.security.jps.ResourcePermission click the button beside the Resource Name box Select a permission in the search results, and optionally modify the Resource Name. The default permissions for Oracle RTD appear in Section 4.3, Resource Types and Actions for Oracle RTD, and contain the dummy Resource Name _all_ that matches any Oracle RTD resource name of the associated resource type. You can customize a permission to restrict the resource privilege to act on only one specific occurrence of a resource. For example, you can change the permission that allows the downloading of all Inline Services so that only one named Inline Service, say, Market_ILS, as in the following example, can be downloaded: Security for Oracle Real-Time Decisions 4-27 You can also edit the Permission Actions, so long as you keep to the allowable Permission Actions and Action Qualifiers shown in Table 4–4 . You can only add and optionally customize one permission in each Add Permission window. For more permissions, repeat the procedure described in this section. If you have made a mistake during this process, you can select a permission in the Application Grant, and edit it in the Edit Permission window, such as in the following example: Add One or More Grantees You can add one or more Application Roles, Groups, Users. For each addition, you can search and select from the available application roles, groups, and users. After you have you finished creating the new application policy, the list of grantees that you included determines where the new application policy appears among the list of all security grants in the obi application stripe, as follows: 4-28 Oracle Fusion Middleware Administrators Guide for Oracle Real-Time Decisions ■ If the grantees in your new application policy match the grantees of an existing security grant, as shown in the Principal column, the existing security grant showing those grantees will show the new application policy permissions for that grantee combination. ■ If the grantees in your new application policy do not match the grantees of an existing security grant, as shown in the Principal column, a new Principal row shows the new grantees and the permissions included in your new application policy. For additional information and the detailed steps, see Managing Policies with Fusion Middleware Control in Oracle Fusion Middleware Application Security Guide.

4.7.4.6 Creating an Application Policy Like Another Application Policy