Setting ACLs on UDDI v1v2 Structures
5.2. Publisher-Assigned Keys
Under UDDI v1 and v2, keys are generated automatically when a structure is published. Generated keys in these versions are in form uuid:8-4-4-4-12 where the numbers indicate a count of hexadecimal values. For example, uuid:327A56F0- 3299-4461-BC23-5CD513E95C55 . Note that the prefix uuid: was only used in tModelKeys. In UDDI v3 users may assign keys when saving a structure for the first time. These Keys can be 255 characters long and can contain numbers and Latin characters, so that the key itself describes what the UDDI structure means. For example, the key uddi:systinet.com:uddiRegistry:demo:businessService has the following elements: • The prefix uddi: is a schema much like http: or ftp: and must be always present. • systinet.com is an optional host name. • The elements uddiRegistry, demo, and businessService represent a hierarchy of domains. The domain demo is a subdomain of uddiRegistry. This description is sufficient for our purposes for now. For a more precise description of keys, please see the UDDI v3 Specification [http:uddi.orgpubsuddi-v3.00-published-20020719.htm_Toc42047261].5.2.1. Generating Keys
The key generator tModel is a tModel with a key in the form domain:keygenerator. This tModel permits its owner to save structures with keys in the form domain:string . For example, the tModel uddi:systinet.com:uddiRegistry:demo:keygenerator allows its owner to publish structures with keys like: • uddi:systinet.com:uddiRegistry:demo:businessService • uddi:systinet.com:uddiRegistry:demo:b52 These are derived keys of the uddi:systinet.com:uddiRegistry:demo domain. With one exception, the key generator tModel does not allow the user to save keys from subdomains such as uddi:systinet.com:uddiRegistry:demo:businessService:exchangeRate , that is, derived keys of uddi:systinet.com:uddiRegistry:demo:businessService . The key generator tModel, however, permits the user to save the key generator for each direct subdomain. For example, the user can save uddi:systinet.com:uddiRegistry:demo:businessService:keygenerator. After creating this Page 2095.2.1. Generating Keys
second key generator, the user is permitted to save structures with keys of the uddi:systinet.com:uddiRegistry:demo:businessService domain, such as uddi:systinet.com:uddiRegistry:demo:businessService:exchangeRate . Important To generate keys for a domain, the user must own the domains key generator tModel. Only the administrator can save structures with assigned keys without having the key generator tModel. To enable this process for other users, the administrator must save the domains tModel and then change its ownership to the user via custody transfer. For more information, please see Section Publish Custody Transfer .5.2.2. Affiliations of Registries
The rules above ensure that two users can not create structures with the same key. A complicated situation arises when one user wants to copy UDDI structures from one registry to another while preserving the keys of those structures. There are two problems: 1. The key of the copied structure must not exist on the second registry. The key must be unique - this is required by the UDDI specification. 2. The user must be allowed to save a structure with a specified key on the second registry. The Affiliated registries mechanism solves both problems. An affiliation is a relationship between two registries. The first registry gives up generation of keys for a certain domain and transfers this privilege to the second registry. This ensures that keys from both registries are unique. Note In the examples below we name the two registries master and slave. Moreover there are three people: • The person 1 is an administrator of the master registry, this account is called master-admin. • The person 2 is an administrator of the slave registry account slave-admin and a common user on the master registry account master-user2. • The person 3 is a common user on slave registry account slave-user3 and a common user on master registry account master-user3. Affiliation Setup To set up an affiliation: 1. The administrator of the slave registry slave-admin registers a user account on the master registry master-user2. 2. Master-user2 requests a key generator tModel from the administrator of the Master registry. 3. This administrator, master-admin, creates the key generator tModel and transfers it to the master-user2 account using custody transfer. 4. Person 2 manually copies the key generator tModel to the slave registry his slave-admin account has permission to assign any key and sets up the slave registry to generate all keys based on this key generator. For more information, please see Section 2.7, Node in the Administrators Guide. All keys generated by the slave registry or its users will be from the domain or some subdomain defined by the key generator. Page 210 Affiliation SetupParts
» OSR11gR1ProductDocumentation
» Oracle Service Registry Features Overview
» UDDI Version 3 Specification Known Issues
» UDDI Version 2 Specification Database
» Supported Platforms OSR11gR1ProductDocumentation
» Specifications OSR11gR1ProductDocumentation
» Document Conventions OSR11gR1ProductDocumentation
» The Apache XML Security License, Version 1.1
» The Apache XML License, Version 1.1
» Apache Jakarta License, Version 1.1
» CUP Parser Generator Third Party Licenses
» Jetty License, Version 3.6 Third Party Licenses
» W3C Software Notice and License
» Xalan, Version 2.5.1 Third Party Licenses
» XML Pull Parser for Java, 1.1.1
» Support OSR11gR1ProductDocumentation
» Java™ Platform System Requirements
» Relational Database System Requirements
» Installation Type SMTP Configuration
» Setup Administrator Account Database Settings
» Application Server Settings Installation Panels
» Confirmation and Installation Process
» Clustering Oracle Service Registry with Oracle WebLogic Server
» Directory Structure Installation Summary
» Registry Endpoints Installation Summary
» Setup Signer Command-line Scripts
» Registry Installation Options Command-line Options Reconfiguring After Installation
» Using the syslog Daemon with Oracle Service Registry
» Running Oracle Service Registry as a UNIX Daemon
» Database Creation Method Database Installation
» Oracle Data Source Creation JDBC Driver
» Account Backend Database Installation
» Oracle MSSQL DB2 Multilingual Data
» Alternative JDBC Drivers JDBC Drivers
» Discovery Registry Installation Publication Registry Installation
» Intermediate Registry Installation Approval Process Registry Installation
» LDAP with a Single Search Base
» LDAP with Multiple Search Bases
» LDAP Configuration Examples Oracle Internet Directory with Single Search Base
» Custom Non-LDAP External Accounts Integration
» Cluster operation Cluster Configuration
» Cluster installation Cluster Configuration
» Sharing Token Key Setting Up Security
» WebLogic specific configuration for use with cluster
» HTTP Basic Authentication Configuration
» Netegrity SiteMinder Authentication Configuration
» SSL Client authentication with Embedded HTTPHTTPS Server
» SSL Client Authentication in Oracle WebLogic
» Internal SSL Client Authentication Mapping in J2EE
» Disabling Normal Authentication Authentication Configuration
» Consoles Configuration Authentication Configuration
» Outgoing Connections Protected with SSL Client Authentication
» Uninstallation OSR11gR1ProductDocumentation
» UDDIs Role in the Web Services World - UDDI Benefits
» Typical Application of a UDDI Registry
» UDDI Data Model Basic Concepts of the UDDI Specification
» Taxonomic Classifications Basic Concepts of the UDDI Specification
» Security Considerations Notification and Subscription
» Replication Basic Concepts of the UDDI Specification
» UDDI APIs Basic Concepts of the UDDI Specification
» Technical Notes Basic Concepts of the UDDI Specification
» Subscription Arguments Subscriptions in Oracle Service Registry
» Suppressing Empty Notifications Subscriptions in Oracle Service Registry
» Requestors Actions Approval Process in Oracle Service Registry
» Approvers Actions Approval Process in Oracle Service Registry
» Synchronization of Data Approval Process in Oracle Service Registry
» Mail notification in approval process
» Related Links Approval Process in Oracle Service Registry
» Registry Consoles OSR11gR1ProductDocumentation
» Demo Data for Business Service Control
» Demo data for Registry Control and demos
» Overview Business Service Control
» User Profile Fields The My Profile tab has the following fields:
» Searching Providers Searching Endpoints
» Reports Business Service Control
» Subscription On Selected Entities Subscription from Search Query
» Requestors Actions Approval Process
» Approvers Actions Approval Process
» Explicit Permissions Data Access Control: Principles
» Permission Rules Data Access Control: Principles
» Composite Operations Data Access Control: Principles
» Pre-installed Groups Data Access Control: Principles
» ACL tModels Data Access Control: Principles
» Setting ACLs on UDDI v3 Structures
» Setting ACLs on UDDI v1v2 Structures
» Generating Keys Publisher-Assigned Keys
» Affiliations of Registries Publisher-Assigned Keys
» Taxonomy Types Taxonomy: Principles, Creation and Validation
» Validation of Values Taxonomy: Principles, Creation and Validation
» Types of keyValues Taxonomy: Principles, Creation and Validation
» Taxonomy API Taxonomy: Principles, Creation and Validation
» Predeployed Taxonomies Taxonomy: Principles, Creation and Validation
» RegisterCreate Account Register Registry Console Reference
» Main Menu Tabs Browse Menu Bar
» Tree Display Area Main Display Area
» Display Tabs Action Icons Action Icons Context Menu
» Browsing Registry Console Reference
» Publishing Registry Console Reference
» Starting the Signer Main Screen
» Signer Configuration Signer Tool
» Integrating with Oracle JDeveloper
» How To Configure the Inquiry URL, UDDI Service Key, and Endpoint Address for Runtime
» Integrating with Oracle Enterprise Repository
» Integrating wih Oracle Service Bus
» Enabling Dynamic Lookup of BPEL Partner Link Endpoints
» Enabling Dynamic Lookup of ESB SOAP Endpoints Integrating with Oracle Web Services Manager WSM
» Create Account Account Management
» Accessing Permission Management Permissions
» Editing and Deleting Permissions
» Adding Taxonomies Taxonomy Management
» Understanding Replication Replication Management
» Master Registry Setup Replication Management
» Slave Registry Setup Replication Management
» Create Requestor Approval Process Management
» Replacing tModel keys Replacing UDDI Keys
» Replace URLs Registry Statistics
» Current configurations and their history View configuration
» Named collections of configuration List of named collections
» Core Config Database Registry Configuration
» Security Account Registry Configuration
» Group Subscription Registry Configuration
» Paging Limits Figure 46. Business Service Control Configuration - Paging Limits UI Configuration
» Customizable Taxonomies Business Service Control Configuration
» Customizing Individual Pages Business Service Control Configuration
» Web Interface Configuration Figure 54. Registry Console Configuration - Web Interface Tab
» Paging Configuration Figure 55. Registry Console Configuration - Paging Tab
» Permissions Definitions Permissions: Principles
» Oracle Service Registry Permission Rules
» Setting Permissions Permissions: Principles
» Permissions and User Roles ApiManagerPermission Reference
» Requestor Approval Process Roles
» Approver Approval Process Roles
» autoApprover Approval Process Roles
» Administrator Approval Process Roles
» Optional Content Checking Setup
» Commands Description PStore Tool
» Open Next Protected Store Copy Data Between Protected Stores
» User Store PStore Tool - GUI Version
» Associating an SSL client identity with a registry client
» WSDL PortTypes WSDL Bindings
» UDDI Version 2 UDDI Version 3 UDDI Version 3 Extension
» Administration Utilities Advanced APIs
» Replication Statistics Advanced APIs
» WSDL Publishing Advanced APIs
» XML Publishing Advanced APIs
» XSD Publishing Advanced APIs
» XSLT Publishing Advanced APIs
» Client Package Registry Client
» JARs on the Client Classpath
» Example Client Client Authentication
» Accessing Backend APIs Server-Side Development
» Accessing Registry APIs Custom Registry Modules
» Custom Module Sample Custom Registry Modules
» Creating and Deploying Interceptors
» Logging Interceptor Sample Interceptors
» Request Counter Interceptor Sample
» Deploying Validation Service Writing a Custom Validation Service
» External Validation Service Writing a Custom Validation Service
» Sample Files Writing a Subscription Notification Service
» Architecture Description Registry Web Framework
» Directory Structure Registry Web Framework
» Framework Configuration Registry Web Framework
» Where can I find the code which generates the page header?
» How do I change the text displayed on a pages title bar?
» Where is the right place to include my own JavaScript files?
» Where is it possible to change the text displayed in the page footer?
» Business Service Control Localization
» Directory Structure Business Service Control Framework
» Business Service Control Configuration
» Entity Configuration Business Service Control Framework
» Permission support Business Service Control Framework
» Components and Tags Business Service Control Framework
» Connecting to Oracle Service Registry from JDeveloper
» Running SOAPSpy SOAPSpy Tool
» Prerequisites and Preparatory Steps: Code
» Presentation and Functional Presentation
Show more