Time travel for OWSM Administrators - 11g
By Prakash Yamuna-Oracle on Dec 13, 2011
I liked the title of this post from Antony Reynolds so much that I borrowed it for my post! Antony's post talks about the versioning support in OWSM 10g. This post is about the versioning support in OWSM 11g.Here I will take a simple example, let's say a customer has decided to standardize on Basic192 as the algorithm suite to be used for all message protection policies. The customer can do so by editing - let's say the oracle/wss10_saml_token_with_message_protection_service_policy.
The default value is Basic128 for the OOTB policy that ships with OWSM. Now we have two versions of the oracle/wss10_saml_token_with_message_protection_service_policy.
This is illustrated in the picture below (Click on the images for a larger image):
The version history page looks as shown below:
You can view the individual versions by clicking on the "view" button in the above image. Below is the version#1 of the oracle/wss10_saml_token_with_message_protection_service_policy.
Version#2 of the oracle/wss10_saml_token_with_message_protection_service_policy is shown below:
Like in OWSM 10g - you can revert or activate an older version if you realize that the changes that were made were not satisfactory for any reason.
It is important to note some of the limitations that exist in terms of the versioning support in OWSM 11g.
- Enforcement does not take policy version into consideration i.e. enforcement is always based on the latest version (in the above case version#2).
- While OWSM maintains the version history it does not provide any tooling to view the differences b/w the two versions. However for each version OWSM does maintain information about who edited the policy and when - hence once can talk to person who edited the policy to find out the changes.
- Currently versioning is supported only for policies. Versioning is not supported for Assertion templates and Global Policies.