Which statements are true with regard to authorization checks being done in the Mediation Layer?
A.
Performing authorization checksin the Mediation Layer provides a centralized approach to
securing SOA Services.
B.
Performing authorization checks in the Mediation Layer requires that all secured SOA Services
be accessed via the same protocol.
C.
Performing authorization checks in the Mediation Layer requires that all secured SOA Services
be accessed only via the Mediation Layer.
D.
Performing authorization checks in the Mediation Layer eliminates the need for role-based
authentication.
E.
Performing authorization checks in the Mediation Layer requires that user authentication be
based on username and password.
Explanation:
Mediation is a key component in the overall architecture providing the decoupling
between consumers and providers.
A: Although not always required, leveraging the authorization capability within the Mediation Layer
provides a centralized approach to securing SOA Services.
Note:
In addition to run time Service endpoint discovery, SOA infrastructure can provide
additional value by acting as an intermediary and mediator between consumers andproviders. For example, intermediaries can bridge the technology gaps between the
two parties. Among their many capabilities are:
* Translate (map) security credentials between different users/groups/roles or
between different credential types
* Translate, or transform request and response messages
* Accept requests via one transport or protocol and forward them on using a
different transport or protocol (not B)
* Route messages based on content within the request message (Content-based
routing)
* Route messages based on security policies
* Add or remove security measures such as encryption and certificates
* Invoke multiple Service providers as part of a single Service request
* Audit and/or log requests
* Deny requests based on access policies (SLAs, Usage Agreements)
* Capture response time metrics and usage metrics
* Monitor and report on error conditions
Reference: Oracle Reference Architecture, Service-Oriented Integration, Release 3.0
D is wrong