In the previous recipe, we allowed any authenticated user in the WebLogic domain access to our service. In this recipe, we will further restrict access to only those users that have a particular role.
Ensure that a suitable policy has been created for the role that we want to use to restrict access to a service.
Follow the steps given in the Restricting a composite to authenticated users with HTTP Basic Security recipe in this chapter to add an authentication policy to the service you want to protect.
Repeat the previous step, except this time choose the policy that you created to grant access to a particular group.