Secure navigation - ADF 11 g
HelloWhat is the best way to apply < b > < /b > Secure navigation in an application-ADF 11g web, such that a single user can access certain pages and/or Transact (through the command links, for example) at the same time, two different browsers, or tabs?
Hello
in JDeveloper 11.1.1.2 (R1-PatchSet1), you can wrap the page in a workflow frontiere8 and set the workflow property to prevent direct browser access. In this way, the page can be opened to a workflow activity. You can then think about a mechnism which - task flow initialization - that verifies if the authenticated user is already registeerd for the flow of demand with the task. If so, to deny access
Frank
Tags: Java
Similar Questions
-
Model Menu XML and security of ADF
I use:
JDeveloper R1 (11.1.1.1.0)
ADF configured security and work
Menu ADF model to generate the navigation level 1 and 2 items in the page template
Use case:
Conditionally render nodes item in my Menu ADF using el specifically, I need to render that element nodes that the user is allowed to view the role of ADF Security Application.
Comments:
To test this point, I put the property made to an itemNode # {securityContext.authenticated}. Note: The user is not authenticated.
If I statically set this value to false, the tab is not rendered as expected, however using the securityContext in this case doesn't seem to work. The EL expression returns 'false', since I added it in the form of text on the page outputText component.<itemNode id="itemNode_Search" label="Search" action="adfMenu_Search" focusViewId="/Search" rendered="#{securityContext.authenticated}" immediate="true"/>
If this work or securityContext is available because the adfc - config.xml is not covered by the safety of the ADF?
What is the best way to accomplish this behavior?
Thank you
Published by: rvlong on April 20, 2010 15:31I had the same problem on one of my projects.
Make sure that you have added rendered = "#{menuInfo.rendered}" for the elements of your model. "
I had a few problems using EL in the rendered itemnode attribute, but after that I updated my model as above it worked fine.
-
ADF/authentication to connect using the security of ADF (with Page of custom Login)
Hi all!
I am trying to achieve a simple project where I need my Application users to open a session before access to these pages in the application.
I found some tutorials, but most of them manually added user security, and I need them to be ONLY on the database, because I use a Web service to retrieve the data.
Here is my business needs:
- Create a custom Login page, requesting identification by name of user and password information
- Extract data using the Webservice (this part is done)
- If the data matches a Session must be opened.
- Some data user as username, preferences... must be registered on a SessionBean
- The session must be opened up to disconnection of the user or the timeout.
Any tips/advice on how to set up the login page and follow the data Session and status?
PS: Using jdev 12 c
Best regards
Luis Cabaco
You can enable the ADF security in your application and configure the authenticator RDBMS on WLS.
http://Biemond.blogspot.BA/2008/12/using-database-tables-as-authentication.html
For the custom login page, see: https://docs.oracle.com/middleware/1213/adf/develop/adf-web-securing.htm#ADFFD2008
Dario
-
Security of ADF, only displaying not region?
With the help of jdev 11.1.1.7
I have a page based on the shell of the dynamic tabs, the tab contains a flow of the page, but when I enable the ADF security I can see the home page but when I open the tab nothing is displayed?
all about you have ideas?
Thank you
Hello
in this case to see if it helps;
-
Security of ADF, added then I get error of insufficient privileges during validation.
I was using a database user, then I have no error. After the addition of security of the ADF and the weblogic user, I got the following error message. Please suggest me, how to solve this error.
< MethodExpressionActionListener > < processAction > received 'javax.faces.event.AbortProcessingException' when calling listener action "#{bindings.Commit.execute}" to the component 'cb4 '.
< MethodExpressionActionListener > < processAction > javax.faces.event.AbortProcessingException: ADFv: interrupt exception.
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding.execute(FacesCtrlActionBinding.java:199)
at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.sun.el.parser.AstValue.invoke (unknown Source)
at com.sun.el.MethodExpressionImpl.invoke (unknown Source)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcast(UIXComponentBase.java:824)
at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:179)
to oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$ 1.run(ContextSwitchingComponent.java:130)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:461)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:134)
at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:112)
to oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$ 1.run(ContextSwitchingComponent.java:130)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:461)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:134)
at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:106)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:787)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1252)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._invokeApplication(LifecycleImpl.java:973)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:354)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:202)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:508)
to weblogic.servlet.internal.StubSecurityHelper$ ServletServiceAction.run (StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:125)
to org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$ FilterListChain.doFilter (TrinidadFilterImpl.java:468)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
to org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$ FilterListChain.doFilter (TrinidadFilterImpl.java:468)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:180)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
to oracle.security.jps.ee.http.JpsAbsFilter$ 1.run(JpsAbsFilter.java:119)
at java.security.AccessController.doPrivileged (Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.wrapRun (WebAppServletContext.java:3715)
to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.run (WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
< Utils > < buildFacesMessage > ADF: addition of the JSF error message: ORA-01031: insufficient privileges
java.sql.SQLSyntaxErrorException: ORA-01031: insufficient privileges
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:462)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:405)
at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:931)
at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:481)
at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:205)
at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:548)
at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:217)
at oracle.jdbc.driver.T4CPreparedStatement.executeForRows(T4CPreparedStatement.java:1115)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1488)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3769)
at oracle.jdbc.driver.OraclePreparedStatement.executeUpdate(OraclePreparedStatement.java:3904)
at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeUpdate(OraclePreparedStatementWrapper.java:1512)
at weblogic.jdbc.wrapper.PreparedStatement.executeUpdate(PreparedStatement.java:172)
at oracle.jbo.server.OracleSQLBuilderImpl.doEntityDML(OracleSQLBuilderImpl.java:432)
at oracle.jbo.server.EntityImpl.doDML(EntityImpl.java:8518)
at oracle.jbo.server.EntityImpl.postChanges(EntityImpl.java:6745)
at oracle.jbo.server.DBTransactionImpl.doPostTransactionListeners(DBTransactionImpl.java:3264)
at oracle.jbo.server.DBTransactionImpl.postChanges(DBTransactionImpl.java:3067)
at oracle.jbo.server.DBTransactionImpl.commitInternal(DBTransactionImpl.java:2071)
at oracle.jbo.server.DBTransactionImpl.commit(DBTransactionImpl.java:2352)
at oracle.adf.model.bc4j.DCJboDataControl.commitTransaction(DCJboDataControl.java:1590)
at oracle.adf.model.binding.DCDataControl.callCommitTransaction(DCDataControl.java:1415)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.doIt(JUCtrlActionBinding.java:1428)
at oracle.adf.model.binding.DCDataControl.invokeOperation(DCDataControl.java:2169)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.invoke(JUCtrlActionBinding.java:731)
at oracle.adf.controller.v2.lifecycle.PageLifecycleImpl.executeEvent(PageLifecycleImpl.java:402)
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding._execute(FacesCtrlActionBinding.java:252)
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding.execute(FacesCtrlActionBinding.java:185)
at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.sun.el.parser.AstValue.invoke (unknown Source)
at com.sun.el.MethodExpressionImpl.invoke (unknown Source)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcast(UIXComponentBase.java:824)
at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:179)
to oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$ 1.run(ContextSwitchingComponent.java:130)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:461)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:134)
at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:112)
to oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$ 1.run(ContextSwitchingComponent.java:130)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:461)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:134)
at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:106)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:787)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1252)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._invokeApplication(LifecycleImpl.java:973)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:354)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:202)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:508)
to weblogic.servlet.internal.StubSecurityHelper$ ServletServiceAction.run (StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:125)
to org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$ FilterListChain.doFilter (TrinidadFilterImpl.java:468)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
to org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$ FilterListChain.doFilter (TrinidadFilterImpl.java:468)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:180)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
to oracle.security.jps.ee.http.JpsAbsFilter$ 1.run(JpsAbsFilter.java:119)
at java.security.AccessController.doPrivileged (Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.wrapRun (WebAppServletContext.java:3715)
to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.run (WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
< Utils > < buildFacesMessage > ADF: addition of the JSF error message: ORA-01031: insufficient privileges
java.sql.SQLSyntaxErrorException: ORA-01031: insufficient privileges
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:462)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:405)
at oracle.jdbc.driver.T4C8Oall.processError(T4C8Oall.java:931)
at oracle.jdbc.driver.T4CTTIfun.receive(T4CTTIfun.java:481)
at oracle.jdbc.driver.T4CTTIfun.doRPC(T4CTTIfun.java:205)
at oracle.jdbc.driver.T4C8Oall.doOALL(T4C8Oall.java:548)
at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:217)
at oracle.jdbc.driver.T4CPreparedStatement.executeForRows(T4CPreparedStatement.java:1115)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1488)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3769)
at oracle.jdbc.driver.OraclePreparedStatement.executeUpdate(OraclePreparedStatement.java:3904)
at oracle.jdbc.driver.OraclePreparedStatementWrapper.executeUpdate(OraclePreparedStatementWrapper.java:1512)
at weblogic.jdbc.wrapper.PreparedStatement.executeUpdate(PreparedStatement.java:172)
at oracle.jbo.server.OracleSQLBuilderImpl.doEntityDML(OracleSQLBuilderImpl.java:432)
at oracle.jbo.server.EntityImpl.doDML(EntityImpl.java:8518)
at oracle.jbo.server.EntityImpl.postChanges(EntityImpl.java:6745)
at oracle.jbo.server.DBTransactionImpl.doPostTransactionListeners(DBTransactionImpl.java:3264)
at oracle.jbo.server.DBTransactionImpl.postChanges(DBTransactionImpl.java:3067)
at oracle.jbo.server.DBTransactionImpl.commitInternal(DBTransactionImpl.java:2071)
at oracle.jbo.server.DBTransactionImpl.commit(DBTransactionImpl.java:2352)
at oracle.adf.model.bc4j.DCJboDataControl.commitTransaction(DCJboDataControl.java:1590)
at oracle.adf.model.binding.DCDataControl.callCommitTransaction(DCDataControl.java:1415)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.doIt(JUCtrlActionBinding.java:1428)
at oracle.adf.model.binding.DCDataControl.invokeOperation(DCDataControl.java:2169)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.invoke(JUCtrlActionBinding.java:731)
at oracle.adf.controller.v2.lifecycle.PageLifecycleImpl.executeEvent(PageLifecycleImpl.java:402)
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding._execute(FacesCtrlActionBinding.java:252)
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding.execute(FacesCtrlActionBinding.java:185)
at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.sun.el.parser.AstValue.invoke (unknown Source)
at com.sun.el.MethodExpressionImpl.invoke (unknown Source)
at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:105)
at javax.faces.event.MethodExpressionActionListener.processAction(MethodExpressionActionListener.java:148)
at javax.faces.event.ActionEvent.processListener(ActionEvent.java:88)
at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcast(UIXComponentBase.java:824)
at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:179)
to oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$ 1.run(ContextSwitchingComponent.java:130)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:461)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:134)
at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:112)
to oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$ 1.run(ContextSwitchingComponent.java:130)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:461)
at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:134)
at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:106)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:787)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1252)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._invokeApplication(LifecycleImpl.java:973)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:354)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:202)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:508)
to weblogic.servlet.internal.StubSecurityHelper$ ServletServiceAction.run (StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:125)
to org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$ FilterListChain.doFilter (TrinidadFilterImpl.java:468)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
to org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$ FilterListChain.doFilter (TrinidadFilterImpl.java:468)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:180)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
to oracle.security.jps.ee.http.JpsAbsFilter$ 1.run(JpsAbsFilter.java:119)
at java.security.AccessController.doPrivileged (Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.wrapRun (WebAppServletContext.java:3715)
to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.run (WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
All communications of the db is made via the connection db defined in your application. Here, you set the user who speaks of the db. If this user has the power to hire you should be able to commit. You can use security adf to grant the insert, update, and delete on EO in your application to roles that belongs to the user of your application. I you have not done so each user of the application should be able to commit.
Timo
-
How to keep the main custom security Oracle ADF framework
Hi guys, hope someone will help me.
I am faced with the following question, I need to have a custom main instance after oracle adf security framework to authenticate and authorize the user.
My custom main instance must have by adding attribute clientId say say. I use Jdeveloper 11.1.2.4 and I configure weblogic to use ReadOnlySQLAuthenticator (he did most of the features you want).
As far as I understand, I would implement a custom provider to have a chance to implement a custom LoginModule, so I can put it up to use my custom entity, am I right? and I do not know how ReadOnlySQLAuthenticatorImpl I chose in weblogic is related to
DBMSAtnLoginModuleImpl (I mean how is he knows what LoginModule it should use) and if I can, how can I do ReadOnlySQLAuthenticatorImpl use my custom LoginModule.
Sorry if I violated the forum rules.Hello
Yes, you must create a custom LoginModule, then create a WLS her authentication provider. Then, configure you the authentication provider customized with your WLS domain name and set the required flag 8Si authentication should be passed) or optional (if it does not need to be transmitted - for example if it does not authenticate itself, but that it only adds a main class)
Frank
-
Hello
I use JDeveloper 11.2.3.0.
I use the ADF security and I use the DB tables for authentication.
I created DB authentication in th weblogic and I inserted the SQL queries in the provider configuration.
In the application of the ADF, I activated the adf security. I added the business roles such as mentioned in my DB tables. I created the application roles and gave grants to users.
My problem is, when I run the application, users are not responsible for weblogic, but recreated with the new ID and that the DB is not assign roles to each user (because fdifferent ID).
Any fault knows how to solve this problem?
Thanks in advance
FARAJHello
not sure that I follow:
My problem is, when I run the application, users are not responsible for weblogic, but recreated with the new ID and that the DB is not assign roles to each user (because fdifferent ID).
If users are in the database, and then how to create weblogic accounts? This is possible if you have test accounts defined in the file "Data.xml" of your application that you deploy with the application the integrated WLS or a WLS in developmentmode-jazn. To avoid the testers to be created in WLS, select Application-->--> Application deployment properties. Here uncheck the box that says "users and groups".
Frank
-
Security of ADF 11g to deploy to weblogic
Hello
I put in place in Jdev which works well since jdev ADF security.
Now, I need to deploy in weblogic.
What is the deployment process and other configurations in Weblogic?
I created many users and roles in jdev and did the def permission with these roles page.
It is automatically created in weblogic when I deploy?
Kind regards
SamSam,
Fortunately, [url http://download.oracle.com/docs/cd/E16162_01/web.1112/e16182/adding_security.htm#CDDGFDFH] documentation has the answers.
John
-
Customization of the user and Desktop Integration to connect security non - ADF
Hi all
Our application has its own connection authorization. I have some doubts about the MDS (personalization of the user between sessions) and integration of ADF Office for an application that doesn't use the ADF security.
(1) is ADF Desktop integration taken in charge for the connection of non - ADF security. If so, is there a working example or how to establish a session to the user of the excel workbook with the username of connection of our application.
(2) of this thread ( customization through the MDS user Sessions ), I understand that, if we write our own customization class, persistence of the MDS in the sessions should not be a problem. However, how we store this persistence to a database. Any example pointers / functional would be really useful.
Thank you
BalaHi Balasumbramanian,
I just write a 3 part series on SDM that should help you with the second http://www.oracle.com/technology/pub/articles/adf-development-essentials/index.html question. See, in particular, the third article ("part 10")
John
-
Navigating ADF Train until a specific stop on the loading of the page
Hello friends,
I'm working on the GUI of an ADF web application, requiring the use of train components. It is possible to navigate through the component to train at a specific stop by programming once the page containing the component of train is loaded, but according to our business scenario, I need navigate the train at a specific stop (say 3rd stop for example) while the page is loading.
Is it possible to do?
I use JDeveloper 11.1.1.7.0.
Best regards
Anshul
try to use the method call activities
Shri
-
Security at the level of the ADF Page - need help
Hello
Currently, I am looking to secure my adf application. The taskflow Unbounded (adfc-config. XML) in my application is as follows
Application is shared with several customers. The homepage of a customer's A.jsp and other D.jsp. The reason is that there are several pages are shared by them. for example. B.JSP and C.jsp
The distinication between two clients's context path. Context path is different to one another. Context for client 1 path is ctx_path1 and for client 2 is ctx_path2.
Since all the page mapping is adfc-config.xml file, when client 2 is being access to the application context path ctx_path2 help and the D.jsp homepage, after if there change the url to A.jsp (ctx_path2/A.jsp), it could reach A.jsp and then B.jsp so on. Client 2 is then able to access the application customer1 and vice versa by changing the URL.
Note: There is correspondence of the page between either B.jsp and F.jsp C.jsp to E.jsp or C.jsp to G.jsp E.jsp to B.jsp so on.
Now, I want to add security to the level of the page Let's say A.jsp, when a customer access request 2 using context path (say ctx_path2)... / ctx_path2/D.jsp, although if he change the URL in... / ctx_path2/A.jsp, the safety of the adf must block access to A.jsp (client application 1.)
Please let me know the solution for the problem above mentioned above.Version Note: ADF - 11.1.1.6.0
Thank you
ASIS
If you enable ADF security and have Customer1 and Customer2 associated with different Application roles, you can set a level for each page role permission, provided that each page has a definition of page each. This will automatically solve your problem of "access if URL.
In addition, when you need to show/hide the navigation links based on the permissions of the user, you can use the visible property:
-
Hi gurus
I followed post https://docs.oracle.com/cloud/latest/javacs_gs/CSJSU/GUID-584D7322-2626-4EA2-BCE6-2F25F4186837.htm#CSJSU7097 to secure my ADF application.
But still when I go to my page, it says unauthorized error. Please let me know what I'm missing. When I change the security to form the basis, it works perfectly fine.
His is my definition of constraint in the web.xml file
< security constraint >
< display name > DemoConstraint < / display-name >
< web-resource-collection >
< name-resource-web > DemoConstraint < / web-resource-name >
< url-pattern > /adf / * < / url-pattern >
< / web-resource-collection >
<>auth-constraint
valid users - < role name > < / role name >
< / auth-constraint >
< / security constraint >
< security constraint >
< web-resource-collection >
< name-resource-web > Contraint2 < / web-resource-name >
<>url-pattern/secured / * < / url-pattern >
< / web-resource-collection >
< / security constraint >
Here's my entry weblogic.xml
< security-role-assignment >
valid users - < role name > < / role name >
< SPN > bhuwaneshenterpriserole < / main-name >
< / security role assignment >
I created bhuwaneshenterpriserole as a business in Jazn.xml and JCS SX role and it mapped to the application role serving as maps resources.
Here is my Jazn file
<? XML version = "1.0" encoding = "UTF - 8" standalone = 'Yes'? "" >
" < jazn-data xmlns: xsi =" http://www.w3.org/2001/XMLSchema-instance "
" xsi: noNamespaceSchemaLocation = ' http://xmlns.Oracle.com/OracleAS/schema/jazn-data-11_0.xsd "> "
< default = "jazn.com Kingdom-jazn" >
< domain >
< name > jazn.com < / name >
< user >
< user >
< name > [email protected] < / name >
< display name > Ashok Mishra < / display-name >
< power > {903} / Vp22Ndgz/0WReDlzYSMIlpYXToBqy64oT3mcVFK4Hw = < / qualifications >
< / user >
< / users >
<>roles
< role >
< name > bhuwaneshenterpriserole < / name >
< display name > bhuwaneshenterpriserole < / display-name >
< description > bhuwaneshenterpriserole < / description >
< member >
< member >
the user < type > < / type >
< name > [email protected] < / name >
< / member >
< / members >
< / role >
< / roles >
< / domain >
< / Kingdom-jazn >
< policy store >
applications <>
< application >
< name > TestApplication < / name >
< app-roles >
< app-role >
< name > bhuwaneshapplicationrole < / name >
oracle.security.jps.service.policystore.ApplicationRole < class > < / class >
< display name > bhuwaneshapplicationrole < / display-name >
< member >
< member >
< name > bhuwaneshenterpriserole < / name >
oracle.security.jps.internal.core.principals.JpsXmlEnterpriseRoleImpl < class > < / class >
< / member >
< / members >
< / app-role >
< / app-roles >
< jazn > political
<>grant
< dealer >
< directors >
< principal >
< name > authenticated role < / name >
oracle.security.jps.internal.core.principals.JpsAuthenticatedRoleImpl < class > < / class >
< / main >
< / directors >
< / dealer >
<>permissions
< permission >
oracle.adf.share.security.authorization.RegionPermission < class > < / class >
< name > secure. PublicPagePageDef < / name >
Display < share > < / actions >
< / authorization >
< / authorization >
< / grant >
<>grant
< dealer >
< directors >
< principal >
< name > bhuwaneshapplicationrole < / name >
oracle.security.jps.service.policystore.ApplicationRole < class > < / class >
< / main >
< / directors >
< / dealer >
<>permissions
< permission >
oracle.adf.share.security.authorization.RegionPermission < class > < / class >
< name > adf. SecuredPagePageDef < / name >
Display < share > < / actions >
< / authorization >
< / authorization >
< / grant >
< / jazn-policy >
< / application >
< / applications >
< / policy-store >
< / jazn-data >
If I remember correctly the roles you define in jazn are not automatically migrated to JCS, so even if you can use them to test locally the role should still be defined explicitly in JCS. (Even if it's been a while since I looked in them, so maybe things have changed since then). In my example I used Enterprise role which is defined both in in jazn (for local testing) and through the JCS UI. The reason for the change of class, it's this business role you created into JCS uses this class.
--
Jani Rautiainen
Relationship with the developers of Applications in fusion
-
Use security in the jspx page Adf
Hi guys,.
Currently I use default adf security.is there not to use the same level of security on my jspx login page.
Thank you
RaulHi user,
I hope that you are looking for
http://docs.Oracle.com/CD/E26098_01/Web.1112/e16182/adding_security.htm
Please see the if you want a custom connection.
Figure 35-3 by using the configure the ADF Security Wizard to generate a Simple Login Page
There are a lot of youtube videos. Google comes out.
This is timo:
What do you mean by '... I use default adf security... "
As I understand it. When creating new web applications to fusion adf security HTTP Basic authentication configuration is comes as default option. he speak that way.
You want to get the login page itself? It's not supposed as you may identify you to access the login page.
I hope that it does not ask as you mentioned.
in my experience, I interpret like this
"Currently, I use adf default security".
He is currently using the default security of adf (basic HTTP authentication).
is it possible to use the same level of security on my jspx login page.
You must use the concept of adf security even on the custom login page.
Thank you
-
Hi, Expert
I use Jdeveloper 11 g 11.1.1.4 and generate an ADF application.
After I installed the application with "Security ADF set up" with all the default settings (based on the forms authentication with the login and default error page), I run my application again, but unluckly, the login page does not appear, I always can I treat my age as before run the "Security configuration ADF. Where can I forget to put in place?
Thank you!Hello
you have chosen the option of test-everything role you have provided grants to all objects. This test-all role grants anonymous users
Frank
-
creating users and roles of WL server for an application that is secured by security ADF
Greetings
I have an application that uses the security of adf, pre-deployment I created the users and roles to grant access or permissions to certain pages in mid CA. the thing is that I need to know if its possible to create users and roles through my the weblogic Server console and that roles and users can have permissions in my app I try but the only thing that works is authentication... I can not pass authorization
Thanks for your helpIt should work very easily.
What you have to do is give the domain name as domain (default myrealm) weblogic, this step you already have you're abe to authenticate.
Now in jazn-"Data.xml", there are 2 types of roles. Application role & business role. Select business roles when assigning permissions. These should also be the same roles myrealm.
You can also use the application role and have a relationship between the application role & business role.
Only the care you need to take are to deploy the application in the EAR file, deployed a flag there migrate suite security users and security groups object. Deselect it.
When you use the user groups and migrate the Application roles.Vincent
Maybe you are looking for
-
My filter (for ads) works for some shippers, but not for others
I have several filters. One is "Advertising" for ads I want to read later, but need not be cluttering up my Inbox. It seems to work for a couple of the entries but ignores the rest. I checked the spelling, and they all seem to be correct. My settings
-
Questions of Tecra R940 - keyboard and touchpad
TECRA R940: I had problems with my touch pad and the keyboard of the laptop. The button disables itself allows erratically (usually when entering) and several keys on the keyboard either does not work or does not work (pushing allows it to key ALT ke
-
Is it possible to recover my Menu bookmarks in Safari/Firefox after I deleted it by mistake?
If this isn't the case, I'll have to re-transfer all over my old computer to get it back.
-
Hello. Does anyone have experience or opinion about CleanMyMac, cleaning of Mac software package? I just tried the free trial version and it seems to do a good job, but I thought that I would get comments, if possible, before you buy one complete. Th
-
How to get the return parameter in sequence teststand ran by labview labview
Hello Executes a test sequence of labview (essentially running "\Examples\TestStand API\Executing sequences using API\LabVIEW\Execute with no Model.vi process") I need to get a parameter returned in 'Settings', after the sequence has run. My problem