Security at the level of the ADF Page - need help

Hello

Currently, I am looking to secure my adf application. The taskflow Unbounded (adfc-config. XML) in my application is as follows

security_tf.png

Application is shared with several customers. The homepage of a customer's A.jsp and other D.jsp. The reason is that there are several pages are shared by them. for example. B.JSP and C.jsp

The distinication between two clients's context path. Context path is different to one another. Context for client 1 path is ctx_path1 and for client 2 is ctx_path2.

Since all the page mapping is adfc-config.xml file, when client 2 is being access to the application context path ctx_path2 help and the D.jsp homepage, after if there change the url to A.jsp (ctx_path2/A.jsp), it could reach A.jsp and then B.jsp so on. Client 2 is then able to access the application customer1 and vice versa by changing the URL.

Note: There is correspondence of the page between either B.jsp and F.jsp C.jsp to E.jsp or C.jsp to G.jsp E.jsp to B.jsp so on.


Now, I want to add security to the level of the page Let's say A.jsp, when a customer access request 2 using context path (say ctx_path2)... / ctx_path2/D.jsp, although if he change the URL in... / ctx_path2/A.jsp, the safety of the adf must block access to A.jsp (client application 1.)


Please let me know the solution for the problem above mentioned above.

Version Note: ADF - 11.1.1.6.0

Thank you

ASIS

If you enable ADF security and have Customer1 and Customer2 associated with different Application roles, you can set a level for each page role permission, provided that each page has a definition of page each. This will automatically solve your problem of "access if URL.

In addition, when you need to show/hide the navigation links based on the permissions of the user, you can use the visible property:

 

Tags: Java

Similar Questions

  • Flash intro (any flv) as the intro page (need help for the link)

    I have a clip that I imported into flash, used a skin and have a nice little player for this Web site intro. I want to go to the home page of sites at the end of the film. Looking but the best I could come up with a;

    player.addEventListener ("complete", function (item: event) {trace ("doneVideo"); new URLRequest ("my link") ;});})

    does not can not... someone help?

    If the name of your flvplayback component instance is flv, use:

    flv.addEventListener (Event.COMPLETE, f);

    function f (e: Event) {}

    navigateToURL (new URLRequest ("http://www.adobe.com"));

    }

  • flashing icon hits when I click on the Web pages, need help!

    When I click on a text or a web page the flashing icon you get when you type in a text box appears. I've been on other browsers firefox and they do not have it. How can I get rid of him?

    This has happened

    Each time Firefox opened

    Is a long time ago

    It seems that you have enabled the keyboard navigation - press F7 to turn it off.
    http://KB.mozillazine.org/accessibility.browsewithcaret

  • What is the best way to call a method in the bean on the adf page loading?

    Hello

    which is the best way to call a method in managing the beans on the adf page loading.

    My version of jdev 11.1.1.5.0

    Thank you

    I don't know if it's the right answer for your question try this...

    In taskflow for properties of method call, you must return a value when you use #{pageFlowScope.returnvalue} (returnvalue is a variable), so you can use your return value in the taskflow... Please let me if this is correct...

  • How temporary disable the security for the ADF?

    Hi, OTN,.
    I have developed security policies in my ADF application. Now I want to disable temporary for development to accelerate.
    Development guide suggests only pass authentication ADF - I still need to enter my credentials each redeployment - or safely remove - I should not really remove all my development security.

    Is there a way to disable temporary real?

    Thank you.
    11.1.1.3 JDev

    Security is controlled by two attributes (authorizationEnforce and authenticationRequire) in the ADF - config.Xml. look at this tag in adf - config.xml:

    Set the false values and allows you to disable the authentication and authorization. Note that if you disable authentication you may still have problems with authentication due to security constraints defined in the web.xml file.

    A more standard approach is to keep security settings intact, but to use the role of ADF fail-safe "test-all." Configure the security of the ADF to use test-all role and grant it to all objects. This way developers will have access to all objects secured without giving any privileges explicitly.

    Dimitar

  • 30.0 Firefox is so slow since updated. IE & Chrome not having problems loading pages, showing the blank pages, need two or more tests to open Web pages.

    30.0 Firefox is so slow since updated. IE & Chrome not having problems loading pages, showing the blank pages, need two or more tests to open Web pages. It seems to have something to do with the Visual data on the pages. My MSN homepage gets old and dies every time I open the page after the re-opening and closing of firefox. It takes forever! What is a memory drain? Each open page in a new session of firefox suffer the same fate.

    Start Firefox in Safe Mode {web link}
    While you are in safe mode;
    Press < Alt > or < F10 > to display the toolbar.
    Followed;

    Windows; Tools > Options
    Linux; Edit > Preferences
    Mac; name of the application > Preferences

    Then Advanced > General.
    Find and stop using hardware acceleration.

    Dig safe web sites and see if there is still a problem. Then restart.

  • I got an iphone 4 to a friend in the Canada. I want to use it here in the Philippines as a regular iPad reserved for wifi, how can I use it without sim card? It does not pass the activation page. Help please?

    I got an iphone 4 to a friend in the Canada. I want to use it here in the Philippines as a regular iPad reserved for wifi, how can I use it without sim card? It does not pass the activation page. Help please?

    You can activate it without a SIM card. If it is locked, it takes a SIM card by the carrier, for it is locked. The SIM card should not be linked to an active line of service, but it must be present to activate it.

  • I have an account so that I can edit PDF files. For some reason any today, even if I am logged in, I can't edit. It buy guard back to the product page. Help, please

    I have an account so that I can edit PDF files. For some reason any today, even if I am logged in, I can't edit. It buy guard back to the product page. Help, please

    Thank you. When I went back to look at the version that I realized that I've changed my default to the reader. I use Adobe Acrobat Pro DC. So I changed my default and I'm good to go.

    Hallie

  • My Apple Watch doesn't work despite the charge. Need help!

    MY Apple Watch feeds not on despite the load? Need help!

    Have you tried to force the reboot of the Apple Watch?

    Forcing Apple Watch to restart: press and hold the side button and the digital Crown at the same time for at least ten seconds, until the Apple logo appears.

  • PHP - report summary Page need help

    Hi all

    PHP - report summary Page need help... For example, I have a page where the user can select a small number of products, then I have a database PHP MySQL query that selects recent purchases of these products and where they were purchased at also like:

    -query... Select widget1 - widget2 and widget3

    RESULT...

    Widget1, 51, sold the store 1 the invoice

    Widget1, Bill 72, sold the store 2

    Widget1, Bill 59, sold the store 1

    widget2, invoice 2, sold in stores 2

    widget2, Bill 81, sold the store 1

    Widget3, Bill 201, sold the store 1

    Widget3, 151, sold the 2 store the invoice

    Widget3, Bill 17, sold the store 2

    Widget3, Bill 3, sold the store 1

    -I would like to report that may make certain features of synthesis, as well as the report output looks something like:

    'PRODUCTS to SHOW with SHOP SUMMARY'

    STORE 1

    Widget1, 51, more fields here the invoice

    Widget1, 59, more fields here the invoice

    widget2, 81, more fields here the invoice

    Widget3, 201, more fields here the invoice

    Widget3, Bill-3, more fields here

    STORE 2

    Widget1, Bill 72, more fields here

    widget2, invoice 2, more fields here

    Widget3, 151, more fields here the invoice

    Widget3, 17, more fields here the invoice

    -> I'm curious to know how to build php in order to simulate this STORE 'SUMMARY' on the page of the report. All ideas are welcome.

    THANKS in ADVANCE - Dave

    Dave, your question is quite broad, but may help the following:

    MySQL has functions of aggregation such as COUNT and SUM. It would probably be useful for you in your solution. I always try to do as well in the database as possible rather than dumping a lot of data in the php script to process. Also look at the MySQL GROUP BY WITH ROLLUP as a way to return altogether.

  • Use security in the jspx page Adf

    Hi guys,.
    Currently I use default adf security.is there not to use the same level of security on my jspx login page.
    Thank you
    Raul

    Hi user,

    I hope that you are looking for

    http://www.fireboxtraining.com/blog/2012/02/09/Oracle-ADF-11g-authentication-using-custom-ADF-login-form/

    http://docs.Oracle.com/CD/E26098_01/Web.1112/e16182/adding_security.htm

    Please see the if you want a custom connection.

    Figure 35-3 by using the configure the ADF Security Wizard to generate a Simple Login Page

    There are a lot of youtube videos. Google comes out.

    This is timo:

    What do you mean by '... I use default adf security... "

    As I understand it. When creating new web applications to fusion adf security HTTP Basic authentication configuration is comes as default option. he speak that way.

    You want to get the login page itself? It's not supposed as you may identify you to access the login page.

    I hope that it does not ask as you mentioned.

    in my experience, I interpret like this

    "Currently, I use adf default security".

    He is currently using the default security of adf (basic HTTP authentication).

    is it possible to use the same level of security on my jspx login page.

    You must use the concept of adf security even on the custom login page.

    Thank you

  • Level of security for the dashboard pages.

    Hi all


    I have a question. I want to apply security to the level of the data to the data in dashboard pages.



    All the answers.




    Thank you sunny.

    Hello
    Can do this by using the section level security.
    Place the x, y in a section and z report in the other section. Now apply security at the level of the article accordingly.

    Awarded points if the answer.

    Kind regards
    Srikanth

  • date of post at the level of the adf pages?

    I have a date of field who I need to validate using the following validation criteria

    date cannot be a future date

    is there any future provided by the adf?

    Hello..
    Still having problem. If so, please share your code.did you try code above, stuff that works for me. In the above code change Date java.util.Date in the bean and try...

  • Security of the ADF

    Hi all

    We have a SignIn page in our application for the authentication of the user and all components. In the ADF - config.xml, I have the following Setup

    authorizationEnforce = "false" authenticationRequire = "true".

    but I was redirected to the main home page (the page will be sent after a successful authentication) without any authentication. Although I put authenticationRequire = 'true '.

    However, if I set the URL scheme as ' / ' in the security constraint. It opens the SignIn page. However, the images were not properly?

    When the ADF security is enabled, i.e. when the two indicators of authentication/authorization in afc - config.xml are enabled, it works correctly.

    Please help us.

    Hello

    However, if I set the URL scheme as ' / ' in the security constraint. It opens the SignIn page.

    That's what the assistants of ADF Security adds by default when you select authentication only because there is no authorization, leading to a delayed authentication

    However, the images were not properly?

    This is because "/" protects all files under the root of Java EE. To change this, change the constraint "/" for authentication *.jspx (or *.jsp If you are using this as a file extension). In this case the images are excluded from security

    (Note that it is not here ADF security, but the security of web applications in Java EE)

    When the ADF security is enabled, i.e. when the two indicators of authentication/authorization in afc - config.xml are enabled, it works correctly.

    This is because the permission is not applied on the level of path (your path of the application root) context Java EE

    Frank

  • Login, authentication of the ADF page rendering problem

    Hi all

    I use Jdev12c and authentication of the ADF configuration in my application. MY login pages are not html and JSF pages. After you set up the security of the skin on the login page stops working. The drawn solution of article https://blogs.oracle.com/jdevotnharvest/entry/solving_jdeveloper_11gr2_issue_with does not help (which seems to be incomplete).

    Now, reading autour, I made an assumption are the result of changes and it seems to work. But I don't know if it can cause any problem of security in the merger application. Any idea/thoughts?

    < security constraint >

    < web-resource-collection >

    allPages < web-resource-name > < / web-resource-name >

    < url-pattern > /visages / * < / url scheme >

    (it was < url-pattern > / * < / url-pattern >)

    < / web-resource-collection >

    <>auth-constraint

    valid users - < role name > < / role name >

    < / auth-constraint >

    < / security constraint >

    (There is also a page-def on the login page and the model used for the login page).

    Thank you!!

    Mrig

    Very well. Figured out.

    According to what little I learned about the web.xml file, I had to follow processes & groping to find resources which create problem. So Pagedef and models are not the problem which might have been in previous versions of Jdev. I added ' / resources/images / * ' under web-resource-collection.

    Authorized resources ADF

    information/images / *.

    allPages

    faces *.

    (it was / *)

    valid users

    I thought the CSS files and templates like that I used on the login page.

    Thanks for the help and suggestions!

Maybe you are looking for

  • Shadow copy service defective or not running

    Windows Update has been trying for days (default) install downloaded updates. It turns out that the problem is failure to create due to the vss error restore point. tried manually from the service with the results of epic fail. y at - it a patch or m

  • Folder / file name is highlighted in blue

    Hi people, Some or rather most of my folder / file name (C :) is highlighted in blue, I must admit that this probably because of me trying it to change the default location of some files like C:\Users to free space in (c),) Although I have space for

  • Flow bb 10 license

    Hello I did my application with bb 10 research licenses. Is there anything in the api which is equivalent to RIM_APP_WORLD_LICENSE_KEY (in java) so I can check to see if the application has been licensed via app world? I'd appreciate some clarity on

  • Intel Management Engine Interface T400s

    In Device Manager, I see that this material cannot start.  The version of the driver is up-to-date.  What do I need for, and, if I need, how can I do? Thank you, John

  • nested entity collection interface suggestions

    So in the OPA, entities can have entities. In our case, both are the containment (One to Many). I feel that we have all data correctly, but we wanted a hard time to come up with a good maintenance. Ideally, I think that we should be able to have enti