Tuesday, July 23, 2013

ADF Security Basics part 5:Entitlement Grants

Grouping of roles and resources:

Created the role app-role3.


Created a the page entitlementRole.jspx and created the pageDef of this file.



For multiple resource sake ,created a bounded task flow 


Created the testE1.jspx file to test the task flow


Adding the resources to the entitlement grant


Multiple resource granted entitlement grant 


The resources grant to role 


jazn-data.xml changes will looks like below 
Access entitlementRole.jspx page 
Access the testE1.jspx 


Monday, July 22, 2013

ADF Security Basics part 4:Applying Security Policy on Entity Ojbects

I have created following roles into jazn-data.xml

app-role1 :


app-role2:



Go to the security section of the Enity Object from the General tab.



Setting the security in the attribute level  for the Phone Number attribute



Setting the security in the attribute level for Email


From the jazn-data.xml editor assign the update permission to the app-role1 and app-role2





For the attribute phone number :



For the attribute Email :


Create a ADF form with the updatable VO in secureData.jspx page.


Secure the page secureData.jspx Assign view permission to both app-role1 and app-role2


Login as app-role2 and see the Email is read-only






Login as app-role1 and see the Phone Number disabled :


Friday, July 19, 2013

ADF Security Basics part 3:Applying Policy on Methods

Create a client interface method in AM.Go to Application Module xml and in the overview page generate the Impl classes.





In the Impl class Add a test method











Click on the client interface from Java option of AM overview page








The method will be added as below




From the resource grant screen











Create a ADF Method Resource as below












Assign the role as below




From the data control add method as button in the jspx page













From the disabled property of the commandline button give the following property











Give the same permission of method to the test page





Run the test page and login to the page after running. The button will be enabled.

Change the permission of test page to another role and see the button disabled, if that particular user doesnt have the permission in role2.


Thursday, July 18, 2013

ADF Security Basics part 2: Internal file changes after enabling ADF Security

Following are the file changes after the ADF security is enabled.

1.  Web.xml changes

a) Changes for JpsFilter
b)      AdfAuthentication servlet- For Aunthentication and Autherization option



c)      Define valid security roles :
2. adf-config.xml changes . (.adf/META-INF Folder)

3. Jps-config.xml changes .(From jdev ApplicationResources>Descriptors> META-INF)

a)  Credential store and anonymous provider


b)  Jazn-data.xml referemces






3. Weblogic.xml changes :(UI Prpjects WEB-INF folder)











4.Jazn-data.xml changes : setting the default realm.(From jdev ApplicationResources>Descriptors> META-INF)

ADF Security Basics part 1: Secure the page having a Bounded Task Flow

Create  a fusion Application



Create a bounded Task Flow 


Bounded task flow with two views elements :

Create users Application> Security> Users 
Create the Application Role from the left menu .
Add Users to the application Role :
Go to the Resource Grant page and grant permission to task flow 


Create a main jspx file 

Allow Grant to the testMain.jspx file 
Drag and drop the task flow to the main jspx page 

Enable ADF security 

Select the ADF authentication and authorization 

Different Authentication types . Select the Http Basic Authentication.

Select the Policy Grants 

Authenticated Welcome page 


The summary 

Run the main page and see the login screen