Oracle ADF World: ADF Security Basics part 9 : Evaluate policies using Custom JAAS permission

Sunday, August 11, 2013

ADF Security Basics part 9 : Evaluate policies using Custom JAAS permission

Custom JAAS permission can be created from JASS Permission option from jDeveloper .From the New Gallery> All items

Create a JAAS permission with below attributes :

Add the following lines to jazn-data.xml against the app-role1 grant from the source editor

<grant>
<grantee>
<principals>
<principal>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
<name>app-role1</name>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>view.TestPermission</class>
<name>TestPermission</name>
<actions>view</actions>
</permission>
</permissions>
</grant>
<grant>

Create a new Resource Type from (+) from the Resource grant section of jazn-data.xml

Create the page customPermission.jspx and assign app-role1 grant to the page def file of it

Source code for the jspx :

<?xml version='1.0' encoding='UTF-8'?>

<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page" version="2.1" xmlns:f="http://java.sun.com/jsf/core"

xmlns:af="http://xmlns.oracle.com/adf/faces/rich">

<jsp:directive.page contentType="text/html;charset=UTF-8"/>

<f:view>

<af:document title="customPermission.jspx" id="d1">

<af:form id="f1">

<af:panelGroupLayout id="pgl1">

<af:button text="button 1" id="b1"

rendered="#{securityContext.userGrantedPermission['permissionClass=view.TestPermission;target=TestPermission;action=view']}"/>

<af:outputText value="#{securityContext.userGrantedPermission['permissionClass=view.TestPermission;target=TestPermission;action=view']}" id="ot1"/>

</af:panelGroupLayout>

</af:form>

</af:document>

</f:view>

</jsp:root>

Note the button text code in bold.Run the page and the button will be visible.

Oracle ADF World

Sunday, August 11, 2013

ADF Security Basics part 9 : Evaluate policies using Custom JAAS permission

No comments:

Post a Comment

About Me

Followers