GOTCHA's with Setting up ADF Security with JDev 11.1.1.6.0

If you're getting into ADF security, you're probably going to want to get rid of that ugly default login.html page. I mean, it gets the job done, but we want something a little better. And if you want something a little better and you're using JDev 11.1.1.6.0, it behooves you to read this post!
First off, get acquainted with these four posts. All good stuff. They'll walk you through the 1st half of what you need to know. Y'know, the non-Gotcha half.
http://one-size-doesnt-fit-all.blogspot.com/2010/07/adf-security-revisited-again-again.html
http://myadfnotebook.blogspot.com/2011/11/adf-security-basics.html
http://andrejusb.blogspot.com/2010/11/things-you-must-know-about-adf-faces.html
http://java2go.blogspot.com/2010/12/creating-centered-page-layout-using-adf.html
Are you getting either of the following errors?
<CodebasePolicyHandler> <migrateDeploymentPolicies> Migration of codebase policy failed. Reason: {0}.
oracle.security.jps.JpsException: java.lang.IllegalArgumentException: oracle.security.jps.internal.core.principals.JpsAnonymousRoleImpl
Error 500--Internal Server Error
java.lang.RuntimeException: Cannot find FacesContextI'll show you where they're coming from. Follow along.
1) Create a new application.
2) Create three .jspx pages called login, error, and welcome.
3) Generate PageDef files for them by right-clicking on the file and selecting "Go To PageDefinition". You'll want these so that you may apply security against them.
4) Right-Click on your Application and select Secure->Configure ADF Security
5) ADF Authentication and Authorization -> Form Based Authentication (Use the search symbol to select your created login and error pages. Should be something like "/faces/login.jspx") -> No Automatic Grants -> Finish
Right-Click your welcome.jspx and select run. You'll get this error before your web page opens up in your browser and then proceeds to wig out.
<CodebasePolicyHandler> <migrateDeploymentPolicies> Migration of codebase policy failed. Reason: {0}.
oracle.security.jps.JpsException: java.lang.IllegalArgumentException: oracle.security.jps.internal.core.principals.JpsAnonymousRoleImplThat just won't do. Let's fix it, shall we?
6) Open your newly JDev created jazn-data.xml file. It's located in the Application Resources panel (usually located by Data Controls and your Projects expandable panels)
7) Resource Grants -> Resource Type (Web Page dropdown) -> error page should have a key symbol by it. Delete the anonymous role in the "Granted To" column. Now click the green button to add an Application Role. Huh, there's TWO of them? How bout that? Looks like we're going to have to delete some XML code!
8) Click the Source tab on the bottom of the page to open up the XML View. You'll see the following piece of erroneous code. Erroneous, I say!
  <policy-store>
    <applications>
      <application>
        <name>SecurityError</name>
        <app-roles>
          // Hello, I'm the app role that has sucked away two hours of your life that you can never, ever get back
          <app-role>
            <name>anonymous-role</name>
            <class>oracle.security.jps.internal.core.principals.JpsAnonymousRoleImpl</class>
            <display-name>anonymous-role</display-name>
          </app-role>
         // Whew, the end of that app role
        </app-roles>
        <jazn-policy>
          <grant>9) You're going to want to delete that app role XML
10) Go back into your jazn-data.xml file and create some users. For example, bob and jane. Create an Enterprise role called "admin". Put bob and jane as members into this Enterprise role. Create an Application role called managers. Map managers to your Enterprise role admin.
11) Go back to the Resource Grants tab -> Resource Type (Web Page) and delete any "Granted To" authorizations that may assigned to any of the pages. Assigned a "Granted To" application role of "anonymous-role" to the error and login pages. Assign "managers" to welcome.
12) Run your welcome page. Yay, the error is gone. How sweet it is.
Now you want to refactor/move your login and error page somewhere else? Great, just right-click and select factor. Refactor to some place like /public_html/jspx/<your login page>.jspx. Re-run your welcome page.
// You fool!
Error 404--Not Found
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.5 404 Not FoundThat's not so good. Let's fix that.
1) Open up web.xml. It's located at ViewController/WEB-INF/web.xml.
2) Click the security tab and you'll see Form-Based Authentication with a login page and error page. Click that Search glass and locate your new file. Do the same for the error page. You should see something like "/jspx/login.jspx" come back.
3) Re-run your welcome page.
// Suckered AGAIN!
Error 500--Internal Server Error
java.lang.RuntimeException: Cannot find FacesContextThis is a tricky one. The search icon brings back a faulty address. Since we're using a .jspx page, it needs to be "/faces/jspx/login.jspx". Repeat for the error page. Re-run your welcome.jspx.
Ahh!! Now THAT's how we do it in Kingsport!
Finally, a custom .jspx login works. Now what are you doing here? Shouldn't you be playing some Diablo 3?
Will

Ha :-)
Point being good summaries like yours tend to get lost on the forums because of the volume of posts. With a blog people have the chance to subscribe to your posts so it's just a better vehicle all round for posting content to help others.
I highly recommend writing blogs even if it's for scratch notes, because you'll learn a lot in structuring your thoughts. It's also a really good way to get noticed in the community because bloggers stand out.
But your call, no pressure of course ;-)
CM.

Similar Messages

  • Help with setting up wireless security with mac

    We have just set up a Linksys WRT54G on a pc, and it connects to the internet fine. the problem is, anyone can connect.
    I do not understand how to set up a password for this so no one can leach off my internet connection.
    I tried to put in a code but it didnt work.
    is there a step by step way to do this?

    FAQs are on the linksys support pages. For wireless security there are a few. One is here:
    http://linksys.custhelp.com/cgi-bin/linksys.cfg/php/enduser/std_adp.php?p_faqid=759
    However, I would not configure WEP as described there but WPA or better WPA2. New iMacs support WPA2. WEP can be cracked within a few minutes.
    If it still does not work, please post the exact settings you are using in your router (Wireless tab and Wireless Security tab) and the settings you are trying on your mac.

  • Creating a WebCenter Application with PageCutomizable and ADF Security

    I created a Webcenter App in Jdev 11.1.1.2.0 with webcenter extension.
    I have 2 JSPX files.
    One called mainTemplate.jspx
    - contains header, footer in ADF and a center facet.
    One called Welcome.jspx created from mainTemplate
    - contains page customizable > panel customizable > layout customizable > various custom panel configs.
    ADF security is configured with BASIC, authentication only. Because form authentication seems harder to get working.
    We have one weblogic user, and currently deploy to the integrated WLS, although we'll deploy out to a full server once security/composer is working.
    The problem is, when we run the Welcome.jspx, and because we added a reference to a logged in var, it requests http login fine.
    We then refresh the page and see that we are indeed logged in as 'weblogic'.
    Is weblogic a special user? should I create a new one? Is there any setup required on the Integrated WLS to get this working?
    However when we click on 'add Content' using the composer we get a permission error.
    +<RegistrationConfigurator><handleError> Server Exception during PPR, #1+
    javax.el.ELException: oracle.adf.view.page.editor.security.ComposerSecurityException: You do not have permission to edit the page
    +     at com.sun.el.parser.AstValue.invoke(AstValue.java:161)+
    +...+
    Caused by: oracle.adf.view.page.editor.security.ComposerSecurityException: You do not have permission to edit the page
    +     at oracle.adfinternal.view.page.editor.bean.DialogBean.setDialogHelp(DialogBean.java:129)+
    +     at oracle.adfinternal.view.page.editor.bean.DialogBean.showResourceCatalog(DialogBean.java:356)+
    +     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)+
    +...+
    I tried using the Customization allowed var in the property inspector, but could not map 'allowed by' to a user or role that my setup would recognise. The doco specifies 'admin' which does not work for me.
    In my catalog I have a WCM portlet taskflow, which will require its own permissions.
    I tried enabling permissions for the test-all role to all of my pages/taskflows, leaving just the 'view' permission to the anonymous role.
    I also tried authentication/authorization profiles, and building my own jspx login/error pages, but no luck there either, the login button doesn't seem to tirgger my java doLogin class, even though I set the binding on the button using the method expression builder to the bean method.
    *note: I didn't try the welcome/login/error page auto create as they generate html files, I created JSFs with full UI in there. Am I required to use those html types instead of jspx? I found that the redirection worked by appending the jspx reference with '/faces/Login.jspx'. The problem seemed to have been somewhere else.
    If we have any Webcenter Composer / Security gurus out there, help would be greatly appreciated.
    Our main goal is to create a Webcenter App which has security/composer/navigation and a catalog with WCM/Siebel portlets similar to the Avitek demo without using WC Spaces.
    Thanks.
    Thanks.
    Edited by: Guillaume_Davies_SC on Apr 20, 2010 7:28 PM

    When you want to achieve this you need to configure ADF security with basic authentication & authorization. THe authorization is the part that takes care of what a user may and may not do in an application. Authentication is just the log in part.
    When you have configured your application for authorization as well, you have to create roles and groups.
    You will also have to set the authorization of your pages. Open a jsxp and in the design or source view, right click and "edit authorization". You then have to add roles to your pages and define their rights. Then you can set the authorization for edit,cuustomize,personlise,view,...
    Hope this helps.

  • Adf security with upper case user results in 500-internal server error

    Hello
    JDev 11.1.1.0.2, Integrated WLS
    I'v set up ADF security as explained in the documentation.
    The only difference being that the role test-all has been removed.
    I have one user 'paul' with a password of 'password'
    I have one application role 'myrole'
    'paul' is a member of 'myrole'
    I have one unbounded task flow with one view (view1).
    Via the janz-data.xml 'View1' has been granted to 'myrole' (view action)
    When running View1 I get the login.html page which is correct.
    The fun starts when playing around with the user/password.
    If I login with 'paul' and 'password' view1 is display, this is correct
    If I login with an unknown user or an incorrect password Windows Explorer 7 shows a generic HTTP 403 error page and not the error.html
    If I login with 'PAUL' and 'password' (or Paul, or any mixed cased version of Paul with the correct password) I get the following stack trace :
    oracle.adf.controller.security.AuthorizationException: ADFC-0619: Echec de la vérification des autorisations : '/view1.jspx' 'VIEW'.
         at oracle.adf.controller.internal.security.AuthorizationEnforcer.handleFailure(AuthorizationEnforcer.java:145)
         at oracle.adf.controller.internal.security.AuthorizationEnforcer.checkPermission(AuthorizationEnforcer.java:124)
         at oracle.adfinternal.controller.state.ControllerState.initializeUrl(ControllerState.java:639)
         at oracle.adfinternal.controller.state.ControllerState.synchronizeStatePart2(ControllerState.java:449)
         at oracle.adfinternal.controller.application.SyncNavigationStateListener.afterPhase(SyncNavigationStateListener.java:44)
         at oracle.adfinternal.controller.lifecycle.ADFLifecycleImpl$PagePhaseListenerWrapper.afterPhase(ADFLifecycleImpl.java:529)
         at oracle.adfinternal.controller.lifecycle.LifecycleImpl.internalDispatchAfterEvent(LifecycleImpl.java:118)
         at oracle.adfinternal.controller.lifecycle.LifecycleImpl.dispatchAfterPagePhaseEvent(LifecycleImpl.java:166)
         at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener$PhaseInvokerImpl.dispatchAfterPagePhaseEvent(ADFPhaseListener.java:122)
         at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener.afterPhase(ADFPhaseListener.java:68)
         at oracle.adfinternal.controller.faces.lifecycle.ADFLifecyclePhaseListener.afterPhase(ADFLifecyclePhaseListener.java:51)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:354)
         at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:175)
         at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:181)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:85)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:279)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._invokeDoFilter(TrinidadFilterImpl.java:239)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:196)
         at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:139)
         at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at oracle.security.jps.wls.JpsWlsFilter$1.run(JpsWlsFilter.java:85)
         at java.security.AccessController.doPrivileged(Native Method)
         at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:257)
         at oracle.security.jps.wls.JpsWlsSubjectResolver.runJaasMode(JpsWlsSubjectResolver.java:250)
         at oracle.security.jps.wls.JpsWlsFilter.doFilter(JpsWlsFilter.java:100)
         at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:65)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:42)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3496)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(Unknown Source)
         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)
         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    The questions are :
    - Why do I get the generic HTTP 403 error instead of the error.html (its not the end of the world but I would like to understand) ?
    - Why do I get the error 500 if the case of the username is incorrect but the password is correct ?
    Best Regards
    Paul

    Nope nothing in there that looks out of place...
    Here's the contents of the web.xml file ..
    <?xml version = '1.0' encoding = 'windows-1252'?>
    <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5" xmlns="http://java.sun.com/xml/ns/javaee">
    <description>Empty web.xml file for Web Application</description>
    <context-param>
    <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
    <param-value>client</param-value>
    </context-param>
    <context-param>
    <description>If this parameter is true, there will be an automatic check of the modification date of your JSPs, and saved state will be discarded when JSP's change. It will also automatically check if your skinning css files have changed without you having to restart the server. This makes development easier, but adds overhead. For this reason this parameter should be set to false when your application is deployed.</description>
    <param-name>org.apache.myfaces.trinidad.CHECK_FILE_MODIFICATION</param-name>
    <param-value>false</param-value>
    </context-param>
    <context-param>
    <description>Whether the 'Generated by...' comment at the bottom of ADF Faces HTML pages should contain version number information.</description>
    <param-name>oracle.adf.view.rich.versionString.HIDDEN</param-name>
    <param-value>false</param-value>
    </context-param>
    <filter>
    <filter-name>JpsFilter</filter-name>
    <filter-class>oracle.security.jps.ee.http.JpsFilter</filter-class>
    <init-param>
    <param-name>enable.anonymous</param-name>
    <param-value>true</param-value>
    </init-param>
    <init-param>
    <param-name>remove.anonymous.role</param-name>
    <param-value>false</param-value>
    </init-param>
    <init-param>
    <param-name>addAllRoles</param-name>
    <param-value>true</param-value>
    </init-param>
    <init-param>
    <param-name>jaas.mode</param-name>
    <param-value>doasprivileged</param-value>
    </init-param>
    </filter>
    <filter>
    <filter-name>trinidad</filter-name>
    <filter-class>org.apache.myfaces.trinidad.webapp.TrinidadFilter</filter-class>
    </filter>
    <filter>
    <filter-name>adfBindings</filter-name>
    <filter-class>oracle.adf.model.servlet.ADFBindingFilter</filter-class>
    </filter>
    <filter-mapping>
    <filter-name>JpsFilter</filter-name>
    <servlet-name>Faces Servlet</servlet-name>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>INCLUDE</dispatcher>
    </filter-mapping>
    <filter-mapping>
    <filter-name>trinidad</filter-name>
    <servlet-name>Faces Servlet</servlet-name>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
    </filter-mapping>
    <filter-mapping>
    <filter-name>adfBindings</filter-name>
    <servlet-name>Faces Servlet</servlet-name>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>REQUEST</dispatcher>
    </filter-mapping>
    <servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet>
    <servlet-name>resources</servlet-name>
    <servlet-class>org.apache.myfaces.trinidad.webapp.ResourceServlet</servlet-class>
    </servlet>
    <servlet>
    <servlet-name>adfAuthentication</servlet-name>
    <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>/faces/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>resources</servlet-name>
    <url-pattern>/adf/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>resources</servlet-name>
    <url-pattern>/afr/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>adfAuthentication</servlet-name>
    <url-pattern>/adfAuthentication/*</url-pattern>
    </servlet-mapping>
    <session-config>
    <session-timeout>35</session-timeout>
    </session-config>
    <mime-mapping>
    <extension>html</extension>
    <mime-type>text/html</mime-type>
    </mime-mapping>
    <mime-mapping>
    <extension>txt</extension>
    <mime-type>text/plain</mime-type>
    </mime-mapping>
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>adfAuthentication</web-resource-name>
    <url-pattern>/adfAuthentication</url-pattern>
    </web-resource-collection>
    <auth-constraint>
    <role-name>valid-users</role-name>
    </auth-constraint>
    </security-constraint>
    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/login.html</form-login-page>
    <form-error-page>/error.html</form-error-page>
    </form-login-config>
    </login-config>
    <security-role>
    <role-name>valid-users</role-name>
    </security-role>
    </web-app>
    Regards
    Paul

  • Obtain Username from ADF Security with BPM Task Page

    All,
    I have a requirement to obtain the currently logged on user within a BPM task page.
    I log onto either the BPM workspace or our own custom workspace that leverages the BPM Tasklist Taskflow. When navigating from a task in the tasklist, I have attempted to use an ADF EL expression to obtain the current user #{securityContext.userName}. However this seems to return anonymous. I have created a very simple test case and process to prove this, just displaying the user on the screen. However it shows as anonymous. I have done nothing special with either the task page or my workspace application to configure security aspects. Other than the standard ADF security of the custom workspace loggin.
    Does anyone know if this is achievable? (My ADF skills are limited)
    Interestingly, this seems to work fine on some of our 11.1.1.6.3 sever installs but not on others, including my Local Windows install. Therefore it is concidence it works on the servers (Linux).
    Many Thanks for any guidance you can provide
    FYI, The Task actions, task comments etc all record the logged in user correctly. I also reviewed comments in https://blogs.oracle.com/bpmbestpractice/entry/bpm_adf_task_forms_checking
    Regards Dave
    Edited by: DavidGaskell on Dec 1, 2012 12:41 AM

    Hi thanks,
    I'm a little confused so apologies.
    The steps we have followed to date as as follows:
    1) Written our own login page which inplements ADF security to authenticate the user
    2) Integrated the BPM task list task flow into our application as per Oracle docs.
    3) Written a separate application for the task page.
    4) run the application so u log into application, go to task list page, click in a bpm task in task list which launches the custom bpm task page. At this point the security context is anonymous evn though the login page shows the user logged in.
    Therefore are you suggesting I need to add some additional steps to pass the context into the custom page. FYI we have no single sign on implemented.
    I presume the BPM context must be set based on the logged on user as all task actions are performed as the user details are recorded.
    In a simpler scenario I get the same outcome whe using the out the box bpm workspace.
    Rgards Dave

  • OAM and ADF Security with WebLogic 11

    WebLogic Server 11, ADF 11, OAM 10.1.4.3
    I understand (and have successfully implemented) an ADF application with application roles tied to enterprise roles which are mapped to OAM groups (and users). This appears to use the OAMAuthenticator and OAMIdentityAsserter authentication providers from OAM installed into the WLS.
    However, there appears to be a gap in the authorization component beyond simple group membership. Does WLS support roles and policies defined in OAM as they might pertain to an ADF application? In the Oracle Access Manager Integration Guide, the entire section on integration with WLS has been removed between versions 10.1.4.0.1 and 10.1.4.3 (along with several other chapters). What is the future direction here? What would be the best means to create roles and policies (including dynamic roles) which extend beyond simple group membership?
    Regards,
    Tom Gresham

    For a start JDeveloper 10.1.3 uses an older version of JSF that WebLogic 11g. You would be best upgrading your app with JDeveloper 11g and then re-deploying.

  • How to set dimension level security with multiple levels

    Hi,
    We have hierarchy with Level 0 codes to Level 4 codes.
    For e.g.
    Region 1 : Level 0 code 10000, Level 1 code 10001, Level 2 code 10011, Level 3 code 10111, Level 4 code 11111
    Region 2: Level 0 code 20000, Level 1 code 20001, Level 2 code 20011, Level 3 code 20111, Level 4 code 21111
    Region 3: Level 0 code 30000, Level 1 code 30001, Level 2 code 30011, Level 3 code 30111, Level 4 code 31111
    From SSAS role administration, I would like to assign a user permission to all Region 1 codes and only Level 3 code (30111) of region 3.
    How and where do I set this kind of permission?
    Thanks in advance.
    Manisha

    see
    http://www.mssqltips.com/sqlservertip/1834/introduction-to-dimension-security-in-sql-server-analysis-services-ssas-2005/
    Please Mark This As Answer if it helps to solve the issue Visakh ---------------------------- http://visakhm.blogspot.com/ https://www.facebook.com/VmBlogs

  • Declarative ADF Security with LDAP provider other than OID possible  ?

    All samples I found regarding declarative security in ADF are done with an .xml repository or mention the possible use of OID as such repository.
    Thing is that client will not have OID but other LDAP v3 compilant provider.
    In this scenario is it possible to use the ADF Declarative Security or should we have to implement a custom module for the interaction ?
    Thanks,
    Claudio.

    You are right, in this article:
    http://www.oracle.com/technology/products/jdev/howtos/10g/jaassec/index.htm
    says:
    In Oracle Containers for J2EE 10.1.3, users can also be defined in 3rd party LDAP servers.
    However it doesn't give any concrete sample.
    Question is: can I say the client that we can develop based on .xml or OID and then change to other 3rd party LDAP server without changing code ?
    Thanks,
    Claudio.

  • Setting windows directory security with ColdFusion

    If one was to build an application that could be creating directories on a windows system.  Is there any way to set specific permissions on that newly created directory.  I understand that the <cfdirectory...> tag has the ability to set the UNIX permissions.  But, of course, windows is not so simple.
    If this is at all possible, would it matter if the directories being created where on a file server and not directly on the web server.
    TIA
    Ian

    Never tried it, but don't see why it wouldn't work - how about using .NET objects through Coldfusion? I had to create a VB.net program recently which sets NTFS permissions, and the code was thus:
         Dim dirInfo As New DirectoryInfo(homePath)
         Dim dirSecurity As DirectorySecurity = dirInfo.GetAccessControl()
         Dim accessRule As New FileSystemAccessRule(ntUsername, FileSystemRights.FullControl, _
               InheritanceFlags.ContainerInherit + InheritanceFlags.ObjectInherit,
                          PropagationFlags.None, AccessControlType.Allow)
         dirSecurity.AddAccessRule(accessRule)
         dirInfo.SetAccessControl(dirSecurity)
    Don't know if you could do that through CF? As long as the user context running CF has permissions, I'd forsee no issues doing it over a network.
    O.

  • Need help with setting up a stream with FMLE and FMS

    Hi guys!
    I'm new to this stuff, so i would love if you could guide me, and/or tell me if what i'm trying to do is even possible.
    This is what i'm trying to do:
    I am currently working on a project for Narvik University College in Norway. We are experimenting with remote control of some lab equipment. We want to stream live video from the lab for the students to see.
    So..
    I want to set up a stream from my webcam that can be accessed through a webpage by anyone (with minimal delay)
    This is what i understand i have to do:
    Use FMLE to connect to the webcam, and connect FMLE to FMS, and somehow get this out on my webpage.
    It's the Flash Media Server bit i don't understand. How do i go about to get this out on my webpage? Do I have to use a Flash Streaming service like Onyxservers to do this, or can i do this part myself? If yes, how complicated is this?
    Best Regards
    Daniel Bjørkman
    Narvik University College

    OK, i have now managed to set up the Flash Media Server and made a simple flash application that shows the stream.
    But now, everything is local, and if i want to embed the stream on the webpage, i guess it can't be local.
    The source in the flash application is "rtmp://localhost/live/livestream" and shows the webcam when i open the .html file (with the flash video embedded) on this computer. What should the source look like when i embed the flash file in a webpage that is not on this computer?

  • Help with setting up individual thumbnails with captions

    I'm wondering how would be the best way to set up several individual thumbnails (in dreamweaver) which open up to a larger image with a caption; so they are set up like this site:
    www.maplecreeknursery.com
    Maybe there is a widget for doing this??
    I see lots of ways to do thumbnails with captions but not lots of single one like in the site above...

    If you look at this page: http://jquery.com/demo/thickbox/
    Click the "examples" tab and it will show you the different HTML to use for a single image or a gallery.
    Martin.
    Here's an example on a site that I built.
    I use the gallery option on this page: www.andrewjamesartist.com/galleries/portraits-01.php  and then the single image (with text instead of a thumbnail) on this page:
    www.andrewjamesartist.com/pages/foreword.php

  • Problems with setting up analog trigger with NI 6289 with VB6 [with error 200265]

    I have been trying to synchronize an analog input read with an analog signal generated by the Multifunction DAQ (NI 6289). Basically, the voltage AO signal is fed into a laser and the resulting intensity profile is read into a photodiode, which generates an AI signal read back into the DAQ. The two channels have the sampling rate and buffer size / number of samples.
    However, triggering has presented with some problems; the manuals were not very clear on the subject of connecting channels, and no sample programs exist so far that demonstrate this on VB6.
    What I have tried is physically connecting /Dev2/ao0 with /Dev2/APFI0, ( Dev2/ai0 is connected separately). Below is a little snippet of code:
    'initialization goes here
        DAQmxErrChk DAQmxCfgAnlgEdgeStartTrig(inputHandle, "Dev2/APFI0", DAQmx_Val_Slope1_RisingSlope, txtOffset.Text)
        DAQmxErrChk (DAQmxReadAnalogF64(inputHandle, numSampsPerChannel, 10#, DAQmx_Val_GroupByScanNumber, dataBuffer(0), numSampsPerChannel, sampsPerChanREAD, ByVal 0))
        DAQmxErrChk DAQmxWriteAnalogF64(outputHandle, numSampsPerChannel, False, 10#, DAQmx_Val_GroupByScanNumber, optData(0), sampsPerChanWritten, ByVal 0&)
        DAQmxErrChk DAQmxStartTask(outputHandle)
    I received the following error, -200265, "attempting to use an invalid analog input trigger", at the line ReadAnalogF64.
    Attached is the code I used for the triggering event. Any help would be greatly appreciated.
    Attachments:
    Trigger method.txt ‏2 KB

    Refer to this thread please.
    Message Edited by Chris W. on 04-10-2009 10:32 AM

  • Help with setting up wireless network with ibook

    Okay, I just purchased a cheap little belkin f5d7050 USB adapter to connect my G3 iBook to my wireless network, I do a few things on this computer, and would like to use it not hardwired to my router, since there isn't much room where I have the router...And the reason I purchased this card is because I saw there are drivers on the Belkin website for this little guy. Purchased it, and found out it is version 3xxx, and on the website the only drivers they have for Mac OS X is for version 2xxx. The guy(in very broken English) told me that ralink.com(found out it is ralinktech.com or something like that) has drivers for version 3xxx. I downloaded what I could find at that website, and installed, which went fine, seemed to of installed the same thing the driver did that I got from Belkin, and I install it and restart, and then I go into Applications to start it up, and I open it up, and then it says no device is connected, so I connect the adapter, and the little light doesn't light up on the USB adapter, not sure if it is broken, or that is because there are some steps I am missing.
    Anyone have any ideas? Gone through the same thing?
    I just don't want to dish out for an airport card, since I rarely use this thing for that kind of money. I got this one for like 14 bucks, so I thought I'd give it a try.
    Right before I installed it, it told me after install and restart I have to configure this interface in Network Pane of System Preferences before I can use the Wireless USB adapter. How do I go about doing this? This might be my problem.
    So any help would be greatly appreciated, thanks!
    Jordan

    USB wireless devices have always been a problem it seems.
    Maybe this post can offer some answers...
    http://forums.macosxhints.com/showthread.php?t=26858

  • Process of login with ADF security

    Hi,
    I was looking at how to implement the process of Login with the ADF security using JDev 11g and I feel very good...
    My question is if it is possible to use this tool in case of use a container as Tomcat 6.x or JBoss. If it is possible to use ADF security for these containers, what should be configured to work?

    Hi,
    ok, I'd like to use authorization with ADF security, but as you say it is not possible in Tomcat. well, but could implement it, if there must be 3 users with different roles of the little system that I want to develop. Any idea?. There maybe a small example with user roles to use without authorization of ADF security?.

  • Web Center app with ADF Security - login problem

    I have a custome Oracle Web Center app.
    I have a page.html with an embedded login form posting to j_security_check. I've configured the ADF security policies to redirect to a JSPX on successful login.
    When I try the correct username/password, I get redirected not to the page I defined in ADF, but to the root page http://127.0.0.1:7101/MyApp-ViewController-context-root/
    and i get
    Error 403--Forbidden
    I've checked the weblogic.xml as per http://andrejusb.blogspot.com/2009/12/solving-error-403-forbidden-in-adf.html, all the required entries are there.
    This works fine if i use a Login link with
    destination="#{'/adfAuthentication?login=true&amp;end_url=/faces/postLogin.jspx'} "
    which redirects to the default login.html and then to the right page. I've copied the form from the default login.html into my master HTML page.
    Hope my question is clear. Any suggestions why it is going to the wrong URL after login.
    Is there anything specific I should see in the jazn-data.xml or web.xml regarding the post-login URL since i cant see that in either.
    P.S. Have been advised to try here when I originally asked this in the WebCenter forum. Web Center app ADF Security - login problem
    Edited by: new_to_webcenter on 18-Jan-2011 05:25

    Thanks for your response Frank.
    The web.xml has
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>adfAuthentication</web-resource-name>
    <url-pattern>/adfAuthentication</url-pattern>
    </web-resource-collection>
    <auth-constraint>
    <role-name>valid-users</role-name>
    </auth-constraint>
    </security-constraint>
    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/login.html</form-login-page>
    <form-error-page>/error.html</form-error-page>
    </form-login-config>
    </login-config>
    When configuring ADF Security via JDev , I chose "Redirect upon successful authentication" to the Welcome Page
    "/faces/postLogin.jspx"
    this then adds into web.xml
    <servlet>
    <servlet-name>adfAuthentication</servlet-name>
    <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
    <init-param>
    <param-name>success_url</param-name>
    <param-value>/faces/postLogin.jspx</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
    </servlet>
    So the sequence which works is:
    Login via the '/adfAuthentication?login=true&end_url=/faces/postLogin.jspx' and this redirects to login.html (OOTB form which posts to j_security_check) and then to the postLogin.jspx
    I'm trying to do away with a Login link, and trying the simple login form embedded in my page alongwith other content.
    So should the form be posting to j_security_check directly or to the adfAuthentication ?

Maybe you are looking for

  • OS 10.4.7 Disc utillity on old PowerBook HD

    My OS 10.4.7 Disc utillity cant delete or format my "old" PB HD Hi, hope someone can help me. I got an older PowerBook G4 1Ghz with OS 10.4.7. When I start on the OS DVD or an extern HD I can´t format or delete my internal HD with this new Disc utill

  • Problem on writing a post

    I want to write a post on a LV topic, but something seems to be wrong: 1. Attachements doesn't work: I have chosen a file and have clicked on "Add Attachment", but nothing happens. 2. When I click on "Preview" my text disappear. What can I do? EPH1

  • Differences between BADIS and User-exits

    Hi everybody, I am new to ABAP and wonder what are the differences between BADIS and User-Exits. I read paper but did not find a SAP documentation yet. Does anybody know where to find a sap document which explains both technologies? Greetings, AD

  • I want a select statement to return two values, sum of one column and customer number

    I have two columns one called invoice_number and the other invoice_amount. I want a select statement to return two columns.... invoice_number and then the sum of the invoice_amount(s) for each unique invoice number. SELECT sum(invoice_amount) AS Tota

  • Unable to edit script

    I don't have any clue on how to use Flash. I can open the fla file and double click stuff and that's about it. I was able to edit the actionscript in one file to have the following for what happens when a user clicks on the movie. quote: on (release)