Oracle ADF security integration with Oracle E-Business Suite SDK JAAS

Similar Messages

• ADF application integrating with Oracle Web Cache

  Hello,
  I am trying to integrated my ADF 11g application with Oracle Web Cache. I used this link http://andrejusb.blogspot.com/2010/06/oracle-webtier-11g-configuration-for.html for it.
  I am able to access my ADF application using webcache port 7785.
  I created few caching rules in the Oracle Web Cache. And in the popular request section of the Oracle Web cache i see jpg,png and other image files cached.
  But the issue is when the application access images like /testapp/test/images/abc.jpg?_adf.ctrl-state=5b0s7lzfo_29 . I created a caching rule with regular expression ^/testapp/test/images/[A-Za-z0-9_]*\.(gif|jpeg|png|jpg)\?_adf\.ctrl-state=[A-Za-z0-9_]*$.
  But when i access the popular request in em i don't see the URL given above as cached. The caching reason it specifies as URL contains query string.
  I am not sure if i need to do anything additional to cache these URL's as well.
  Thanks!
  Ram

  Yes that works. But my question is how to cache the urls which has querystring. I was trying to give a regular expression to match the url so that the url which contains parameters like _afrLoop which changes with each HTTP request can also be cached.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

• OPA (Oracle Policy Automation)integration with Oracle Application R12

  Hi,
  We want to know checklist for OPA integration with Oracle Applocations( Ebussiness Suite). It is urgent, Can anybody help us on this.
  It is very urgent. Any one can help us to integrate OPA (Oracle Policy Automation) with R12 Ebs.
  Thanks in advance
  Edited by: Venkat K.V on Sep 7, 2010 2:59 AM

  The OPA team doesn't maintain a check-list of integration steps for EBS, but this should be a pretty standard web services integration using Oracle Determinations Server.
  You might also want to check out this tutorial:
  http://www.oracle.com/technetwork/apps-tech/policy-automation/overview/opa10-4.zip, which shows an example of how to integrate the OPA Oracle Web Determinations component with E-Business Suite.
  Davin Fifield

• Oracle ADF Faces integrated in Oracle JDeveloper: Freebie?

  Hi room, I'd like to ask if Oracle ADF Faces, the version integrated in Oracle JDeveloper (this is a freebie) is a Freebie also, any1 knows, do share. Thanks a lot.

  Hi,
  no, it isn't. If you are looking for free software, have a look at MyFaces Trinidad, which is the open source - and thus free - version of ADF Faces
  Frank

• ADF Security integration with Web Logic Security using SQL authenticator

  Hi,
  I was trying to find a suitable way of handling the following requirements:
  1. Administrators should be able to create the roles, groups, users and assign users to roles.
  2. User, Roles, Groups should be stored in DB and Users need to be authenticated accordingly.
  3. I need to be able to map roles with security permissions on Taskflows, JSF Pages, on UI level using groovy expressions and even at Entities level.
  I performed the following tasks:
  1. I created back end Security tables, created SQL authenticator as provider and defined the queries in it then I created ADF Application and used JMX APIs to call the SQL authenticator to perform its operations.
  2. I defined the roles and respective resource permissions in ADF i.e. Jazn xml file because my requirement no 3 would not be achievable without using ADF security.
  Now in this scenario how I can login a user in ADF context and assign roles programmatically that I authenticated from JMX APIs? Or is there any other suitable way to handle these requirements?
  Thanks.
  -Moeen

  Hi Charu,
  Thanks for your reply.
  Can we programmatically add a user in adfsecuritycontext as a currently logged in user, a user which is not present in jazn.xml file? If yes then can we programmatically assign the roles which are defined in jazn.xml to that specific user?
  Moeen

• Oracle Identity and Access Management Suite Plus Integration with Oracle ADF

  Hi All,
  Kindly advice if Oracle Identity and Access Management Suite Plus can be integrated with Oracle ADF based applications to manage the end-to-end lifecycle of user accounts specifically addressing to roles/priviledges and security.
  Request you to share links to documentation where I can study the steps to integrate both the frameworks.
  Looking forward to hear from you soon.
  Best Regards,
  Ankit Gupta 

  Hi Sébastien,
  I came across the below link for the required integrations -
  Oracle® Fusion Middleware Installation Guide for Oracle Identity and Access Management 11g Release 2 (11.1.2) - …
  Oracle® Fusion Middleware Enterprise Deployment Guide for Oracle Identity Management 11g Release 2 (11.1.2) - Co…
  Best Regards,
  Ankit Gupta

• Get error while Integrating with Oracle's Enterprise User Security

  Hi,
  I am trying to create an Oracle Enterprise User integrating with OVD and MS Active Directory.
  I am following all the steps in Integrating with Oracle's Enterprise User Security.
  In the documentation section: "Configuring Oracle Virtual Directory for the Integration"
  I have applied the steps successfully until:
  Update and load the entries into the Local Store Adapters by performing the following steps:
  I have successfully extended the Oracle Virtual Directory schema with the loadOVD.ldif
  However I am getting errors in the next step: Update realmRoot.ldif to use your namespaces
  The next step states the following:
  Update realmRoot.ldif to use your namespaces, including the dn, dc, o, orclsubscriberfullname,
  and memberurl attributes in the file. If you have a DN mapping between Active Directory and
  Oracle Virtual Directory, use the DN that you see from Oracle Virtual Directory.
  The realmRoot.ldif file is located in ORACLE_VIRTUAL_DIRECTORY_HOME/eus,
  where ORACLE_VIRTUAL_DIRECTORY_HOME represents the location where Oracle Virtual Directory is installed.
  The realmRoot.ldif file contains core entries in the directory namespace that Enterprise User Security queries. The realmRoot.ldif file also contains the dynamic group that contains the registered Enterprise User Security databases to allow secured access to sensitive Enterprise User Security related attributes, like the user's Enterprise User Security hashed password attribute.
  Load your domain root information in the realmRoot.ldif file into Oracle Virtual Directory using the following command:
  ldapmodify -h Oracle_Virtual_Directory_Host –p OVD_Port -D cn=admin -w Admin_Password -v -a –f realmRoot.ldif
  When I run the ldapmodify command I get the following error:
  add dc:
  testldap
  add objectclass:
  top
  domain
  domainDNS
  adding new entry DC=testldap,DC=local
  ldap_add: Operations error
  ldap_add: additional info: LDAP Error 1 : null
  The actual realmRoot.ldif looks like this:
  # Please uncomment the following one line if you are importing this
  # LDIF file via OVD Manager or OVD Server's ldapmodify tool.
  #version: 1
  #dn: dc=com
  #dc: com
  #objectclass: domain
  dn: DC=testldap,DC=local
  changetype: add
  dc: testldap
  #o: subarashii
  objectclass: top
  objectclass: domain
  objectclass: domainDNS
  #objectclass: orclSubscriber
  #orclsubscriberfullname: subarashii
  #orclVersion: 90400
  # If your domain structure has more layers than dc=subarashii,dc=com,
  # for example, it's dc=us,dc=subarashii,dc=com, you will need to load
  # the following ldif entry/entries too.
  # Uncomment out the following, if required.
  #dn: dc=us,dc=subarashii,dc=com
  #orclversion: 90400
  #orclsubscriberfullname: us
  #objectclass: domain
  #objectclass: top
  #objectclass: orclSubscriber
  #dc: us
  # Adding EUSDBGroup entry
  # Modify the memberurl attribute and replace it with your own domain name
  #dn: cn=EUSDBGROUP,dc=subarashii,dc=com
  #cn: EUSDBGROUP
  #memberurl:ldap:///dc=subarashii,dc=com??sub?(&(objectclass=orclService)(objectclass=orclDBServer))
  #objectclass:groupofuniquenames
  #objectclass:groupofurls
  #objectclass:top

  Did you ever get your questions answered about the realmRoot.ldif file? Did you manage to configure a successful integration of OVD with EUS? I am battling with trying to get Oracle Virtual Directory integrated with Enterprise User Security, but every step I take in Chapter 7 of the OVD manual fails in some way, and the instructions are often vague. I am not sure how to modify the realmRoot.ldif file. Is there any improved documentation on this? I have logged a Service Request, but not getting any help. Any resources or documentation you know of that provides better guidance would be much appreciated. I am way behind my schedule now and this is a very frustrating exercise.
  Thanks.

• Integrating Oracle Fusion Sales Cloud with Oracle Business Intelligence Cloud Service (BICS)

  Ever wondered how to integrate Oracle Fusion Sales Cloud with Business Intelligence Cloud Service (BICS) ?
  The blog outlines how to programmatically load Sales Cloud data into BICS, making it readily available to model and display on BICS dashboards.
  http://www.ateam-oracle.com/integrating-oracle-fusion-sales-cloud-with-oracle-business-intelligence-cloud-service-bics/

  I wouldn't try installing Oracle VM itself on an EC2 instance, as EC2 is essentially Xen itself. Rather, you should just be able to transport existing Oracle VM images to the EC2 cloud. I think this is what you mean, but your opening paragraph is slightly ambiguous. :)
  From a VPN perspective, I'd use OpenVPN as it has clients for all major operating systems (Windows, MacOS X, Linux) that are fairly easy to package and install. Packages for OpenVPN exist in EPEL so it's easy to install on OEL5. You could also consider using a firewall instead of a VPN and only allowing connectivity from specific IP addresses/ranges. This has the benefit of not requiring client software, but it does require a fixed IP address/range on the client-side.

• E-Business Suite Integration with Oracle Identity Federation for SAML

  Has anyone developed a way to use OIF for e-Business Suite authentication through SAML rather than using the standard Identity Management stack of apps?
  Today we have Oracle e-Business Suite 115.10.2 using OSSO through OID with WNA for zero sign-on (no login, just pass-through, based on AD credentials). Our domain controllers are Windows 2003 but we are in the process of upgrading them to Windows 2008 R2, where the OSSO stack is not supported unless we globally set the 2008 R2 domain controllers to use DES encryption instead of the default AES encryption. (See Oracle note 1076018.1)
  When deploying OSSO, we encountered a similar issue with Windows 7 workstations would not work with OSSO unless we set the workstation policy not to use AES encryption. (See Oracle note 973190.1)
  We are not inclined to continue to use DES encryption and we have obstacles moving to 11g iDM/OAM/OID from OSSO. I am exploring the possibility continuing to keep one 2003 domain controller in production, and pointing OSSO to that, until we can move to the 11g iDM stack.
  Meanwhile, we have ongoing frustration with how complicated SSO is with the e-Business Suite. Sure, it works, once you climb the mountain to set it up, and we don't have that many issues in production. But the implementation of SSO for e-Business Suite is simply complex. The trip from the workstation back to an EBS session is operationally somewhat brittle. I guess some of us relish complexity. Certainly there is pride in understanding something like this. But, after a while, when the trickle of tickets from the Help Desk never completely dries up, you get tired of complexity and you seek something simpler.
  So, instead of this path:
  Workstation > EBS > OID > AD / Kerberos > Workstation
  (and I didn't even mention F5 switch with reverse proxy servers ...)
  Why can't we have this?
  Workstation with certificate > OIF with SAML > EBS session.
  Has anyone done that?
  Thank you for your help.

  Hello JJ,
  We are facing the same issue. Oracle has recommanded us to install
  HTML-DB on the same database as our Apps 11i.
  What we still have to figure out is whether is use APPS schema for the
  HTML-DB workspaces, or use a different schema.
  How is it configured at your site?
  Moshe

• OBIEE 11.1.1.3.0 integrated with Oracle EBS R12

  Hi,
  I have Oracle EBS Vision Instance v R12.1 installed on Redhat 5 and wanted to install OBIEE latest version. Can some please point to system architecture diagram as i am conflicted with installation. I do not have complete idea but writing here what i actually know.
  Oracle EBS R12 on Linux
  OBIEE V 11.X on Linux
  Now install prepackeged analystical function on windows machine and using BI tool deploy/use them with Oracle EBS.
  Please point me to a note which describes the components and what does it take to make up and running in conjuction with Oracle.
  Thanks in advance
  Prashant

  Please see these docs.
  Integrating Oracle Business Intelligence Applications with Oracle E-Business Suite [ID 555254.1]
  What documentation do I need to review when installing and configuring a OBI Apps 7.9.6.x environment with EBS? [ID 1221764.1]
  Master Note for OBIEE Integration issues with EBS, Siebel, SSO, Portal Server [ID 1248939.1]
  Oracle SSO E-Business Suite Applications Integration with Oracle Business Intelligence [ID 553423.1]
  Oracle EBS integration with OBIEE [ID 733137.1]
  Document for implementing security OBIEE Apps with EBS and Siebel CRM as sources [ID 756851.1]
  What Application must be chosen for Responsibility within EBS when integrating with OBIEE [ID 1246464.1]
  Also, search Steven Chan's Blog and you should get couple of hits -- http://blogs.oracle.com/stevenChan/
  Thanks,
  Hussein

• OBIEE Integration with Oracle Access Manager (OAM)

  Hi All,
  I am new to OBIEE and not familiar with Security part. We have one request from the client to have OBIEE Integration with Oracle Access Manager (OAM) through eternal identity management tool (OID/other LDAP).
  I tried google and found some information, but non of them has Step-by-Step process.
  Does anyone has document or know good portal which gives step by step information on how to Integrate OBIEE with OAM using external identity management tool?
  Appreciate if you share the information.

  Hi,
  You can use this note/doc attached in the note to configure:
  Oracle Access Manager (OAM) and Oracle Business Intelligence (OBI) Integration [ID 1217103.1]
  Regards,
  Jay

• Oracle ADF Security Login page

  hi.
  I am using oracle ADF 11.1.2.2.0 (oracle Jdevelopr 11g release 2) in my job environment. There are 3000 users working as client level in our company. They have separated user Id and roles. They can change their passwords. There are expiration period for passwords which is handle by in database level. when the employees are going to terminate or retirement , we can control their login status. that mean we change their Active status as a Inactive status. some times we recruit number of emplooyes for cover our business targets. Their User Id also in database table level.
  My main problem is how we can handle number of employees using Oracle ADF security configuration.
  second one is how user can change their passwords.
  Third is how number of employees going to terminate ,handle their Active/Inactive State.
  Fourth one is If we use this Oracle Security system ,project managers or project cordinator or Adminstrator level authenticator must need to deploy time to time war file, because of adding removing users in jazn-data.xml.
  hoping help from you.Thanking for all.

  So, you can define SQLAuthenticator/SQLReadOnlyAuthenticator on Weblogic which will retrieve users from your db table(instead of jazn-data file) to application server.
  Then, in your application you can enable ADF Security and this will generate login page.
  And, this is it :)
  If you need some custom processing before users login to your app, then you can create custom login page and do whatever you want in Java code:
  http://docs.oracle.com/cd/E16162_01/web.1112/e16182/adding_security.htm#BABDEICH
  >
  But 11g has Database connection in Application Resource. Using that connection I need to log to the system using user's User iD and Password
  >
  This connection is valid only in design time. When you deploy your application to application server, then you can include this connection in .ear file, or you can define Data Source on Weblogic(which is better approach).
  To programmatically retreive db connection, you can create utility method in your Application Module.
  Dario

• Role based oracle adf security and filtering data

  while oracle adf security looks great its only role based... does anyone know of any resources describing an architecture where this is used in addition to filtering of data based on say, organization?
  it seems that oracle adf security is not really geared towards a self service app where administrative users have a security interface as part of the application where they can assign roles and associate users to entities for the further filtering of data...

  Hi,
  it seems that oracle adf security is not really geared towards a self service app where administrative users have a security interface as part of the application where they can assign roles and associate users to entities for the further filtering of data...
  ADF Security is a JAAS based security implementation to protect resources (like entities). It is nota security provider like OPSS or OID which you can use for user provisioning and self service (if you code against the IDM APIs). ADF Security only checks for whether a user is authenticated and if the user has the permission to perform a task.
  However, you can use groovy to access the security context from Groovy, which allows you to add the authenticated username to a query - for example to filter recrds out that match the username in one of its attributes.
  For example, you could create a ViewCriteria that for example filters the query by a specific attribute. Say that managers can see data starting from department 10 whereas employees can see data starting from department 100. The ViewCriteria would reference a bind variable with the following default setting
  adf.context.securityContext.isUserInRole('manager')? 10 : 100
  Frank

• Can OBI EE be integrated with Oracle Coherence

  Can we have Oracle Coherence as one of the data sources?
  Regards,
  Vikram R

  Hi Srinivas ,
  Yes , ECM can be integrated with Oracle EBS (enterprise business suite) and other Oracle Apps as well like Peoplesoft , Siebel etc .
  Details can be read from the following link : http://docs.oracle.com/cd/E23943_01/doc.1111/e17953/toc.htm
  Thanks
  Srinath

• Can Microsoft active directory integrated with Oracle Applications

  Hi,
  Can anyone provide me any document on Microsoft Active Directory Integration with Oracle Applications(12.0.6)
  Manish

  Hi,
  It is possible, please refer to the following documents for details.
  Note: 376811.1 - Integrating Oracle E-Business Suite Release 12 with Oracle Internet Directory and Oracle Single Sign-On
  Note: 415007.1 - Oracle Application Server with Oracle E-Business Suite Release 12 FAQ
  Regards,
  Hussein