ADF and Siteminder

Similar Messages

• ADF and SiteMinder not working

  Hi,
  I'm working on a project where the CA SiteMinder Authenticator and IdentityAsserter have been configured in a clustered environment alongside the Default Authenticator and IdentityAsserter. An ADF app using a combination basic J2EE security (isUserInGroup/Role type calls to show/hide tabs depending on user's role) and ADF Security roles and policies (used to lock down task flows to specific roles/groups/users).
  The J2EE security call works fine, proving that SiteMinder has populated the security Subject with the correct Principals and authorised correctly.
  However, ADF Security does not work at all, even though I can see the groups that originated in the SiteMinder Authenticator in the Enterprise Manager security config screens.
  I have mapped the ADF Application Roles to J2EE groups successfully, but when I access the application having successfully logged in as a user who is a member of that group, the taskflows don't show up...
  When I run this in a non-clustered WLS environment with only DefaultAuthenticator/IdentityAsserter, all is well, TaskFlows show/hide as expected.
  This falls neatly between Oracle and CA in terms of problem solving, can't get much help from either at the moment.
  Any thoughts or possible lines of enquiry are welcome.
  Edited by: 893022 on 27-Oct-2011 04:23

  Hi Frank,
  I'm just trying that now - reducing the variables seems like a good plan.
  A couple of things we're unsure of:
  1. Does ADF support Siteminder R12? My feeling is that the two are probably not related as ADF accesses the security realm via OPSS and the SiteMinder app server agent is an implementation of the WLS SSPIs, which would never be directly accessed from ADF (as far as I can tell).
  2. I've seen an example on redstack where an ADF application is deployed into an environment that is configured to use an Acitive Directory provider. There is a step includes that involves editing jps-config.xml on the server to include username.attr and user.login.attr properties to the idstore.ldap service instance. Is there similar any FMW-level config I'd need to do for SiteMinder?
  3. When JDeveloper builds the ADF app, it changes the class uses Groups and Users from:
  oracle.seurity.jps.internal.core.principals.JpsXmlEnterpriseroleImpl
  to:
  weblogic.security.principal.WLSUserImpl
  We did some debugging on on our app and saw that the SiteMinder 'Groups' that are fed into WLS by the SSPI are actually of a different class althoghether:
  com.netegrity.siteminder.weblogic.sspi.auth.SmWLSGroupImpl
  I'm building my ADF app with Maven so have used XMLTask to make this change to jazn-data.xml on deploy, but still no joy. ADF just doesn't appear to be able to 'see' the users and groups that have come from SiteMinder providers.

• ADF and 100 tables

  Hi
  I'm new in ADF technology so I suppose my question is very simple.
  How can I create ComboBox witch have a fields with all tables in databes??
  I don't wont write manually, but I want that my application read all tables from database (JDBC connected)!!
  Then if I choose one of them the NavigationBar will be for selected table..
  If something is not clear pleas ask me, because my english is not very good :/
  Thank you for help.

  Shay:
  Could you give me more details or links where this is explained??
  Sorry but I'm new in ADF and Swing technology..
  Frank:
  I want to modify, add and erase rows in tables which someone select that table in ComboBox..
  For example I want to do something like this:
  http://www.oracle.com/technology/products/jdev/viewlets/1013/ADF_Swing_viewlet_swf.html
  but in ComboBox I must selected tables with my database!!

• ERRORS in the Lab - Developer Day: Oracle ADF and Fusion Middleware Dev

  I atteneded the Developer Day on Oracler ADF and Fusion Middleware Development on 11/19. I did the lab (following step by step instructions) and encountered the following errors:
  1) Export to Excel (Step 4, actions 5-9) - Got run-time 500 error when run app. I had to skip these steps to be able to continue with the lab.
  2) Click on Printable Page (Step 4, action 16) - I looks like it works, but nothing shown up on the browser or printing actually happened.
  3) Click on Create Insert (Step 4, action 26) - Got Java.Lang.NumberFormatException
  4) There is no lab for mobile application development. Where should I start? [getting mobile plug-in software, lab tutorials]
  The instructor said that I could post any questions on the Forum. I hope that this is the correct Forum to post these types of questions. Thanks much in advance for your responses.
  Thoai

  Perfect, I get the exact same page when I login, however, this page doesn't have any links to the actual sessions.  If I remember correctly, after logging in another window used to open in which we could select the session to play.
  Please let me know how I can access the session from the page that is displayed after logging in.  Thank you for taking time to check, appreciate your help.

• Oracle ADF and Oracle Applications

  Hi All,
  Can we use Oracle ADF with current version of Oracle E-business suite (R11i 2 in my case)? Or we need to use only OAF and ADF can be used only for future release of Oracle ERP?
  It will be great if someone can list the benefits of OAF over ADF for Oracle EBS 11i 2. I want to convince the customer that ADF is not safe or not a good platform for the customizations in current release (R11i 2) and even for next immediate version (R12).
  Thanks in advance,
  CAH

  Hi,
  I don't think ADF can be used with Apps 11i,it can be user in R12(this is my understanding), if you want to run ADF pages from Apps then these pages should be located on External server and you can access this as an External Application.
  As far as customization is concrened, it can't be done using ADF only new Applications be developed in ADF and if you are planning to develop some custom application in Apps then ADf will be a good choice as migration to 11g will be easier(but it will not support Apps specific features like KFF, DFF, Attachments etc.)
  Please check Metalink Note 563047.1 on metalink for this and you can check some articles on this www.apps2fusion.com and Mukul's Blog.
  I hope you will get some clear picture on this.
  Regards,
  Reetesh Sharma

• Oracle ADF and OAS licencing

  Hi all,
  I have been doing a research on JSF component, ADF and ADF Faces for our project. I have found some intresting things that
  ADF faces(donated to Apache by Oracle) is free but it is only for front end (not complete) as of ADF.
  ADF is more promising and good frame work. ADF is free to be deployed on OAS. but i am unable to find pricing for Oracle Application Server is it free ?.. and what is the price for Deploying ADF on Tomcat or other Open source Servers...?.Can i get this information I need it urgently. Thanks..

  Hi,
  the Oracle AS licence depends on the edition you want to use. I suggest to get in touch with a local sales office to get the pricing information.
  ADF Faces / ADF deployed to 3rd party servers has a licence cost of 5k USD per CPU (at least this is my latest information. So you better check this too)
  Frank

• Oracle ADF and ECM workflow

  Hi,
  I'm looking for ideas on how to implement this which will involve using Oracle ADF and ECM Workflow.
  1. Oracle ADF App that will check-in an item into ECM.
  2. Using Oracle ECM workflow, an email is sent to the manager that a item has been checked in and is ready for review. The manager access the ADF app , clicks on a "Awaiting approval" and reviews the doc(in an iframe), makes comments(if possible) and then approves it in which case it is published or rejects it in which case it sent back to the employee.
  3. I found a similar posting to this Re: Custom pages at each workflow step in UCM
  Thoughts, ideas?
  Thanks.

  Everything, from checking in, to get a list of approvals, is available by services. You can call the service from an ADF and use the result of that service as a dataset to use in a table. In the administration menu, there are WSDL descriptors for each part for example the check in service, the search service, the workflow service,...

• Best Practices for BI, ADF and Oracle Forms installations on Weblogic

  Hi, I'm researching options on upgrading to Oracle 11g Middleware. My company currently has Oracle Forms 10g running on Oracle Application Server.
  We are interested in using Oracle Forms 11g, ADF and Jdeveloper, and Business Intelligence with Oracle's Weblogic 10.3.5.
  Is there any whitepapers or documentation on best practices for installing alll of these components together?
  For instance, can ADF ( with JSF 2.x ) be installed in the same domain as Oracle Forms 11g but use different managed servers?
  Will Business Intelligence need to be in a seperate Oracle Home with it's own weblogic installation? I spend a lot of time trying to get the JSF upgraded to 2.x in the Business Intelligence installation and could not get it to work.
  I know it's a pretty broad question but thank you for any direction on this.

  Thanx for the reply! I read through the documents and they are very good at explaining how to install the different components individually. I still can't find much on installing them together. I hope it's not just going to be a trial and error thing.
  So far I've installed done the following successfully:
  Installed 10.3.5 weblogic
  Forms and Reports 11g on top of 10.3.5
  I've created an additional managed server for our ADF applications.
  My next step is upgrading the JSF to 2.x. I would have to stage patches 12917525 and 12979653. I'm afraid it will break the forms and reports though. Any ideas?

• Hi, im a beginner in ADF and JDeveloper. Can anyone suggest me any video links for learning Oracle ADF?

  Hi, im a beginner in ADF and JDeveloper. Can anyone suggest me any video links for learning Oracle ADF?
  Thanks,
  Vijay

  Refer the below link as a starting point.
  https://blogs.oracle.com/shay/entry/how_do_i_start_learning_oracle_adf_and_jdeveloper
  http://sameh-nassar.blogspot.com.au/2010/04/main-references-to-learn-oracle-adf.html
  Cheers
  AJ

• ADF and WebCenter 11g libraries upgrade paths for WLS 12.1.3

  We want to upgrade one of our WLS from 10.3.6 to 12.1.3.
  (1) The application hosted on this instance uses the following ADF and WebCenter libraries (also deployed on the same WLS). Please confirm if these can be deployed in WLS12c without any changes or if we need to check on an upgrade path to ADF or Webcenter 12c components as well:
  adf.oracle.businesseditor(1.0,11.1.1.2.0)
  adf.oracle.domain(1.0,11.1.1.2.0)
  adf.oracle.domain.webapp(1.0,11.1.1.2.0)
  oracle.adf.dconfigbeans(1.0,11.1.1.2.0)
  oracle.adf.desktopintegration(1.0,11.1.1.2.0)
  oracle.adf.desktopintegration.model(1.0,11.1.1.2.0)
  oracle.adf.management(1.0,11.1.1.2.0)
  oracle.bi.adf.model.slib(1.0,11.1.1.2.0)
  oracle.bi.adf.view.slib(1.0,11.1.1.2.0)
  oracle.bi.adf.webcenter.slib(1.0,11.1.1.2.0)
  oracle.bi.composer(11.1.1,0.1)
  oracle.bi.jbips(11.1.1,0.1)
  oracle.bpm.mgmt(11.1.1,11.1.1)
  oracle.webcenter.composer(11.1.1,11.1.1)
  oracle.webcenter.skin(11.1.1,11.1.1)
  oracle.wsm.seedpolicies(11.1.1,11.1.1)
  orai18n-adf(11,11.1.1.1.0)
  (There are other libraries too but not anything related to ADF or Webcenter)
  (2) We also have EM extension template in WLS 10.3.6. How can we upgrade this? Do we need to delete this and install FMW infra 12c with the additional DB schema and then try to extend the 12c domain?

  Moved your thread to the WLS Communities since you are not asking if products are certified.
  Thanks,
  Lisa Fedynich

• ADFS and BYOD in azure

  Hello ,
  We are in the process of moving all servers into azure , and deploying BYOD infrastructure hence no need for clients machine to be joined to the domain “obviously”
  My question is , if my clients are non-domain joined ? why do I need to deploy ADFS in azure at all ? since no on premise servers anyways 

  Avoiding Federation Now That Password Hash Sync Is Available
  A key driver for federation deployments with ADFS used to be that it enables users to use a single password across on-premises and cloud sessions. However, federation deployments take some effort due to the additional servers and network implementation.
  The on-premises servers also have to be Internet accessible through any corporate firewalls in a secure way, and they also have to be highly available since logins are not possible if they or their Internet connectivity are offline. Because password hash sync
  is a feature of directory synchronization, it is initiated from the on-premises server and doesn’t incur many of the infrastructure requirements and costs of federation. It only requires a single server and whilst that server requires outgoing access to the
  Internet in order to connect to Azure AD there is no requirement for inbound connections, custom firewall openings or highly available configurations.
  There are still some reasons why some customers will still prefer ADFS and directory federation over DirSync and password hash synchronization. These include:
  ADFS can be configured such that users who are already logged on to a domain joined and connected machine do not require any password re-entry to sign in at Office 365. This gives you true single sign-on since re-entry of the password is not required. With
  DirSync and password hash synchronization a user must still re-enter their password, although it will be the same password as they use on-premises.
  ADFS allows for client access filtering, which restricts access to Exchange Online to users based on their IP address.
  ADFS will honor Active Directory configured login time restrictions for users.
  ADFS can include web pages for users to change their passwords while they are outside the corporate network.
  With ADFS the authentication decision is always made on-premises and no password hashes are synchronized to the cloud. This may be obvious but can be sometimes a security policy requirement.
  With ADFS an administrator can immediate block a user to remove access where-as DirSync synchronizes these changes every three hours. Only password changes are synchronized by DirSync every two minutes.
  ADFS permits use of on-premises deployed multi-factor authentication products. Note that Azure AD supports multi-factor authentication but many third party multi-factor authentication products require on-premises integration.
  Where Microsoft Forefront Identity Manger (FIM) is required for some other FIM capability. FIM directory synchronization does not include password hash synchronization so ADFS will still be required for SSO login.
  Some on-premises to cloud hybrid scenarios require ADFS such as hybrid search.
  If you need any of these then Active Directory Federation Services is still the best option.

• ADF And/Or JSF : A Shift to Future

  Hi All,
  I am using Oracle Forms since 1996 and worked in different versions of it. Now there is a move away from Forms to J2EE based solutions like ADF/JSF to name a few. Even Steve is writing a book for Oracle ADF Development for Forms Developers. I have few questions in mind, that
  1. What is the best way of learning these technologies means following the book Steve / Grant is writing will help us.
  2. One must know ADF before he could learn JSF, Is it a prerequisite ?
  3. For a Forms Developer what is a right tool (ADF/JSF) which is closed to form concepts he knows so that the shift could be easy and smooth and after that he can learn more.
  Thanks In Advance

  You got is a little mixed up - JSF is one technology that the ADF framework uses.
  So it is not two options - it is one option.
  A great way to start learning development using JDeveloper ADF and JSF is visiting the special center we built for people just like you - Forms developer who want to move to Java.
  http://www.oracle.com/technology/formsdesignerj2ee
  Try for example the hands-on scripts there.
  Then you can continue with the rest of the resource on the JDeveloper home page on OTN.

• ADFS and ADFS proxy on 2012 and secondary on 2008 R2 is that ok

  I want to build my ADFS, ADFS Proxy for hybrid setup with exchange 2010 SP3
  I will have primary ADFS and ADFS proxy on 2012 servers and the secondary will be on 2008 R2
  as per my knowledge this should work but I want to confirm
  forest and domain functional level is 2008
  dcs are 2003 2008 and 2012
  thank you

  Hi,
  you cant mix the ADFS versions. Functional level is okay.
  You can see this also from Microsofts proposed migration strategy creating a new 2012 R2 Server with ADFS http://technet.microsoft.com/en-us/library/dn486787.aspx#BKMK_b
  Regards,
  Lutz

• Jdeveloper, adf and xmp

  Dear sirs, i belong to a company that have one ERP, developed using oracle forms.
  We are in the process of remake it using JDEV ,ADF, and ADF_BC.
  I have a real need, ours ERP costumers have the need to change a lot of the aplications reports, including data fields, well personalize it , etc.
  We are thinking of using the XMLP and the JDEV and doing the reporting of ERP by XMLP. My question is can i do the reports (basic ones) combining both technologies, to allow later my costumers to be able to change (if they need) the layout of the reports using XMLP Desktop or any other very basic (easy) technologie).
  Well Thanks in advance.
  Paulo J. Costa

  Paulo,
  of course you can do using the Java APIs of XML Publisher. Furthermore there are plans to make XML Publisher the reporting framework for ADF.
  Juergen

• DirSync on 2012 servers wail DCs and ADFS and ADFS proxy are on 2008

  I have my DC forest and domain functional level @ 2008 server
  now ADFS and ADFS Proxy will be on 2008 R2
  I want to have dirSync on 2012 server
  is that ok ?

  Yes, it would work normally.
  Keep trying If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.