ADF Mobile Security - Authorization
I new to ADF and I am trying to figure out how to create the mentioned REST web service needed by ADF mobile to retrieve a user's roles. I have followed Andrejus example successfully and created setup the Authentication piece, but now I am trying to lock down elements of the mobile app based upon a user's roles. The documentation says to just create the service with the following request/response but if someone has an example of this that would be great. Thanks!
Hi,
maybe this helps you: ADF Mobile - ACS Request for Roles Issue
Frank
Similar Messages
-
ADF Mobile - Security. Serving custom, non-j2ee security policies.
We are trying to achieve session management across our ADF Mobile app.
We were hoping to use the ADF Mobile inbuilt security framework.
However our Mobile App is simply a UI interface to a large Enterprise App which already has a custom security framework(entirely database based) in place.
The enterprise app exposes RESTful interfaces(JAX-RS-Jersey) for functionality which the mobile app consumes.
This question has broadly 2 parts to it.
1. Does ADF Mobile inbuilt security work ONLY with J2ee container managed security realm service?
2. Can ADF Mobile inbuilt security be made to work with a custom application security framework?
Following are the challenges we face in dealing with the 2nd question,
2a. We need to extricate the Username and Password from the request as sent by the ADF Mobile default login page
2b. Based on the authenticated state(using custom security framework) assign Roles to the user and set the response.
2c. In the Mobile app use the custom roles to drive UI.
2d. One of the statements in the documentation says that irrespective of successful or failed login the Springboard will be visible. Can this be prevented?
2e. Can we maintain session while achieving the last 4?
Using the following JAX-RS annotations it has been impossible to retrieve any user credentials at our webservice end.
@Context SecurityContext, @Context HttpServletRequest, @CookieParams, @HeaderParamHi,
here's how you do it
- application roles are defined in jazn-data.xml
- Write a custom JAAS LoginModule that authenticates against the database
- Create WLS authentication provider for your JAAS LoginModule and configure it in WLS
- LoginModule returns principal for user and the user group memberships
- User logs in via login.jspx
- WLS authenticates user
- Security context is updated with user and user roles
Frank -
ADF Mobile - Securing REST Web Services
Hi,
I've developed some REST web services for my ADF Mobile app to use. They work fine but I'm having trouble securing them. According to the developer guide:
http://docs.oracle.com/cd/E35521_01/doc.111230/e24475/amxwebservices.htm#CHDGFCGD
10.5.2 How to Enable Access to REST-Based Web Services
Since only one security policy is supported for REST-based web services, ADF Mobile automatically adds oracle/wss_http_token_over_ssl_client_policy for REST web service over HTTPS, or oracle/wss_http_token_client_policy for REST web service over HTTP protocol to enable Oracle Web Services Manager (OWSM) Lite Mobile ADF Application Agent to inject a proper security header.
..so I'm trying to attach the policy oracle/wss_http_token_service_policy to the web service, but deploying it to Weblogic results in the below stack trace.
I'm trying to attach the policy in JDeveloper by selecting the service class in the java structure pane, then in the Property Inspector, using the "Web Services extension" section to select the policy.
I'm guessing I've missed a step, but can't find what. Or I'm doing completely the wrong thing. Either way, any help in resolving would be very much appreciated.
Rich.
weblogic.application.ModuleException: [HTTP:101216]Servlet: "CDRestServicePort" failed to preload on startup in Web application: "RestServices".
javax.xml.rpc.JAXRPCException: oracle.wsm.common.sdk.WSMException: WSM-07508 : Oracle WSM Agent initialization failed due to PolicySet validation errors: WSM-07617 Policy: oracle/wss_http_token_service_policy contains unsupported assertions.
, with PolicySet=PolicySet [timestamp=Mon Oct 21 13:53:23 BST 2013, subjectPattern=ResourcePattern [pattern=/DefaultDomain/DefaultServer/SOAPServices/WEBs/RestServices.war/WLSWEBSERVICEs/CDRestServiceService/PORTs/CDRestServicePort, subjectType=WLS_SERVICE, terms={PORT=CDRestServicePort, IMPLEMENTATION=WEB, SUBJECT_TYPE=WLS_SERVICE, SERVICE=CDRestServiceService, MODULE=RestServices.war, APPLICATION=SOAPServices, DOMAIN=DefaultDomain, SERVER=DefaultServer}], domainExpression=http://restws.westbourne/#wsdl.endpoint(CDRestServiceService/CDRestServicePort), polmap={oracle/wss_http_token_service_policy={Policy[wsp:http://schemas.xmlsoap.org/ws/2004/09/policy][oralgp:http://schemas.oracle.com/ws/2006/01/loggingpolicy][local-optimization:off][provides:{http://docs.oasis-open.org/ns/opencsa/sca/200903}authentication, {http://docs.oasis-open.org/ns/opencsa/sca/200903}clientAuthentication, {http://docs.oasis-open.org/ns/opencsa/sca/200903}clientAuthentication.transport][status:enabled][xmlns:http://schemas.xmlsoap.org/ws/2004/09/policy][wsu:http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd][Id:wss_http_token_service_policy][displayName:i18n:oracle.wsm.resources.policydescription.PolicyDescriptionBundle_oracle/wss_http_token_service_policy_PolyDispNameKey][orawsp:http://schemas.oracle.com/ws/2006/01/policy][orasp:http://schemas.oracle.com/ws/2006/01/securitypolicy][description:i18n:oracle.wsm.resources.policydescription.PolicyDescriptionBundle_oracle/wss_http_token_service_policy_PolyDescKey][attachTo:binding.server][Name:oracle/wss_http_token_service_policy][xsi:http://www.w3.org/2001/XMLSchema-instance][category:security][{LogAssertion[Logging][{AssertionBindings[{Config[name:Log Message1_properties][{PropertySet[name:standard-security-properties][{Property[type:string][contentType:optional][name:reference.priority]}]}]}]}][{MessageLog[ Request = all][ Response =all]}]}][{HttpSecurityScenario[http-security][Silent:true][name:Http Security][Enforced:true][category:security/authentication][{AssertionBindings[{Config[name:HttpConfig][configType:declarative][{PropertySet[name:standard-security-properties][{Property[type:string][contentType:constant][name:realm][Value:owsm]}][{Property[type:string][contentType:constant][name:role][Value:ultimateReceiver]}][{Property[type:string][contentType:optional][name:reference.priority]}]}]}]}]}][{LogAssertion[Logging][{AssertionBindings[{Config[name:Log Message2_properties][{PropertySet[name:standard-security-properties][{Property[type:string][contentType:optional][name:reference.priority]}]}]}]}][{MessageLog[ Request = all][ Response =all]}]}]}}}, constraintedDataMap={ConstraintGroup [terms=[], size=0, weight=0]=ConstraintedData [status=FAILURE, localoptimization=null, validationErrors=[Error Code:WSM-07617 Error Context:Policy], overrides=[], polRefs=[PolicyReference [policyURI=oracle/wss_http_token_service_policy, polRefQName={http://schemas.xmlsoap.org/ws/2004/09/policy}PolicyReference, version=-1, attributes={{http://schemas.oracle.com/ws/2006/01/policy}status=enabled, {http://schemas.oracle.com/ws/2006/01/policy}category=security}, overrideProps=null]]]}, locked=true]
at oracle.wsm.agent.handler.wls.WSMAgentHook.handleException(WSMAgentHook.java:462)
at oracle.wsm.agent.handler.wls.WSMAgentHook.init(WSMAgentHook.java:274)
at weblogic.wsee.jaxws.framework.jaxrpc.TubeFactory.newHandler(TubeFactory.java:108)
at weblogic.wsee.jaxws.framework.jaxrpc.TubeFactory.createServer(TubeFactory.java:81)
at weblogic.wsee.jaxws.WLSTubelineAssemblerFactory$TubelineAssemblerImpl.createServer(WLSTubelineAssemblerFactory.java:216)
at com.sun.xml.ws.server.WSEndpointImpl.<init>(WSEndpointImpl.java:213)
at weblogic.wsee.jaxws.WLSContainer$WLSEndpointFactory$WLSEndpointImpl.<init>(WLSContainer.java:623)Hi,
so have you "Oracle Web Services Manager (OWSM) Lite Mobile ADF Application Agent" installed? Sounds this is a pre-requisite for this work
Frank -
ADF Mobile - Secured WS - MarshalException: xsd:dateTime
Hello,
Does anybody have an idea how to investigate/resolve following issue with ADF mobile (JDeveloper 11.1.2.3.0):
Scenario:
=====
1. Feature is secured with Credential Authentication : remote
2. Feature consumes secured Web Service running on WLS 10.3.5.0
3. oracle/wss_username_token_over_ssl_client_policy is defined for this WS
4. WSDL file contains <sp:IncludeTimestamp/> in its Transport Binding's Policy
5. Application was tested on Android emulator (Android 4.1.2) and on Andorid device (Android 2.3.6) with the same behavior.
Problem:
=====
After successful authentication, WLS responses with Error 500 to SOAP request:
01-21 12:01:34.117: D/CVM(31062): [SEVERE - oracle.adfmf.framework - HttpServiceConnection - log] Connection Error: 500
01-21 12:01:34.132: D/CVM(31062): [SEVERE - oracle.adfmf.framework - HttpTransport - parseResponse] Response [Error: 500]: <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><faultcode>wsse:InvalidSecurity</faultcode><faultstring>weblogic.xml.dom.marshal.MarshalException: xsd:dateTime element does not have required UTC time zone.</faultstring></env:Fault></env:Body></env:Envelope>
01-21 12:01:34.140: D/CVM(31062): [SEVERE - oracle.adfmf.framework - SoapTransportLayer - invokeSoapRequest] Encountered exception while invoking SOAP request
01-21 12:01:34.140: D/CVM(31062): EndPoint: https://172.22.30.12:8114/DV900/AddressBookManager
01-21 12:01:34.140: D/CVM(31062): SOAPAction: "http://oracle.e1.bssv.JP010000//getAddressBook"
01-21 12:01:34.140: D/CVM(31062): Exception: HTTP Status Code 500 Internal Server Error: The server encountered an unexpected condition which prevented it from fulfilling the request.
01-21 12:01:34.187: D/CVM(31062): [SEVERE - oracle.adfmf.framework - GenericInvokeRequestHandler - invoke] InvocationTargetException Error: ERROR [oracle.adfmf.framework.exception.AdfInvocationRuntimeException] - HTTP Status Code 500 Internal Server Error: The server encountered an unexpected condition which prevented it from fulfilling the request.
01-21 12:01:34.195: D/CVM(31062): [SEVERE - oracle.adfmf.framework - GenericInvokeRequestHandler - process] Process AdfException caught: ERROR [oracle.adfmf.framework.exception.AdfInvocationRuntimeException] - HTTP Status Code 500 Internal Server Error: The server encountered an unexpected condition which prevented it from fulfilling the request.
I assume, that application doesn't send UTC time zone in elements Created:dateTime and Expires:dateTime in Username Token.
Is there anything what I can set up on JDeveloper side?
Thanks a lot,
DanielDaniel,
I encountered the same issue, webservice when invoked from ADF web app is working fine but, errors in emulator with the below error.
HTTP Status Code 500 Internal Server Error: The server encountered an unexpected condition which prevented it from fulfilling the request.
have you got any update from oracle on this ?
Please do share any work around for this if you have..
Thanks
Shreedhar -
How to get ADF authentication and authorization working on server
I am having an issue with deployment & ADF authentication and authorization.
From the below testing results, you can see that I am unable to log in when I have deployed my app to my standalone server with both ADF security authentication and authorization turned on. I have included web.xml, jazn-data.xml and the page/server error I am receiving.
When making an attempt to log in I get the following results:
Running Locally with ADF Authentication: Works Fine
Running Locally with ADF Authentication & Authorization: Works Fine
Deployed to server with ADF Authentication: Works Fine
Deployed to server with ADF Authentication & Authorization: Doesn’t Work
What I have already tried: Removed all anonymous grants, using the same database credentials as the app user, deploying app twice (on the redeploy not including the login credentials & app policies at the application properties). Various modifications to web.xml e.g. welcomefilelist etc
JDeveloper Version: 11.1.2.4
Server Web Logic: 10.3.6
Server ADF: 11.1.1.16
Page Error when trying to log in:
Error 401--Unauthorized
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.2 401 Unauthorized
The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11.
Server error when trying to log in:
Servlet failed with Exception oracle.adf.controller.security.AuthorizationException: ADFC-0619: Authorization check failed: 'wpd.mobility.view.pageDefs.homePagePageDef' 'VIEW'.
at oracle.adf.controller.internal.security.AuthorizationEnforcer.handleFailure(AuthorizationEnforcer.java:182)
at oracle.adf.controller.internal.security.AuthorizationEnforcer.internalCheckPermission(AuthorizationEnforcer.java:162)
at oracle.adf.controller.internal.security.AuthorizationEnforcer.checkPermission(AuthorizationEnforcer.java:116)
at oracle.adfinternal.controller.state.ControllerState.checkPermission(ControllerState.java:663)
at oracle.adfinternal.controller.state.ControllerState.initializeUrl(ControllerState.java:700)
at oracle.adfinternal.controller.state.ControllerState.synchronizeStatePart2(ControllerState.java:531)
at oracle.adfinternal.controller.application.SyncNavigationStateListener.afterPhase(SyncNavigationStateListener.java:59)
at oracle.adfinternal.controller.lifecycle.ADFLifecycleImpl$PagePhaseListenerWrapper.afterPhase(ADFLifecycleImpl.java:530)
at oracle.adfinternal.controller.lifecycle.LifecycleImpl.internalDispatchAfterEvent(LifecycleImpl.java:120)
at oracle.adfinternal.controller.lifecycle.LifecycleImpl.dispatchAfterPagePhaseEvent(LifecycleImpl.java:168)
at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener$PhaseInvokerImpl.dispatchAfterPagePhaseEvent(ADFPhaseListener.java:131)
at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener.afterPhase(ADFPhaseListener.java:74)
at oracle.adfinternal.controller.faces.lifecycle.ADFLifecyclePhaseListener.afterPhase(ADFLifecyclePhaseListener.java:53)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:447)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:202)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:508)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:125)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3730)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
Web.xml
<?xml version = '1.0' encoding = 'windows-1252'?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<param-name>javax.faces.PARTIAL_STATE_SAVING</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<description>If this parameter is true, there will be an automatic check of the modification date of your JSPs, and saved state will be discarded when JSP's change. It will also automatically check if your skinning css files have changed without you having to restart the server. This makes development easier, but adds overhead. For this reason this parameter should be set to false when your application is deployed.</description>
<param-name>org.apache.myfaces.trinidad.CHECK_FILE_MODIFICATION</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<description>Whether the 'Generated by...' comment at the bottom of ADF Faces HTML pages should contain version number information.</description>
<param-name>oracle.adf.view.rich.versionString.HIDDEN</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<description>Security precaution to prevent clickjacking: bust frames if the ancestor window domain(protocol, host, and port) and the frame domain are different. Another options for this parameter are always and never.</description>
<param-name>org.apache.myfaces.trinidad.security.FRAME_BUSTING</param-name>
<param-value>differentOrigin</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_SKIP_XML_INSTRUCTIONS</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_DECORATORS</param-name>
<param-value>oracle.adfinternal.view.faces.facelets.rich.AdfTagDecorator</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_RESOURCE_RESOLVER</param-name>
<param-value>oracle.adfinternal.view.faces.facelets.rich.AdfFaceletsResourceResolver</param-value>
</context-param>
<filter>
<filter-name>JpsFilter</filter-name>
<filter-class>oracle.security.jps.ee.http.JpsFilter</filter-class>
</filter>
<filter>
<filter-name>trinidad</filter-name>
<filter-class>org.apache.myfaces.trinidad.webapp.TrinidadFilter</filter-class>
</filter>
<filter>
<filter-name>adfBindings</filter-name>
<filter-class>oracle.adf.model.servlet.ADFBindingFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>JpsFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>trinidad</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>adfBindings</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>adfBindings</filter-name>
<servlet-name>adfAuthentication</servlet-name>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<listener>
<listener-class>oracle.adf.mbean.share.connection.ADFConnectionLifeCycleCallBack</listener-class>
</listener>
<listener>
<listener-class>oracle.adf.mbean.share.config.ADFConfigLifeCycleCallBack</listener-class>
</listener>
<listener>
<listener-class>oracle.bc4j.mbean.BC4JConfigLifeCycleCallBack</listener-class>
</listener>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>resources</servlet-name>
<servlet-class>org.apache.myfaces.trinidad.webapp.ResourceServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>BIGRAPHSERVLET</servlet-name>
<servlet-class>oracle.adf.view.faces.bi.webapp.GraphServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>BIGAUGESERVLET</servlet-name>
<servlet-class>oracle.adf.view.faces.bi.webapp.GaugeServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>MapProxyServlet</servlet-name>
<servlet-class>oracle.adf.view.faces.bi.webapp.MapProxyServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>adfAuthentication</servlet-name>
<servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
<init-param>
<param-name>success_url</param-name>
<param-value>/faces/Pages/homePage.jspx</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>resources</servlet-name>
<url-pattern>/adf/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>resources</servlet-name>
<url-pattern>/afr/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>BIGRAPHSERVLET</servlet-name>
<url-pattern>/servlet/GraphServlet/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>BIGAUGESERVLET</servlet-name>
<url-pattern>/servlet/GaugeServlet/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>MapProxyServlet</servlet-name>
<url-pattern>/mapproxy/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>resources</servlet-name>
<url-pattern>/bi/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>adfAuthentication</servlet-name>
<url-pattern>/adfAuthentication</url-pattern>
</servlet-mapping>
<mime-mapping>
<extension>swf</extension>
<mime-type>application/x-shockwave-flash</mime-type>
</mime-mapping>
<mime-mapping>
<extension>amf</extension>
<mime-type>application/x-amf</mime-type>
</mime-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>test</web-resource-name>
<url-pattern>/faces/pages/*.</url-pattern>
<url-pattern>/faces/*.</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>valid-users</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>adfAuthentication</web-resource-name>
<url-pattern>/adfAuthentication</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>valid-users</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/error.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>valid-users</role-name>
</security-role>
</web-app>
Jazn-data.xml
<?xml version = '1.0' encoding = 'UTF-8' standalone = 'yes'?>
<jazn-data xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/jazn-data.xsd">
<jazn-realm default="jazn.com">
<realm>
<name>jazn.com</name>
<users>
<user>
<name>*****</name>
<display-name>*******</display-name>
<description>******</description>
<credentials>********<credentials>
</user>
</users>
<roles>
<role>
<name>support</name>
<display-name>support</display-name>
<members>
<member>
<type>user</type>
<name>mobile</name>
</member>
</members>
</role>
</roles>
</realm>
</jazn-realm>
<policy-store>
<applications>
<application>
<name> myapp </name>
<app-roles>
<app-role>
<name>mob_mobile_support</name>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
<display-name>mob_mobile_support</display-name>
<description>support role</description>
<members>
<member>
<name>mobile</name>
<class>oracle.security.jps.internal.core.principals.JpsXmlUserImpl</class>
</member>
</members>
</app-role>
</app-roles>
<jazn-policy>
<grant>
<grantee>
<principals>
<principal>
<name>SUPPORT</name>
<class>oracle.security.jps.internal.core.principals.JpsXmlEnterpriseRoleImpl</class>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>oracle.adf.share.security.authorization.RegionPermission</class>
<name> myapp.view.pageDefs.*</name>
<actions>view</actions>
</permission>
</permissions>
</grant>
<grant>
<grantee>
<principals>
<principal>
<name>mob_mobile_support</name>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
</principal>
</principals>
</grantee>
<permissions>
<permission>
<class>oracle.adf.share.security.authorization.RegionPermission</class>
<name> myapp.view.pageDefs.addapplicationPageDef</name>
<actions>view</actions>
</permission>
<permission>
<class>oracle.adf.share.security.authorization.RegionPermission</class>
<name>Pages.addappmsgtypPageDef</name>
<actions>view</actions>
</permission>
<permission>
<class>oracle.adf.share.security.authorization.RegionPermission</class>
<name>Pages.addoperationPageDef</name>
<actions>view</actions>
</permission>
<permission>
<class>oracle.adf.share.security.authorization.RegionPermission</class>
<name> myapp.view.pageDefs.homePagePageDef</name>
<actions>view</actions>
</permission>
<permission>
<class>oracle.adf.share.security.authorization.RegionPermission</class>
<name> myapp.view.pageDefs.loggingSearchPageDef</name>
<actions>view</actions>
</permission>
<permission>
<class>oracle.adf.share.security.authorization.RegionPermission</class>
<name>myapp.view.pageDefs.workHistoryPageDef</name>
<actions>view</actions>
</permission>
</permissions>
</grant>
</jazn-policy>
</application>
</applications>
</policy-store>
</jazn-data>Read Frank's article http://www.oracle.com/technetwork/issue-archive/2012/12-jan/o12adf-1364748.html
Then you have to check if the user use use to login are defined in the stand alone server. If you server is running in production mode there is no automatic user or role migration. You have to to this by yourself.
Once you have check that the users are present, you have to check if the enterprise roles are mapped to the corresponding application roles.
Timo -
ADF Authorization for ADF Mobile:Configuring Access Control URL for ADF App
Can someone explain, how to expose weblogic user roles as a Rest Json Api? Basically I want to set up Access Control URL to authorize users on adf mobile.
Hi Frank,
This is what I did. Could you please let me know if I am doing it right.
1. Created an adf application with a simple page and applied security basic http authentication.
2. Added a rest service implementation in the same application, changed the adf application web.xml as below
<servlet-mapping>
<servlet-name>jersey</servlet-name>
<url-pattern>/jersey/*</url-pattern>
</servlet-mapping>
3. When I test the rest service in browser, it asks to log in and returns the user roles. Below is my rest implementation
@POST
@Produces(MediaType.APPLICATION_JSON)
public User getMessag3() throws Exception {
return new User();}
the rest service returns the logged in user roles in below json format.
{"userid":"susant","roles":["SSBAccessGroup","authenticated-role","SSBAccessApp","anonymous-role"],"priviledges":[]}
Do I need to implement anything on the ADF mobile side or I can just add the rest service url to the authorization tab. Will adf mobile automatically handle sending the http request.
Actually I just added the rest service url to adfm-applications connections authorization tab and I am getting ACS failed error after log in.
Thanks -
As it's written in Oracle® Application Development Framework Developer’s Guide For Forms/4GL Developers B25947-01 I created file adf-config.xml file like this
<?xml version="1.0" encoding="windows-1252" ?>
<adf-config xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation=" http://xmlns.oracle.com/adf/config
../../../../../bc4jrt/src/oracle/adf/share/config/schema/config.xsd"
xmlns=" http://xmlns.oracle.com/adf/config "
xmlns:sec=" http://xmlns.oracle.com/adf/security/config ">
<sec:adf-config-child xmlns=" http://xmlns.oracle.com/adf/security/config ">
<JaasSecurityContext
initialContextFactoryClass="oracle.adf.share.security.JAASInitialContextFactory"
authorizationEnforce="true"
jaasProviderClass="oracle.adf.share.security.providers.jazn.JAZNSecurity Context" >
</JaasSecurityContext>
</sec:adf-config-child>
</adf-config>
Assigned permissions to my roles in Authorization editior on iterators etc.. But it did get any effect.
All roles have full access to iterators!
ADFContext.getCurrent().getSecurityContext().isAuthorizationEnabled() returns falseHi,
here's the adf-config file from my woking app
<?xml version="1.0" encoding="windows-1252" ?>
<adf-config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.oracle.com/adf/config ../../../../../bc4jrt/src/oracle/adf/share/config/schema/config.xsd"
xmlns="http://xmlns.oracle.com/adf/config"
xmlns:sec="http://xmlns.oracle.com/adf/security/config">
<sec:adf-config-child xmlns="http://xmlns.oracle.com/adf/security/config">
<JaasSecurityContext initialContextFactoryClass="oracle.adf.share.security.JAASInitialContextFactory"
jaasProviderClass="oracle.adf.share.security.providers.jazn.JAZNSecurityContext"
authorizationEnforce="true"/>
</sec:adf-config-child>
</adf-config>
Note that I don't use debug but run it from JDeveloper and the security settings are enforced. Did you set up the web.xml file - in other words, are you able to authenticate?
Frank -
JDev11 R.1. ADF Security Authorization
Hi,
I would like to know if it might be possible to use authenticatication via RDBMS authentication provider of Weblogic App. Server and ADF Security Authorization together in a JDev 11 application?. I am reading documentation and it says that; 'ADF Security relies on the jazn-data.xml file for the policy store whether you are using the XML-based identity store or the LDAP identity store. One could define roles and its access rights in jazn-data.xml and might expect authentication and isUserInRole services coming from the authentication service without defining users (role members) at design time. Is it or will it be possible in future?
Best Regards.Hi
I think it is too early and I don't know if they will ever build this. ( because they also have to support other app servers). Is RDBMS authentication provider of Weblogic App. Server a JAAS implementation?
in TP4 you had a db login module , don't know if this is supported in 11g production.
jps-config.xml
<serviceInstance provider="jaas.login.provider" name="testlogin">
<description>Sample LoginModule</description>
<property value="oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule" name="loginModuleClassName"/>
<property value="REQUIRED" name="jaas.login.controlFlag"/>
<property value="ovs_user" name="table"/>
<property value="jdbc/OVSDS" name="data_source_name"/>
<property value="role_name" name="groupMembershipGroupFieldName"/>
<property value="password" name="passwordField"/>
<property value="ovs_user_role_view" name="groupMembershipTableName"/>
<property value="role_name" name="usernameField"/>
<property value="role_name" name="pw_encoding_class"/>
<property value="oracle.security.jazn.login.module.db.util.DBLoginModuleMD5Encoder" name="groupMembershipGroupFieldName"/>
</serviceInstance>
<serviceInstance provider="jaas.login.provider" name="oracledb.loginmodule">
<property value="true" name="debug"/>
<property value="true" name="addAllRoles"/>
<property value="passwd" name="passwordField"/>
<property value="role_name" name="groupMembershipGroupFieldName"/>
<property value="jdbc/authschemaDS" name="data_source_name"/>
<property value="REQUIRED" name="jaas.login.controlFlag"/>
<property value="application_roles" name="groupMembershipTableName"/>
<property value="oracle.security.jazn.login.module.db.DBTableOraDataSourceLoginModule" name="loginModuleClassName"/>
<property value="FINEST" name="log.level"/>
<property value="username" name="usernameField"/>
<property value="application_users" name="table"/>
<property value="username" name="user_pk_column"/>
<property value="username" name="roles_fk_column"/>
<property value="tolower" name="casing"/>
<property value="oracle.security.jazn.login.module.db.util.DBLoginModuleClearTextEncoder" name="pw_encoding_class"/>
</serviceInstance>
thanks Edwin
Edited by: biemond on Oct 19, 2008 10:50 AM -
Is it possible to call wcf webservice on adf mobile?
Hi all,
I tried to consume a wcf webservice method on adf mobile by using java api as seen as below code snippet.
I tried to run on classical adf generic application by creating webservice proxy. Then i could get response properly. But when i consume webservice method on adfmobile i get http 501 error response. I have tried using drag and drop into amx page and execute binding action, result is same.
What might be the reason?
brgds
private boolean validateClient()
List pnames = new ArrayList();
List pvals = new ArrayList();
List ptypes = new ArrayList();
pnames.add("UserName");
pvals.add("test");
ptypes.add(String.class);
pnames.add("Password");
pvals.add("123");
ptypes.add(String.class);
pnames.add("DeviceID");
pvals.add("123456");
ptypes.add(String.class);
GenericType result = null;
try
ClientDetail clientDetail = null;
result = (GenericType)AdfmfJavaUtilities.invokeDataControlMethod("mlService", null, "ValidateClient", pnames, pvals, ptypes);
for (int i = 0; i < result.getAttributeCount(); i++)
// Get each individual GenericType instance that holds the attribute key-value pairs
GenericType entityGenericType = (GenericType)result.getAttribute(i);
clientDetail = (ClientDetail)GenericTypeBeanSerializationHelper.fromGenericType(ClientDetail.class, entityGenericType);
if (clientDetail != null)
if (clientDetail.getIsValidate().booleanValue())
return true;
else
AdfmfContainerUtilities.invokeContainerJavaScriptFunction("com.accmee.menu", "navigator.notification.alert",
new Object[] { "No access",
"No access: ", "Ok" });
} else
AdfmfContainerUtilities.invokeContainerJavaScriptFunction("com.accmee.menu", "navigator.notification.alert",
new Object[] { "No access",
"No access: ", "Ok" });
return false;
catch (AdfInvocationException aie)
if (AdfInvocationException.CATEGORY_WEBSERVICE.compareTo(aie.getErrorCategory()) == 0)
throw new AdfException("Error with the server. Please try later.", AdfException.ERROR);
aie.printStackTrace();
throw new AdfException("Uzak veri sağlayısı çağrılırken hata oluştu", AdfException.ERROR);
return false;No, as far as i know they are not secured service. What if they are secured, do i need to authenticate during consuming method in webservice proxy, dont i. But as i said before, i could consume and get response on webservice proxy in regular adf project.
I can consume methods of another webservice (i.e. http://www.html2xml.nl/Services/Calculator/Version1/Calculator.asmx?WSDL) also in all methods that presented.
No, i can not obtain access on another way to server, it is remote and out of my control.
Ok, i tried as you say.
Problem exists here too. May be an interopability problem on between adf platform and wcf service? What do you think Mr Shmeltzer?
http://i42.tinypic.com/ny8jtd.png
<WebServiceConnectionMessages> <debugExecuteFailure> Failed to execute a SAAJ interaction.
oracle.j2ee.ws.client.jaxws.JRFSOAPFaultException: Client received SOAP Fault from server : The SOAP action specified on the message, '', does not match the HTTP SOAP Action, 'http://tempuri.org/IAuthenticationService/ValidateClient'.
at oracle.j2ee.ws.client.jaxws.DispatchImpl.throwJAXWSSoapFaultException(DispatchImpl.java:1040)
at oracle.j2ee.ws.client.jaxws.DispatchImpl.invoke(DispatchImpl.java:826)
at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.synchronousInvocationWithRetry(OracleDispatchImpl.java:235)
at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.invoke(OracleDispatchImpl.java:106)
at oracle.adf.model.connection.webservice.impl.SaajInteractionImpl.execute(SaajInteractionImpl.java:80)
at oracle.adfinternal.model.adapter.webservice.provider.soap.SOAPProvider.execute(SOAPProvider.java:324)
at oracle.adfinternal.model.adapter.webservice.WSDataControl.invokeOperation(WSDataControl.java:277)
at oracle.adf.model.bean.DCBeanDataControl.invokeMethod(DCBeanDataControl.java:444)
at oracle.adf.model.binding.DCInvokeMethod.callMethod(DCInvokeMethod.java:266)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.doIt(JUCtrlActionBinding.java:1626)
at oracle.adf.model.binding.DCDataControl.invokeOperation(DCDataControl.java:2169)
at oracle.adf.model.bean.DCBeanDataControl.invokeOperation(DCBeanDataControl.java:507)
at oracle.adf.model.adapter.AdapterDCService.invokeOperation(AdapterDCService.java:307)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.invoke(JUCtrlActionBinding.java:731)
at oracle.jbo.uicli.binding.JUMethodIteratorDef$JUMethodIteratorBinding.invokeMethodAction(JUMethodIteratorDef.java:173)
at oracle.jbo.uicli.binding.JUMethodIteratorDef$JUMethodIteratorBinding.initSourceRSI(JUMethodIteratorDef.java:656)
at oracle.adf.model.binding.DCIteratorBinding.callInitSourceRSI(DCIteratorBinding.java:1700)
at oracle.adf.model.binding.DCIteratorBinding.internalGetRowSetIterator(DCIteratorBinding.java:1674)
at oracle.adf.model.binding.DCIteratorBinding.refresh(DCIteratorBinding.java:4476)
at oracle.adf.model.binding.DCExecutableBinding.refreshIfNeeded(DCExecutableBinding.java:341)
at oracle.adf.model.binding.DCIteratorBinding.getRowSetIterator(DCIteratorBinding.java:1634)
at oracle.jbo.uicli.binding.MyIteratorBinding.initSourceRSI(JUAccessorIteratorDef.java:768)
at oracle.adf.model.binding.DCIteratorBinding.callInitSourceRSI(DCIteratorBinding.java:1700)
at oracle.adf.model.binding.DCIteratorBinding.internalGetRowSetIterator(DCIteratorBinding.java:1674)
at oracle.adf.model.binding.DCIteratorBinding.refresh(DCIteratorBinding.java:4476)
at oracle.adf.model.binding.DCExecutableBinding.refreshIfNeeded(DCExecutableBinding.java:341)
at oracle.jbo.uicli.binding.JUCtrlValueBinding.isAttributeUpdateable(JUCtrlValueBinding.java:1707)
at oracle.jbo.uicli.binding.JUCtrlValueBinding.isAttributeUpdateable(JUCtrlValueBinding.java:1826)
at oracle.jbo.uicli.binding.JUCtrlValueBinding.isUpdateable(JUCtrlValueBinding.java:2722)
at oracle.adfinternal.view.faces.model.AdfELResolver._isReadOnly(AdfELResolver.java:130)
at oracle.adfinternal.view.faces.model.AdfELResolver.isReadOnly(AdfELResolver.java:147)
at oracle.adfinternal.view.faces.model.AdfELResolverProxy.isReadOnly(AdfELResolverProxy.java:78)
at com.sun.faces.el.DemuxCompositeELResolver._isReadOnly(DemuxCompositeELResolver.java:293)
at com.sun.faces.el.DemuxCompositeELResolver.isReadOnly(DemuxCompositeELResolver.java:322)
at com.sun.el.parser.AstValue.isReadOnly(Unknown Source)
at com.sun.el.ValueExpressionImpl.isReadOnly(Unknown Source)
at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer._getUncachedReadOnly(EditableValueRenderer.java:476)
at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.cacheReadOnly(EditableValueRenderer.java:406)
at oracle.adfinternal.view.faces.renderkit.rich.LabeledInputRenderer.beforeEncode(LabeledInputRenderer.java:128)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:510)
at org.apache.myfaces.trinidad.component.UIXComponentBase.encodeEnd(UIXComponentBase.java:923)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1681)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeChild(CoreRenderer.java:624)
at oracle.adf.view.rich.render.RichRenderer.encodeChild(RichRenderer.java:3201)
at oracle.adfinternal.view.faces.renderkit.rich.PanelFormLayoutRenderer._encodeFormItem(PanelFormLayoutRenderer.java:1088)
at oracle.adfinternal.view.faces.renderkit.rich.PanelFormLayoutRenderer.access$100(PanelFormLayoutRenderer.java:50)
at oracle.adfinternal.view.faces.renderkit.rich.PanelFormLayoutRenderer$FormColumnEncoder.processComponent(PanelFormLayoutRenderer.java:1604)
at oracle.adfinternal.view.faces.renderkit.rich.PanelFormLayoutRenderer$FormColumnEncoder.processComponent(PanelFormLayoutRenderer.java:1523)
at org.apache.myfaces.trinidad.component.UIXComponent.processFlattenedChildren(UIXComponent.java:187)
at org.apache.myfaces.trinidad.component.UIXComponent.processFlattenedChildren(UIXComponent.java:318)
at org.apache.myfaces.trinidad.component.UIXComponent.encodeFlattenedChildren(UIXComponent.java:283)
at oracle.adfinternal.view.faces.renderkit.rich.PanelFormLayoutRenderer._encodeChildren(PanelFormLayoutRenderer.java:420)
at oracle.adfinternal.view.faces.renderkit.rich.PanelFormLayoutRenderer.encodeAll(PanelFormLayoutRenderer.java:208)
at oracle.adf.view.rich.render.RichRenderer.encodeAll(RichRenderer.java:1452)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:511)
at org.apache.myfaces.trinidad.component.UIXComponentBase.encodeEnd(UIXComponentBase.java:923)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1681)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeChild(CoreRenderer.java:624)
at oracle.adf.view.rich.render.RichRenderer.encodeChild(RichRenderer.java:3201)
at oracle.adfinternal.view.faces.renderkit.rich.PanelFormLayoutRenderer._encodeFormItem(PanelFormLayoutRenderer.java:1127)
at oracle.adfinternal.view.faces.renderkit.rich.PanelFormLayoutRenderer.access$100(PanelFormLayoutRenderer.java:50)
at oracle.adfinternal.view.faces.renderkit.rich.PanelFormLayoutRenderer$FormColumnEncoder.processComponent(PanelFormLayoutRenderer.java:1604)
at oracle.adfinternal.view.faces.renderkit.rich.PanelFormLayoutRenderer$FormColumnEncoder.processComponent(PanelFormLayoutRenderer.java:1523)
at org.apache.myfaces.trinidad.component.UIXComponent.processFlattenedChildren(UIXComponent.java:187)
at org.apache.myfaces.trinidad.component.UIXComponent.processFlattenedChildren(UIXComponent.java:318)
at org.apache.myfaces.trinidad.component.UIXComponent.encodeFlattenedChildren(UIXComponent.java:283)
at oracle.adfinternal.view.faces.renderkit.rich.PanelFormLayoutRenderer._encodeChildren(PanelFormLayoutRenderer.java:420)
at oracle.adfinternal.view.faces.renderkit.rich.PanelFormLayoutRenderer.encodeAll(PanelFormLayoutRenderer.java:208)
at oracle.adf.view.rich.render.RichRenderer.encodeAll(RichRenderer.java:1452)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:511)
at org.apache.myfaces.trinidad.component.UIXComponentBase.encodeEnd(UIXComponentBase.java:923)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1681)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeChild(CoreRenderer.java:624)
at oracle.adf.view.rich.render.RichRenderer.encodeChild(RichRenderer.java:3201)
at oracle.adfinternal.view.faces.renderkit.rich.PanelStretchLayoutRenderer.encodeCenterFacet(PanelStretchLayoutRenderer.java:878)
at oracle.adfinternal.view.faces.renderkit.rich.PanelStretchLayoutRenderer._encodeCenterPane(PanelStretchLayoutRenderer.java:1299)
at oracle.adfinternal.view.faces.renderkit.rich.PanelStretchLayoutRenderer._encodeMiddlePanes(PanelStretchLayoutRenderer.java:350)
at oracle.adfinternal.view.faces.renderkit.rich.PanelStretchLayoutRenderer.encodeAll(PanelStretchLayoutRenderer.java:315)
at oracle.adf.view.rich.render.RichRenderer.encodeAll(RichRenderer.java:1452)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:511)
at org.apache.myfaces.trinidad.component.UIXComponentBase.encodeEnd(UIXComponentBase.java:923)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1681)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeChild(CoreRenderer.java:624)
at oracle.adf.view.rich.render.RichRenderer.encodeChild(RichRenderer.java:3201)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeAllChildren(CoreRenderer.java:641)
at oracle.adf.view.rich.render.RichRenderer.encodeAllChildrenInContext(RichRenderer.java:3062)
at oracle.adfinternal.view.faces.renderkit.rich.FormRenderer.encodeAll(FormRenderer.java:274)
at oracle.adf.view.rich.render.RichRenderer.encodeAll(RichRenderer.java:1452)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:511)
at org.apache.myfaces.trinidad.component.UIXComponentBase.encodeEnd(UIXComponentBase.java:923)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1681)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeChild(CoreRenderer.java:624)
at oracle.adf.view.rich.render.RichRenderer.encodeChild(RichRenderer.java:3201)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeAllChildren(CoreRenderer.java:641)
at oracle.adf.view.rich.render.RichRenderer.encodeAllChildrenInContext(RichRenderer.java:3062)
at oracle.adfinternal.view.faces.renderkit.rich.DocumentRenderer.encodeAll(DocumentRenderer.java:1275)
at oracle.adf.view.rich.render.RichRenderer.encodeAll(RichRenderer.java:1452)
at org.apache.myfaces.trinidad.render.CoreRenderer.encodeEnd(CoreRenderer.java:511)
at org.apache.myfaces.trinidad.component.UIXComponentBase.encodeEnd(UIXComponentBase.java:923)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1681)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1677)
at oracle.adfinternal.view.faces.component.AdfViewRoot.encodeAll(AdfViewRoot.java:91)
at com.sun.faces.application.view.JspViewHandlingStrategy.doRenderView(JspViewHandlingStrategy.java:431)
at com.sun.faces.application.view.JspViewHandlingStrategy.renderView(JspViewHandlingStrategy.java:233)
at org.apache.myfaces.trinidadinternal.application.ViewDeclarationLanguageFactoryImpl$ChangeApplyingVDLWrapper.renderView(ViewDeclarationLanguageFactoryImpl.java:350)
at com.sun.faces.application.view.MultiViewHandler.renderView(MultiViewHandler.java:131)
at javax.faces.application.ViewHandlerWrapper.renderView(ViewHandlerWrapper.java:273)
at org.apache.myfaces.trinidadinternal.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:165)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:1035)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:342)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:236)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:509)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:125)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope" xmlns:ns1="http://tempuri.org/"><env:Header/><env:Body><ns1:ValidateClient/></env:Body></env:Envelope><SOAPProvider> <handleFault> The Web Service call generated a SOAP Fault : [s:Sender] The SOAP action specified on the message, '', does not match the HTTP SOAP Action, 'http://tempuri.org/IAuthenticationService/ValidateClient'.
<SOAPProvider> <handleFault> Verify if all the necessary parameter values are provided correctly and confirm to the schema constraints as defined in the WSDL
<SOAPProvider> <handleFault> If the service requires any SOAP headers, Verify that they have been correctly defined in the request
<SOAPProvider> <handleFault> The Web Service may have generated an exception in an attempt to handle the request, and has returned a SOAP fault to indicate that exception.
brgds -
Deploying ADF Mobile Browser Sample App in JDeveloper 11.1.2.3
Hi,
I had problem in deploying the sample app for ADF Mobile Browser in JDeveloper 11.1.2.3.
I had tried every solution such as replacing web.xml for the Sample App with web.xml created in JDeveloper 11.1.2.3.
I could not find the Jar file for the oracle.adfinternal.view.faces.bi.facelets.graph.RichSeriesSetHandler in the web also.
Please help to solve this problem as I had tried for many days.
Thank you very much! =)
ADF Mobile Browser Sample App URL:
[ADF Mobile Browser Sample App|http://www.oracle.com/technetwork/developer-tools/adf/adf-mobile-browser-1864237.html]
Error Log:_
*<ConfigureListener> <contextInitialized> Critical error during deployment:*
com.sun.faces.config.ConfigurationException: CONFIGURATION FAILED! oracle.adfinternal.view.faces.bi.facelets.graph.RichSeriesSetHandler
at com.sun.faces.config.ConfigManager.initialize(ConfigManager.java:357)
at com.sun.faces.config.ConfigureListener.contextInitialized(ConfigureListener.java:226)
at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:481)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:181)
at weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAppServletContext.java:1872)
at weblogic.servlet.internal.WebAppServletContext.start(WebAppServletContext.java:3153)
at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1508)
at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:482)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
at weblogic.application.internal.flow.ScopedModuleDriver.start(ScopedModuleDriver.java:200)
at weblogic.application.internal.flow.ModuleListenerInvoker.start(ModuleListenerInvoker.java:247)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
at weblogic.application.internal.flow.StartModulesFlow.activate(StartModulesFlow.java:27)
at weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.java:636)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:205)
at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:58)
at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
at weblogic.deploy.internal.targetserver.operations.AbstractOperation.activate(AbstractOperation.java:569)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.activateDeployment(ActivateOperation.java:150)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doCommit(ActivateOperation.java:116)
at weblogic.deploy.internal.targetserver.operations.AbstractOperation.commit(AbstractOperation.java:323)
at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentCommit(DeploymentManager.java:844)
at weblogic.deploy.internal.targetserver.DeploymentManager.activateDeploymentList(DeploymentManager.java:1253)
at weblogic.deploy.internal.targetserver.DeploymentManager.handleCommit(DeploymentManager.java:440)
at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.commit(DeploymentServiceDispatcher.java:163)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doCommitCallback(DeploymentReceiverCallbackDeliverer.java:195)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$100(DeploymentReceiverCallbackDeliverer.java:13)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$2.run(DeploymentReceiverCallbackDeliverer.java:68)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused by: java.lang.ClassNotFoundException: oracle.adfinternal.view.faces.bi.facelets.graph.RichSeriesSetHandler
at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:297)
at weblogic.utils.classloaders.GenericClassLoader.findClass(GenericClassLoader.java:270)
at weblogic.utils.classloaders.ChangeAwareClassLoader.findClass(ChangeAwareClassLoader.java:64)
at java.lang.ClassLoader.loadClass(ClassLoader.java:305)
at java.lang.ClassLoader.loadClass(ClassLoader.java:246)
at weblogic.utils.classloaders.GenericClassLoader.loadClass(GenericClassLoader.java:179)
at weblogic.utils.classloaders.ChangeAwareClassLoader.loadClass(ChangeAwareClassLoader.java:43)
at com.sun.faces.util.Util.loadClass(Util.java:303)
at com.sun.faces.config.processor.AbstractConfigProcessor.loadClass(AbstractConfigProcessor.java:311)
at com.sun.faces.config.processor.FaceletTaglibConfigProcessor.processHandlerClass(FaceletTaglibConfigProcessor.java:420)
at com.sun.faces.config.processor.FaceletTaglibConfigProcessor.processTags(FaceletTaglibConfigProcessor.java:371)
at com.sun.faces.config.processor.FaceletTaglibConfigProcessor.processTagLibrary(FaceletTaglibConfigProcessor.java:314)
at com.sun.faces.config.processor.FaceletTaglibConfigProcessor.process(FaceletTaglibConfigProcessor.java:263)
at com.sun.faces.config.ConfigManager.initialize(ConfigManager.java:340)
... 38 more
<Dec 10, 2012 12:20:15 PM IST> <Warning> <HTTP> <BEA-101162> <User defined listener com.sun.faces.config.ConfigureListener failed: java.lang.RuntimeException: com.sun.faces.config.ConfigurationException: CONFIGURATION FAILED! oracle.adfinternal.view.faces.bi.facelets.graph.RichSeriesSetHandler.
java.lang.RuntimeException: com.sun.faces.config.ConfigurationException: CONFIGURATION FAILED! oracle.adfinternal.view.faces.bi.facelets.graph.RichSeriesSetHandler
at com.sun.faces.config.ConfigureListener.contextInitialized(ConfigureListener.java:293)
at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:481)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.EventsManager.notifyContextCreatedEvent(EventsManager.java:181)
Truncated. see log file for complete stacktrace
Caused By: com.sun.faces.config.ConfigurationException: CONFIGURATION FAILED! oracle.adfinternal.view.faces.bi.facelets.graph.RichSeriesSetHandler
at com.sun.faces.config.ConfigManager.initialize(ConfigManager.java:357)
at com.sun.faces.config.ConfigureListener.contextInitialized(ConfigureListener.java:226)
at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:481)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
Truncated. see log file for complete stacktrace
Caused By: java.lang.ClassNotFoundException: oracle.adfinternal.view.faces.bi.facelets.graph.RichSeriesSetHandler
at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:297)
at weblogic.utils.classloaders.GenericClassLoader.findClass(GenericClassLoader.java:270)
at weblogic.utils.classloaders.ChangeAwareClassLoader.findClass(ChangeAwareClassLoader.java:64)
at java.lang.ClassLoader.loadClass(ClassLoader.java:305)
at java.lang.ClassLoader.loadClass(ClassLoader.java:246)
Truncated. see log file for complete stacktrace
>
<FactoryFinder$FactoryManager> <getFactory> Application was not properly initialized at startup, could not find Factory: javax.faces.application.ApplicationFactory. Attempting to find backup.
<ConfigureListener> <contextDestroyed> Unexpected exception when attempting to tear down the Mojarra runtime
java.lang.IllegalStateException: Could not find backup for factory javax.faces.application.ApplicationFactory.
at javax.faces.FactoryFinder$FactoryManager.getFactory(FactoryFinder.java:996)
at javax.faces.FactoryFinder.getFactory(FactoryFinder.java:331)
at com.sun.faces.config.InitFacesContext.getApplication(InitFacesContext.java:131)
at com.sun.faces.config.ConfigureListener.contextDestroyed(ConfigureListener.java:329)
at weblogic.servlet.internal.EventsManager$FireContextListenerAction.run(EventsManager.java:482)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.EventsManager.notifyContextDestroyedEvent(EventsManager.java:200)
at weblogic.servlet.internal.WebAppServletContext.destroy(WebAppServletContext.java:3224)
at weblogic.servlet.internal.ServletContextManager.destroyContext(ServletContextManager.java:247)
at weblogic.servlet.internal.HttpServer.unloadWebApp(HttpServer.java:461)
at weblogic.servlet.internal.WebAppModule.destroyContexts(WebAppModule.java:1535)
at weblogic.servlet.internal.WebAppModule.deactivate(WebAppModule.java:507)
at weblogic.application.internal.flow.ModuleStateDriver$2.previous(ModuleStateDriver.java:387)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:223)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:215)
at weblogic.application.internal.flow.ModuleStateDriver.deactivate(ModuleStateDriver.java:141)
at weblogic.application.internal.flow.ScopedModuleDriver.deactivate(ScopedModuleDriver.java:206)
at weblogic.application.internal.flow.ModuleListenerInvoker.deactivate(ModuleListenerInvoker.java:261)
at weblogic.application.internal.flow.DeploymentCallbackFlow$2.previous(DeploymentCallbackFlow.java:547)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:223)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:215)
at weblogic.application.internal.flow.DeploymentCallbackFlow.deactivate(DeploymentCallbackFlow.java:192)
at weblogic.application.internal.flow.DeploymentCallbackFlow.deactivate(DeploymentCallbackFlow.java:184)
at weblogic.application.internal.BaseDeployment$2.previous(BaseDeployment.java:642)
at weblogic.application.utils.StateMachineDriver.previousState(StateMachineDriver.java:223)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:63)
at weblogic.application.internal.BaseDeployment.activate(BaseDeployment.java:205)
at weblogic.application.internal.EarDeployment.activate(EarDeployment.java:58)
at weblogic.application.internal.DeploymentStateChecker.activate(DeploymentStateChecker.java:161)
at weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(AppContainerInvoker.java:79)
at weblogic.deploy.internal.targetserver.operations.AbstractOperation.activate(AbstractOperation.java:569)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.activateDeployment(ActivateOperation.java:150)
at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doCommit(ActivateOperation.java:116)
at weblogic.deploy.internal.targetserver.operations.AbstractOperation.commit(AbstractOperation.java:323)
at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentCommit(DeploymentManager.java:844)
at weblogic.deploy.internal.targetserver.DeploymentManager.activateDeploymentList(DeploymentManager.java:1253)
at weblogic.deploy.internal.targetserver.DeploymentManager.handleCommit(DeploymentManager.java:440)
at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.commit(DeploymentServiceDispatcher.java:163)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doCommitCallback(DeploymentReceiverCallbackDeliverer.java:195)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$100(DeploymentReceiverCallbackDeliverer.java:13)
at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$2.run(DeploymentReceiverCallbackDeliverer.java:68)
at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
<Dec 10, 2012 12:20:15 PM IST> <Error> <Deployer> <BEA-149265> <Failure occurred in the execution of deployment request with ID '1355122207762' for task '3'. Error is: 'weblogic.application.ModuleException: '
weblogic.application.ModuleException:
at weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.java:1510)
at weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:482)
at weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleStateDriver.java:425)
at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:52)
at weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStateDriver.java:119)
Truncated. see log file for complete stacktrace
Caused By: java.lang.ClassNotFoundException: oracle.adfinternal.view.faces.bi.facelets.graph.RichSeriesSetHandler
at weblogic.utils.classloaders.GenericClassLoader.findLocalClass(GenericClassLoader.java:297)
at weblogic.utils.classloaders.GenericClassLoader.findClass(GenericClassLoader.java:270)
at weblogic.utils.classloaders.ChangeAwareClassLoader.findClass(ChangeAwareClassLoader.java:64)
at java.lang.ClassLoader.loadClass(ClassLoader.java:305)
at java.lang.ClassLoader.loadClass(ClassLoader.java:246)
Truncated. see log file for complete stacktrace
>
Edited by: 975879 on Dec 9, 2012 10:56 PMHi Frank,
Thanks for the fast response.
Based on your advice, I had try to comment out all usage of graph in jsp, web.xml, and data binding file.
But even after perform these, I still facing the same problem.
For your information, RichSeriesSetHandler does not exist in the oracle.adfinternal.view.faces.bi.facelets.
I suspecting RichSeriesSetHandler is configured in the app and it occur this error as it could not find the class.
I had try to search this usage of this class in the app but there is no results found. -
Error while creating CustomSOAPProvider in ADF Mobile
Hi,
I want to add the security headers to the SOAP request from the ADF mobile application to the webservice.
But when I am trying to extend the oracle.adfinternal.model.adapter.webservice.provider.soap.SOAPProvider class in my CustomSOAPProvider class, it says "Illegal Internal package import. Please use public api".
I have changed the audit rules as Tools - Preferences - Audit - Profiles - Audit Rules - Application Development Framework - ADF Common - ADF java audit rules - "Illegal Internal package import. Please use public api" severity and style to "Warning". But still it is not working.
I am using JDeveloper 11.1.2.3.0 version.
Please help...I couldn't understand which is the intended security policy to be added from the above link.
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-1">
<wsse:Username>myuser</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">mypassword</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">3xp9MFe3E1BDAPjr8ipA8A==</wsse:Nonce>
<wsu:Created>2013-02-13T08:58:50.649Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
This is my SOAP security header. Which is the security policy to be used here?... -
How to get data from web service in ADF mobile
I'm new to ADF mobile application development. I'm currently blocked in a scenario. I have a web service(from third party) which needs <wsse:Security> to retrieve data. In soapUI, the web service will retrieve the response only when there is this security tag. Otherwise it will give response as invalid security. The web service looks like this:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xx="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/" xmlns:get="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/get_login/">
<soapenv:Header>
<xx:SOAHeader>
<!--Optional:-->
<xx:Responsibility>XXX</xx:Responsibility>
<!--Optional:-->
<xx:RespApplication>XXX</xx:RespApplication>
<!--Optional:-->
<xx:SecurityGroup>XXX</xx:SecurityGroup>
<!--Optional:-->
<xx:NLSLanguage>XXX</xx:NLSLanguage>
<!--Optional:-->
<xx:Org_Id>XXX</xx:Org_Id>
</xx:SOAHeader>
<The portion which is excluded from the soap, but which is required for getting response>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-1">
<wsse:Username>XXX</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XXX</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">XXX</wsse:Nonce>
<wsu:Created>2013-02-13T08:58:50.649Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
<The portion which is excluded from the soap, but which is required for getting response>
</soapenv:Header>
<soapenv:Body>
<get:InputParameters>
<!--Optional:-->
<get:P_USERNAME>XXX</get:P_USERNAME>
</get:InputParameters>
</soapenv:Body>
</soapenv:Envelope>
I tried the steps described in ADF mobile tutorial to get web service data. But I'm getting response code 500 from the server. I tried the steps for secured web service also. But I'm not sure which security policy has been implemented in the web service. I tried with oracle/wss_username_client_token_policy and some others but didn't succeed. Later I tried by creating web service client/proxy. But as Oracle ADF only supports java 1.4, I got errors in the generated code(errors on generics and annotation).
The WSDL for the web service is as follows:
<definitions xmlns:tns="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns1="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/get_login/" name="XX_FS_MOB_LOGIN" targetNamespace="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/">
<types>
<schema xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" targetNamespace="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/get_login/">
<include schemaLocation="http://27.251.157.211:8000/webservices/SOAProvider/plsql/xx_fs_mob_login/APPS_XX_FS_MOB_LOGIN_GET_LOGIN.xsd"/>
</schema>
<schema xmlns="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" targetNamespace="http://xmlns.oracle.com/apps/csf/soaprovider/plsql/xx_fs_mob_login/">
<element name="SOAHeader">
<complexType>
<sequence>
<element name="Responsibility" minOccurs="0" type="string"/>
<element name="RespApplication" minOccurs="0" type="string"/>
<element name="SecurityGroup" minOccurs="0" type="string"/>
<element name="NLSLanguage" minOccurs="0" type="string"/>
<element name="Org_Id" minOccurs="0" type="string"/>
</sequence>
</complexType>
</element>
</schema>
</types>
<message name="GET_LOGIN_Input_Msg">
<part name="header" element="tns:SOAHeader"/>
<part name="body" element="tns1:InputParameters"/>
</message>
<message name="GET_LOGIN_Output_Msg">
<part name="body" element="tns1:OutputParameters"/>
</message>
<portType name="XX_FS_MOB_LOGIN_PortType">
<operation name="GET_LOGIN">
<input message="tns:GET_LOGIN_Input_Msg"/>
<output message="tns:GET_LOGIN_Output_Msg"/>
</operation>
</portType>
<binding name="XX_FS_MOB_LOGIN_Binding" type="tns:XX_FS_MOB_LOGIN_PortType">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="GET_LOGIN">
<soap:operation soapAction="http://XXX:8000/webservices/SOAProvider/plsql/xx_fs_mob_login/"/>
<input>
<soap:header message="tns:GET_LOGIN_Input_Msg" part="header" use="literal"/>
<soap:body parts="body" use="literal"/>
</input>
<output>
<soap:body use="literal"/>
</output>
</operation>
</binding>
<service name="XX_FS_MOB_LOGIN_Service">
<port name="XX_FS_MOB_LOGIN_Port" binding="tns:XX_FS_MOB_LOGIN_Binding">
<soap:address location="http://XXX:8000/webservices/SOAProvider/plsql/xx_fs_mob_login/"/>
</port>
</service>
</definitions>
Please help me to figure out a solution for this.
Thanks in advance
Rinohow to store the data in the mobile which i fetched from the server using RMS. Can u give me a eg. code. here and send me a link to my email id. [email protected]
I am using Oravle10g as the database. It is installed in the server.
I made a connection in servlet using ODBC:JDBC.
I am able to see the data fetched from the server in my mobile.
Now, i am trying to save the data. But i dont know how to use the RMS to connect to the Oracle database or pass the string etc.
Do help me if you dont mind.
I kept reading and tried some codes but i failed.
Me still trying...........
Thanks in Advance. -
Error when starting ADF Mobile Browser Sample Application
I had successfully deployed the Sample App downloaded from the Oracle ADF Mobile Browser Website in JDeveloper 11.1.2.2.
This sample app is deployed successfully in IntegratedWebLogicServer as EAR.
But when I trying to access the app in browser, it omit the following error:
Error 500--Internal Server Error
java.lang.NullPointerException
at oracle.adfinternal.controller.util.AdfvInterfaceImpl.updateQueryParameters(AdfvInterfaceImpl.java:211)
at oracle.adfinternal.controller.state.RequestState.updateUrlStateToken(RequestState.java:677)
at oracle.adfinternal.controller.state.RequestState.setCurrentStateInstance(RequestState.java:188)
at oracle.adfinternal.controller.state.RequestState.setCurrentViewPortContext(RequestState.java:215)
at oracle.adfinternal.controller.state.ControllerState.setRequestState(ControllerState.java:877)
at oracle.adfinternal.controller.state.ControllerState.initializeRootViewPort(ControllerState.java:646)
at oracle.adfinternal.controller.state.ControllerState.synchronizeStatePart1(ControllerState.java:302)
at oracle.adfinternal.controller.application.SyncNavigationStateListener.beforePhase(SyncNavigationStateListener.java:219)
at oracle.adfinternal.controller.lifecycle.ADFLifecycleImpl$PagePhaseListenerWrapper.beforePhase(ADFLifecycleImpl.java:550)
at oracle.adfinternal.controller.lifecycle.LifecycleImpl.internalDispatchBeforeEvent(LifecycleImpl.java:100)
at oracle.adfinternal.controller.lifecycle.LifecycleImpl.dispatchBeforePagePhaseEvent(LifecycleImpl.java:147)
at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener$PhaseInvokerImpl.dispatchBeforePagePhaseEvent(ADFPhaseListener.java:119)
at oracle.adfinternal.controller.faces.lifecycle.ADFPhaseListener.beforePhase(ADFPhaseListener.java:63)
at oracle.adfinternal.controller.faces.lifecycle.ADFLifecyclePhaseListener.beforePhase(ADFLifecyclePhaseListener.java:44)
at com.sun.faces.lifecycle.Phase.handleBeforePhase(Phase.java:228)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:99)
at com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:111)
at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:508)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)Hi Sashank, Thank for your reply and advice.
This is a mobile ADF browser which it is deployed in EAR in Weblogic.
ADF Mobile browser is different with ADF Mobile as one is access through mobile browser and one is access as mobile app.
Please correct me if I'm wrong in this.
Thanks -
ADF Mobile : Rest call to a webservice using https - Certificate Error
I'm trying to connect to a web service giving json and which uses https. I am using the following code.
Also SalesApp connects to https://abc.com
RestServiceAdapter restServiceAdapter = Model.createRestServiceAdapter();
restServiceAdapter.clearRequestProperties();
restServiceAdapter.setConnectionName("SalesApp");
restServiceAdapter.setRequestType(RestServiceAdapter.REQUEST_TYPE_GET);
restServiceAdapter.setRetryLimit(0);
restServiceAdapter.setRequestURI("/sales/rest/v1/resources");
try {
response = restServiceAdapter.send("");
I am getting an error of " Certificate was issued by an unrecognized entity ".
Is there anyway to ignore the certificate warning ? Any request properties which can help with this?
I'm not looking at adding any private certificates/verfying the certificate issued by server, just want to ignore the warning
and proceed with the rest call.Hi, sure you will need to register your private certificate with ADF Mobile's embedded JVM. This is a security mechanism - the JVM we embed will only recognize certificates from well-know CA out of box. However, you can register your private certificate with the JVM. The steps are described in the ADF Mobile Developer Guide: http://docs.oracle.com/cd/E35521_01/doc.111230/e24475/security.htm#CDDCCDFF.
Please note that you will need to be very careful when registering the JVM - extra spaces for example will cause certificate error and it could be hard to diagnose. Please ensure all the fields matches exactly with your private certificate's fields.
Thanks,
Joe Huang -
Getting error in ADF Login security
Hi Team,
I am making security login mechanism.
I referred - Oracle ADF 11g Security - Custom ADF Login Form - Part 1 (High) and part 2 video from youtube.
I am not getting any error in my log but after entering username and password its giving me error-
Error 401--Unauthorized
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
*10.4.2 401 Unauthorized*
The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11.
Can you please suggest me how to resolve this.
Jdev :- 11.1.1.6.0
Thanks in advance.
Ramit MathurHi.
Check the grants/permissions in jazn-data
After you log in, the security framework checks the user's right to access the resource. For example, if you receive an unexpected 401 unauthorized user error, verify that you have created grants as suggested in Section 30.11.4, "Best Practices for Working with Oracle ADF Security."
http://docs.oracle.com/cd/E14571_01/web.1111/b31974/adding_security.htm#BABFIHAF
Maybe you are looking for
-
I'm unable to open up Lightroom 5, I get this message in a pop up box: "Lightroom encountered an error when reading from it's preview cache and needs to quit" Underneath that is "Lightroom will attempt to fix this problem the next time when it launc
-
Cost element 7000218 is not assigned to a cost component in CostCompStruct
Dear All, How to change the standard price in MR21 for materials with Price Determination Control 3 ( header level V & 3) (Split level S & 3) In MR21, when I am updating the price for initial stock uploading. It throws me a error Cost element 7000218
-
How to import playlist to itunes?
There's no "Import Playlist" option in the library tab. I'm using iTunes in Windows 7 and it's not there.
-
Hello, I'm stuck on this issue. I got this error on Front-end server. Can someone help me on this. TLS outgoing connection failures. Over the past 28 minutes, Lync Server has experienced TLS outgoing connection failures 15 time(s). The error code of
-
Bell icon (symbol) does not appear when i put my phone on silent
Bell icon (symbol) does not appear when i put my phone on silent (or vice-versa) when in standby mode. Help.