How to configure ADF application to use OAM Identity Assertion ? web.xml

Similar Messages

• Deployment of an ADF application with use's the JAAS

  hi all,
  i built an ADF application and used the JAAS based authentication and authorization and every thing works fine on the embedded oc4j for the Jdev, but when i deployed the application to the application server the authentication is apparently disabled since it's open the jsp pages without redirecting to the login page as usual on the embedded oc4j, so what should i configure on the AS oc4j ?
  since i created all roles and users ans premissions on the application side how can i configure the AS oc4j to the system-jazn-data.xml?
  i updated the security provider and it doesn't work.
  appreciate any help

  Hi
  the login screen come up after deployment but i changed the security provider for my application to the system-jazen-data.xml file which i placed on the AS but it still doesn't read the users and roles and permissions configured on it..
  my major problem is that i built the whole Application on the Jdev and it's internal OC4J, so how can i deploy it on the AS without repeating my work??
  and a second question , with the ear file it self is the polices the i gave to each role configured in it??? can i just add the roles and users on the AS OC4J and i ll find the authorization i did already on the Application level??
  thanx and best regards for help

• How to deploy ADF Application

  Based on my understanding it looks like ADF components are tightly coupled with Database Tables.
  In this case how do i deploy an application from DEV -- > QA -- STAGING --> PROD
  With less modification, Do we have any document that will explain the deployment procedure.
  Thanks

  The easiest way to do this would probably be to set up a JDBC datasource on each application server. The JDBC datasources should have the same name and JNDI location on all three app servers, but should each contain different connection information (one to your DEV database, one to TEST, and one to PROD).
  Then, you can configure your application to use JDBC datasources:
  1. Right-click you application module and select Configurations.
  2. Edit the configuration you want to use (if you don't have multiple configs, editing the default one is probably fine).
  3. Change the Connection Type to JDBC Datasource, and enter your datasource's "location" property.
  Note that, if you do this, you won't be able to run the application in JDev unless you also set up a datasource in your embedded server. That's a more complicated procedure, but I think there's a how-to document on it somewhere on OTN.

• How to browse ADF Application page by user

  Hi, i am ali & just i want to know, how to access ADF Application page by user through browser
  Edited by: user13367653 on Jan 17, 2012 5:20 AM

  Ali,
  Welcome to the forum. Please take a bit of time and tell us which jdev version you are using.
  It's helpful to read https://forums.oracle.com/forums/ann.jspa?annID=56 before posting.
  You question is not clear, so we can't relay answer it. Where would you like to access the adf application? On the integrated server or a stand alone server?
  Timo

• Mass ADF Application Deployment using JDeveloper

  I really hope there is a simple answer for this...
  I have a 'suite' of Oracle ADF applications (they use ADF Faces + ADF Business Components + JHeadstart technology) that I would like to mass-deploy / mass-redeploy to our Oracle Application Server 10g (10.1.3).
  What is the easiest solution that will let me just say "GO!" and thus deploy all 17 individual web applications to the server? For the longest time I have been just individually deploying each application through each individual WAR Deployment Profile (*.deploy) that each application has. Now, I need a less tedious way to perform this maintenance.
  Thanks.

  Hi,
  Are you using the ANT/JDev integration to do this? I've never tried it, but in the last part of the video http://www.oracle.com/technology/products/jdev/viewlets/1013/agile_development_viewlet_swf.html it seems like there are deployment tasks available in the integrated ANT with JDeveloper.
  Sorry I can't provide any specific insights - perhaps someone else has done this?
  John

• Deploying applications developed using Jdeveloper in IBM Web Sphere

  Hi
  I want to deploy the applications developed using jdeveloper on IBM Web Sphere. Pl suggest me the procedure
  Thanks
  Satya

  Refer
  Websphere 5.1 and ADF/UIX
  Websphere 5.1 and ADF/UIX

• How to run others application in Oracle Forms on the web version?

  How to run others application in Oracle Forms on the web version?

  Pang,
  guess that you want to start client side programs from Forms on the Web. There is a sample on OTN (host bean) that allow you to acces sthe client and start executables.
  Frank

• OAM Identity Asserter Provider Error:Unable to create the AccessGate entry

  Hi All,
  I have installed Oracle Access Manager and trying to protect an application deployed on weblogic application server.
  I have added the jar oamAuthnProvider in weblogic server lib mbeantypes and configured an OAM Identity Asserter Provider in myrealm. When I restart the weblogic server, I encounter the following error:
  <Error> <> <BEA-000000> <OAMAP-60516:Unableto create the AccessGate entry for identity assertion/authentication.>
  <Error> <Security> <BEA-090870> <The realm "myrealm" failed to be loaded: weblogic.security.service.SecurityServiceException
  : com.bea.common.engine.ServiceInitializationException: java.lang.RuntimeException.weblogic.security.service.SecurityServiceException: com.bea.common.engine.ServiceInitializationException: java.lang.RuntimeException
  When I remove the following section from config.xml, the server starts fine:
  <sec:authentication-provider xmlns:ext="http://www.bea.com/ns/weblogic/90/security/extension" xsi:type="ext:oam-identity-asserterType">
  <n1:name xmlns:n1="http://www.bea.com/ns/weblogic/90/security">OAMID</n1:name>
  <n2:control-flag xmlns:n2="http://www.bea.com/ns/weblogic/90/security">REQUIRED</n2:control-flag>
  <ext:access-gate-name>MYAPP</ext:access-gate-name>
  <ext:primary-access-server>AccessServer</ext:primary-access-server>
  <ext:application-domain>MYDOMAIN.com</ext:application-domain>
  <ext:access-gate-password-encrypted>{AES}P3UIYbQpYupPs=</ext:access-gate-password-encrypted>
  </sec:authentication-provider>
  Has anyone come across this error before? Please suggest a workaround..
  Software versions being used:
  OAM 10.1.4.3
  Weblogic: 10.3.2
  Thanks
  Joe

  I am having the same problem on my WLS 10.3.4. running OSB 11g. I get the following error:
  tuning)'> <<WLS Kernel>> <> <> <1296595010528> <BEA-000000> <OAMAP-60516:Unable to create the AccessGate entry for identity assertion/authentication.>
  ####<Feb 1, 2011 1:16:50 PM PST> <Info> <Security> <WD-OR14P5A5W624> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <> <1296595010528> <BEA-090511> <The following exception has occurred:
  com.bea.common.engine.ServiceInitializationException: java.lang.RuntimeException
       at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:365)
       at com.bea.common.engine.internal.ServiceEngineImpl.findOrStartService(ServiceEngineImpl.java:315)
       at com.bea.common.engine.internal.ServiceEngineImpl.lookupService(ServiceEngineImpl.java:257)
       at com.bea.common.engine.internal.ServicesImpl.getService(ServicesImpl.java:72)
       at weblogic.security.service.internal.WLSIdentityServiceImpl.initialize(WLSIdentityServiceImpl.java:47)
       at weblogic.security.service.CSSWLSDelegateImpl.initializeServiceEngine(CSSWLSDelegateImpl.java:300)
       at weblogic.security.service.CSSWLSDelegateImpl.initialize(CSSWLSDelegateImpl.java:222)
       at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.InitializeServiceEngine(CommonSecurityServiceManagerDelegateImpl.java:1784)
       at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealm(CommonSecurityServiceManagerDelegateImpl.java:445)
       at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.loadRealm(CommonSecurityServiceManagerDelegateImpl.java:840)
       at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initializeRealms(CommonSecurityServiceManagerDelegateImpl.java:870)
       at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1030)
       at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:881)
       at weblogic.security.SecurityService.start(SecurityService.java:142)
       at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  I looked the error number up and it says:
  OAMAP-60516: Unable to create the AccessGate entry for identity assertion/authentication.
  Cause: AccessGate instance creation failed.
  Action: See the Identity Asserter/Authenticator log for details.
  Level: 1
  Type: ERROR
  Impact: Configuration
  This seems to indication my identity assertion is incorrect. My oam authentication provider is pretty simple.
  I am using OPEN transport security so the provider config is pretty simple. I provided an AccessGate pwd, primary and secondary access gate servers and Access Gate name provided by my administrator.
  I'm not sure about what the Application Domain field refers to. Can someone provide guidance on that?

• How to deploy ADF applications in Oracle apps

  Hi,
  I just gone thru demos on ADF rich client applications using jdeveloper 11g.My doubt is how to deploy and use these from oracle apps.Is ADF supported in R12.If yes then could anybody provide me steps to deploy code at unix file system and how to create form functions for accessing jspx pages?
  I know that in OAF, we can deploy server components at $OA_java and PG.xml files using xml importer and we can create form functions for PG.xml files.Similarly what are the steps to deploy and access ADF applications thru oracle apps.
  Thanks,
  ashok

  ADF Rich Client Components need a newer server than the one that comes with Apps R12.
  So what you'll need to do is have a separate WebLogic 10.3 server where you deploy the ADF Rich Client Applications.
  You can call them from your Apps by customizing your current apps and adding a button or link that just calls the URL where your ADF apps are.

• How to configure JMS-Server to use username and password

  Hi
  Maybe this is a real stupid question, but please help me, I'm not very experienced using JMS:
  I'm using JMS (provided by OC4J / Application Server 10.1.3). I configured a ConnectionFactory (without username and password) and a Queue and there is also a application, which successfully opens the JMS-Connections.
  This works well as long as I do not provide a username und password in the ConnectionFactory (EnterpriseManager: OC4J/Admin/Services/JMS-provider...). If I do this, my application terminates with the following stacktrace:
  javax.jms.JMSSecurityException: JMSServer[aplora2:12602]: failed to authenticate "myuser/mypassword", no such user.
       at com.evermind.server.jms.JMSUtils.make(JMSUtils.java:1034)
       at com.evermind.server.jms.JMSUtils.toJMSSecurityException(JMSUtils.java:1090)
       at com.evermind.server.jms.JMSServer.getJMSServer(JMSServer.java:1237)
       at com.evermind.server.jms.JMSServer.getJMSServer(JMSServer.java:1213)
       at com.evermind.server.jms.InContainerProxy.getJMSServer(InContainerProxy.java:93)
       at com.evermind.server.jms.EvermindConnection.<init>(EvermindConnection.java:103)
       at com.evermind.server.jms.EvermindQueueConnection.<init>(EvermindQueueConnection.java:62)
       at com.evermind.server.jms.EvermindQueueConnectionFactory.unprivileged_createQueueConnection(EvermindQueueConnectionFactory.java:98)
       at com.evermind.server.jms.EvermindQueueConnectionFactory.access$000(EvermindQueueConnectionFactory.java:42)
       at com.evermind.server.jms.EvermindQueueConnectionFactory$1.execute(EvermindQueueConnectionFactory.java:78)
       at com.evermind.server.jms.InContainerProxy.doSecureOp(InContainerProxy.java:157)
       at com.evermind.server.jms.EvermindQueueConnectionFactory.createQueueConnection(EvermindQueueConnectionFactory.java:75)
       at com.evermind.server.jms.EvermindQueueConnectionFactory.createQueueConnection(EvermindQueueConnectionFactory.java:66)
       at sam.model.messages.MessageManager.<init>(MessageManager.java:74)
  where "myuser" and "mypassword" are the username and password I entered in the ConnectionFactory. (My Application certainly uses the same username and password)
  I expected, that by entering username and password here I would configure my Queue to be protected by them. But obviously there are some very basic things I didn't understand. Can anyone give me a hint, how I can protect the (OC4J-) JMS-Server or the Queue by username and password?
  Thanks for your help
  Frank Brandstetter

  Hey Frank -
  Assuming you've set up users in the "Security Manager" for your application, you can specify what JNDI resources they can "read" (and thus also connect to) via the orion-application.xml file. Look at the following snippet from the orion-application.xml file:
       <namespace-access>
  <read-access>
  <namespace-resource root="jms/firstQueue">
  <security-role-mapping impliesAll="false" name="jmsSecurity">
  <user name="scooter"/>
  </security-role-mapping>
  </namespace-resource>
  </read-access>
  <read-access>
  <namespace-resource root="delme">
  <security-role-mapping impliesAll="false" name="jmsSecurity">
  <group name="messagingUsers"/>
  </security-role-mapping>
  </namespace-resource>
  </read-access>
  </namespace-access>
  This would say that only the user "scooter" that you've set up would have access to the Queue whose JNDI name begins with jms/firstQueue. Anyone you've set up and added to a messagingUsers group would have access to any Queues whose JNDI name begins with "delme". (I'm honestly not sure what exactly this line does: <security-role-mapping impliesAll="false" name="jmsSecurity">)
  This is the only way I've found to limit access to a particular Queue.
  HTH.
  Scott

• Configuring ADF Security to use LDAP

  HI All
  We are building an application which is secured using SSO authentication. We have an LDAP setup for this.
  During development, we wanted to configure LDAP in ADF Security Wizard in Jdeveloper for authentication. I tried the following in ADF Security Wizard in the 10 steps of the wizard:
  1) Configure ADF for Web Application, enforce Authorization
  2) Enable Credential Store
  3) No Policy Store
  4) LDAP Identity Store
  5) Enter LDAP credentials, LdAp URL, user base
  6) No Anonymous Provider
  7) Did not select any login module
  8) Form Based Authentication, generate default
  9) Added pages that need to be secured
  10) Finish
  The login page is rendered whenever i try to access a protected page. But when I enter the LDAP user credentials for login, it does not work. It says "You are not authorized to view this page".
  Is there anything missing in the setup that is causing the issue. Any pointers on this would be helpful.
  Thanks
  Srinidhi.

  Hi,
  note that there don't exist documentation for configuring ADF Security in JDeveloper 11 with LDAP. In general, ADF Security in JDeveloper 11 is not yet ready for SSO and LDAP testings and still is under development. Note that LDAP authentication - as container managed authentication - is configured in the jps-config.xml file of the deployed application. However, as said, its not documented and would be just too much at this point to put into a forum answer
  Frank

• How to protect ADF Application Source code

  Hi,
  There is an ADF Application which needs to be given to a client. The client will deploy the application.
  How do i protect the source code giving to the someone from the ADF application. ?

  An ear file don't need to contain java source files, but is can.
  Sure you can create an ear without the source files. You define what goes into the ear yourself (source files are normally not included). The deployment descriptor you used to create the ear defines what file (contributors) are in the ear. Check the applications deployment descriptor and change it in a way that the sources are not included.
  Timo

• How to merge ADF Applications

  Hi everybody,
  I have 3 separated ADF little applications which I'd like to merge into one.
  What are the best practises to do that?
  Thanks a lot for your help!
  Jose.

  You have multiple options. You can leave the applications as application and use a master application which shown the others inside e.g. an iframe. This is called Pillar architecture. However, you have to implement SSO as the user otherwise needs to logon into each application again. Then you have to think about the state of the applications and how to handle e.g. uncommited data.
  Another way would be to create adflibs from the model projects and the view controller projects. If the applications UI is implemented mostly in task flows the resulting adflibs are reusable in your master application. This is Shay's approach. The architechutre behind this would be 'sum of the parts'.
  Timo
  Message was edited by: TimoHahn
  Forgot the merge the code into one application option. If your apps are really small you might think about this too. Merging the model projects is simple if you had used different class path. Merging the UI can be a challange as the pagedef and other meta data can't be copied. You have to do this by hand (or  rebind all components).
  Timo

• Configure service application associations using PowerShell

  Hi all,
  I have configured my service applications with PowerShell scripts and created a new web applications (also with PowerShell scripts).
  However, I don't seem to find the necessary information on how to configure the service application to be used by this new web application using PowerShell cmdlets.
  Any idea on how to do this?
  Thanks in advance,
  Florin

  What you're describing is called a Proxy Group. You add Service Application Proxies to the Service Application Proxy Group, and that Proxy Group is assigned to the Web Application.
  Step 1:
  Use
  New-SPServiceApplicationProxyGroup
  Step 2:
  Add Service Application Proxies by adding Members via
  Add-SPServiceApplicationProxyGroupMember
  Step 3:
  Assign the Proxy Group to the Web Application via
  Set-SPWebApplication -ServiceApplicationProxyGroup
  Let us know if you need further help.
  Trevor Seward
  Follow or contact me at...
  &nbsp&nbsp
  This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

• How to configure MySQL to be used with J2EE 1.3.1 -- Very Very URGENT.

  Hi All,
  I have downloaded Sun's J2EE reference implementation 1.3.1. I want to use MySQL as my database instead of the default database Cloudscape that comes with J2EE SDK 1.3.1. Can any one help me configuring in doing the same.
  Thanks and regards,
  Venky.

  Hi! I had the same problem, too. I�m Brazilian and I�ve been learning the English language yet, but I�ll try to describe how to configure J2EE with MySQL.
  I am using MySQL version 4.1.7 with J2EE version 1.3 on Windows XP Professional. The driver version of MySQL is 3.0.16.
  You have to configure the following two files:
  - <J2EE_HOME>\bin\setenv.bat
  - <J2EE_HOME>\config\resource.properties
  Do the following steps:
  1) Copy the JAR file of MySQL driver (mysql-connector-java-3.0.16-ga-bin.jar) to <J2EE_HOME>\lib directory.
  2) In <J2EE_HOME>\bin directory open the setenv.bat file and analize the code. It is not hard to understand the code, it is just the classpath configuration of J2EE. After understand it, add a reference of MySQL driver (mysql-connector-java-3.0.16-ga-bin.jar), that was copied to <J2EE_HOME>\lib directory.
  3) Run the <J2EE_HOME>\bin\j2eeadmin.bat to configure the resource.properties file.There are two command lines to be executed, as below:
  - j2eeadmin.bat -addJdbcDriver <CLASS NAME OF THE DRIVER>
  - j2eeadmin.bat -addJdbcDatasource <JNDI NAME> <URL>
  For example:
  - j2eeadmin.bat -addJdbcDriver "com.mysql.jdbc.Driver"
  - j2eeadmin.bat -addJdbcDatasource "jdbc/mysql/test" "jdbc:mysql://localhost/test?user=username&password=pass"
  4) After run j2eeadmin.bat, the resource.properties file will be modified. But when I did it and when I executed the verbose command to start J2EE, some error messages was exhibited. So I decided to open the resource.properties file and I noticed that the character "\" was added erroneously in a lot of places of the code. It did not seem correct, so I decided to remove these characters replacing them. Bingo!!! After I did it, I run verbose again and no more message error ocurred. I think it is a bug of J2EE.
  Finish! I modified the datasource JNDI to access MySQL and then I run my EAR application. No problems occurred. My application is running succesfully.
  Good luck!