How to retrieve ADF security username in PL/SQL?

Similar Messages

• How to make adf security?

  Dear all
  How to make adf security?
  I am new adf security.
  I'm facing security issue. Now i need to secure me application (User, Group, Role etc...)
  Oracle recommend me use WebLogic internal LDAP or OID. How to manage User, Group, Role deploy after?
  Thanks Lhagva

  Hi,
  once you deployed an application, users and roles are no longer in the domain of ADF Security. So the administration is
  WLS console - if users and groups are in the WLS LDAP
  Identity Management - if users and roles are in OID, RDBMA, Active Directory etc.
  Enterprise Managers - to manage application roles and granting permissions or application roles to enterprise groups
  Frank

• How to use ADF Security policies in OID Ldap

  Hello
  My application uses ADF security policies created by Jdeveloper ADF Security Wizard and page definition Edit Authorization menu. The application runs as expected using file based system-jazn-data.xml. I used the JAZNMigrationTool in order to migrate XML based policies to LDAP based policies. LDIF file was generated by the tool and then using the LDAPModify command the file was uploaded to the OID. No errors were generated during this process.
  I used Oracle Directory Manager in order to examine the migration result, and compare the output to that described by
  Introduction to ADF Security in JDeveloper 10.1.3.2
  An Oracle JDeveloper Article
  Written by Frank Nimphius, Oracle Corporation
  February, 2007
  I was expecting to find Read, Update privileges in the orcljaznpermissionaction and the attribute name in the orcljaznpermissiontarget as shown in Fig 15 ADF security entry in OID.
  to narrow down the source of the issue, we examine the LDIF file, and there was no reference to these entries. Below is one example entry from the LDIF file
  dn: orclguid=EF37EAA603C611DDBFAE635A1BB60EE0,cn=Permissions,cn=Policy,cn=JAZNContext,cn=Products,cn=OracleContext,dc=realsoft,dc=com
  changetype: add
  objectclass: orcljaznpermission
  objectclass: groupofuniquenames
  objectclass: top
  cn: EF37EAA603C611DDBFAE635A1BB60EE0
  orclGuid: EF37EAA603C611DDBFAE635A1BB60EE0
  orcljaznjavaclass: java.security.UnresolvedPermission
  orcljaznpermissiontarget: oracle.adf.share.security.authorization.AttributePermission
  orcljaznpermissionactions:
  uniquemember: orclguid=EF37EAA203C611DDBFAE635A1BB60EE0,cn=Grantees,cn=Policy,cn=JAZNContext,cn=Products,cn=OracleContext,dc=realsoft,dc=com
  Note that the orcljazpermissionactions is empty and orcljaznpermissiontarget does not really specify the actual attribute name.
  The system-jazn-data.xml includes all entries correctly.
  rgds

  Eurika
  finally solved,
  runing the JAZNMigrationTool requires setting the correct classpath,
  Setting the classpath to the following
  C:\>Set CLASSPATH=d:\jdevstudio10132\j2ee\home\jazn.jar
  allows you to run the Jaznmigrationtool successfully, however you will find that the generated LDIF file does not include the premission actions (Read, Update ...)
  if however, you add the adfshare.jar to the classpath
  C:\>Set CLASSPATH=d:\jdevstudio10132\j2ee\home\jazn.jar;d:\jdevstudio10132\BC4J\lib\adfshare.jar
  now the tool will migrate the permission policies , the following shows an extract from the LDIF file
  dn: orclguid=A5E662E204D411DDBF8807BC4864C5C2,cn=Permissions,cn=Policy,cn=JAZNContext,cn=Products,cn=OracleContext,dc=realsoft,dc=com
  changetype: add
  objectclass: orcljaznpermission
  objectclass: groupofuniquenames
  objectclass: top
  cn: A5E662E204D411DDBF8807BC4864C5C2
  orclGuid: A5E662E204D411DDBF8807BC4864C5C2
  orcljaznjavaclass: oracle.adf.share.security.authorization.AttributePermission
  orcljaznpermissiontarget: AppModuleDataControl.VRoleAuthorrizationsView1.RanDateTo
  orcljaznpermissionactions: read,update
  uniquemember: orclguid=A5E662E104D411DDBF8807BC4864C5C2,cn=Grantees,cn=Policy,cn=JAZNContext,cn=Products,cn=OracleContext,dc=realsoft,dc=com
  Ammar Sajdi
  www.e-ammar.com/Oracle.html

• How to retrieve Data from SAP BW to  SQL

  Hi All,
  i am looking for way to retrieve Data from SAP BW to SQL.
  Could you please give me some indcations or a document on how to implement it?
  Thanks in advance
  Cheers
  Gilo

  Hi,
  You need to use open hub destination. third party tool destination for SQL
  SAP BW TO SQL -- Extraction to the third-party tool can be executed as follows:
         1.      You define an open hub destination with Third-Party Tool as the destination type.
         2.      You create an RFC destination for your third-party tool and enter it in the definition of the open hub destination.
         3.      You use API RSB_API_OHS_DEST_SETPARAMS to define the parameters for the third-party tool that are required for the extraction.
         4.      You either start extraction immediately or include it in a process chain. You can also start this process chain from the third-party tool using process chain API RSPC_API_CHAIN_START. The extraction process then writes the data to a database table in the BI system.
         5.      When the extraction process is finished, the system sends a notification to the third-party tool using API RSB_API_OHS_3RDPARTY_NOTIFY.
         6.      The extracted data is read by API RSB_API_OHS_DEST_READ_DATA.
         7.      The status of the extraction is transferred to the monitor by API RSB_API_OHS_REQUEST_SETSTATUS.

• How to retrieve BASIC-auth username value when using JDBCRealm constraint?

  I have a web application that uses a JDBCRealm security constraint configured as thus in my server.xml and web.xml for the context:
  http://pastebin.ca/41635 (pastebin'ed to be brief)
  After a user enters their BASIC credentials, how can I retrieve the username they logged in with?
  For example, I have in mind something like this that I want to display in my JSP in the application:
  Welcome back, <% out.print(request.getAuthUsername()); %>!
  But there doesn't seem to be a ServletRequest method in the API to get this information.
  Is this possible?

  Answer:
  <c:out value="${pageContext.request.remoteUser}"/>

• Please can someone tell me how to retrieve my security question??

  forgot my security question answer what I do now?

  How to reset your Apple ID security questions
  Go to appleid.apple.com and click on the blue button that says 'Manage Your Apple ID'.
  Log in with your Apple ID and password. If you have forgotten your Apple ID password, go to iforgot.apple.com first to reset your password with a password recovery email.
  Go to the Password & Security section on the left side, and click on the link underneath the security questions that says 'Forgot your answers? Send reset security info email to [email]'.  This will generate an automated e-mail that will allow you to reset your security questions. 
  If that doesn't work, or  there is no rescue email link available, then:
  click on 'Temporary Support PIN' that is in the bottom left side, and generate a 4-digit PIN for the Apple Account Security Advisor you will be contacting later. 
  Next, go to getsupport.apple.com. If you see a message that says 'There are no products registered to this Apple ID, simply click on 'See all products and services'.
  Choose 'More Products & Services', then 'Apple ID'.
  A new page will open.  Choose 'Other Apple ID Topics', then 'Forgotten Apple ID Security Questions'.
  Click the blue 'Continue' button.
  Select the contact option that suits your needs best.
  The above information quoted with gratitude from TJBUSMC1973, another user in these forums.
  Forum Tip: Since you're new here, you've probably not discovered the Search feature available on every Communities page, but next time, it might save you time (and everyone else from having to answer the same question multiple times) if you search a couple of ways for a topic, both in the relevant forums and in the Apple Knowledge Base before you post a question.
  Regards.

• HT5312 how to retrieve my security answers

  I forgot my security answers. Is there a SIMPLE WAY to retrieve them?

  You need to contact Apple, either through the link in that article or by phoning them.
  (77932)

• Q: How to retrieve the current URL with PL/SQL

  I've got a pair of dynamic page portlets on a page. The first is simply an input text box and a submit button, the second is an inventory 'report' based on what is entered in the text box. When a value is entered and the button pressed, there is javascript behind the button that takes the current URL, adds '&ITEM=XXXXXXXX' (removing it first if this is not the first invocation of the page), and redirects to the new page.
  The second portlet uses the &ITEM parm to list a bill of materials for the item. If one of the items possesses a sub-assembly, I want to display the item# in an <a href= manner to make it so the user can simply click on the link to see the BOM of the subassembly.
  To do this, I believe I need to capture the current url and modify it as required to pass the new &ITEM value. I'm having a lot of trouble trying to figure out how to get the current page url. Any help would be greatly appreciated!
  Geoff

  Hello
  I have a similar problem I have developed a pl/sql portlet and put it into a page, this portlets display a dynamic page. This dynamic page have a search functionality, what I am trying to do is that when I click the search button on the dynamic page it recall the whole page and pass the paremeter that the user wrote on the search box, then the portlet that contains the dynamic page recieve the parameter and recall the dynamic page with the parameter that was received. The problem that I have is that the portlet receive the parameter but when I pass the parameter to the dynamic page it doesn't get it. This is the way the I am calling the dynamic page inside my portlet into the show procedure:
  EXECUTE IMMEDIATE
  'begin
  APP_NAME.PG_DYN_DIR_ALFABETICO.show (
  p_arg_names => PORTAL30.wwv_standard_util.string_to_table2(''url_page'',''search_param''),
  p_arg_values => PORTAL30.wwv_standard_util.string_to_table2(:1,:2));
  end;'
  using url_pg,p_text1;
  The dynamic page receive the first parameter(url_page) but not the second one(p_text1), I have checked that the p_text1 has a value on my portlet before I send it to the dynamic page so I really don't understand why my dynamic page doesn't work.
  Please HELP ME. I am desperate
  Ana Lasprilla

• How to retrieve the current User using PL_/SQL code?

  Hi,
  How can find the current logged user within a Dynamic Page using PL/SQL code?
  Thanks.

  Hi,
  There is a function wwctx_api.get_user which returns the logged in user. You can use this in your plsql code.
  Thanks,
  Sharmila

• HT5312 How to I retrieve my security question answers

  How to retrieve my security question answers

  well if you dont remember them, you can always call apple care so that they can  help you reset them after verifying your ownership of the account

• HT5787 How to retrieve security answer

  I have tried to find how i can retrieve my security answers but i can not find how to do it. Please advice me how to retrieve my security question which i dont remember now.

  You need to ask Apple to reset your security questions; ways of contacting them include clicking here and picking a method for your country, phoning AppleCare and asking for the Account Security team, and filling out and submitting this form.
  (98774)

• ADF Security Design Question

  Hi All,
  I am developing an ADF web application. The security design is such that user authentication is mapped to database users. The design I see several pros and cons
  1) Different database users means I cannot take advantage of connection pooling.
  2) The architect argues SQL querying can be controlled at database level for each user.
  I have never been involved in such a web application. Can anybody please guide me if this is the way to go for ADF web application, any other pros and cons. The database is Oracle 11g. I still believe that application security should not be tied to the database security.
  Worst case if I have to go with this design, How to implement ADF security using database users.
  Thanks

  I blogged a use case for using Proxy Authentication with JPA here http://blogs.oracle.com/olaf/2010/04/using_oracle_proxy_authenticat.html. (Being a sample it includes a setter for user name, but a case with a JAAS Subject and Principal is easily adaptable).
  I'll dig out an ADF BC example and blog about it, too.
  --olaf                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

• How to integrate a SSO based in cookie with ADF Security

  At work they asked me to integrate a existing SSO based in cookie with the new ADF + Jdeveloper 11g + WLS. After google for days and read a lot of blogs and official documentation I've made a custom LoginModule. I made it very simple, it's just an "if" inside the login() function with the username, if the username is "john" I put to the Subject some Principals. My steps are:
  1- Create a new app based on "Fusion application" template.
  2- Make a new ADF Taskflow with only one view inside (the entry point of the taskflow). The jspx only contains a welcome message.
  3- Run the ADF Security wizard, all the steps with the default option, I don't change anything.
  4- Put some users and some roles in jazn-data.xml, and maping them to an application role. Then I grant permissions to the application role to view the previous task flow.
  At this point everything is ok. I run the taskflow and a basic login popup prompts me to write my username and password. Now I try to remove everything useless for me, like idstore, credentials, anonymous, etc. I only want a LoginModule that get the HttpRequest and passes it to an already done class that returns a true/false depending if the cookie is correct or not but, as I said before, my LoginModule is so simple now and even didn't try to do something more complicated than an if. The steps I try are:
  in jps-config.xml
  5- Remove idstore.xml and credentials.
  6- (loginmodule tab) Make a new login module, and put here my class. The class is in the ViewController project and JDeveloper find it navigating through the heriarchy, so I have visibility. I put REQUIRE flag, add all roles and debug mode.
  7- In the security context unmark the idstore.loginmodule and mark myLoginModule. Also delete the anonymous security context.
  All that I got until now is a 500 error (Internal server error - Authorization Exception). Sometimes (the close i've ever been to do something correct) the browser ask me for user/password but then only recognizes the users that already are in WLS (idstore from previous tests), but NOT the "john" user that is inside my custom LoginModule. Even more, if I run the WLS from JDeveloper 11g in debug mode, the runtime never stops at breakpoints inside my custom login module. It seems that my LoginModule isn't deployed or I made some error maping the roles.
  So, my questions are:
  - I'm in the good way? If I want an authentication based in cookie/httprequest I have to do a custom LoginModule? My goal is to do a re-usable code, and re-use the code that my co-workers have done. They have a class that with only the HttpRequest determines if a user is logged or not.
  - If I'm in the good way... how can I put my custom LoginModule in the WLS? I tried to search something in the Administration Panel (localhost:7101/console) but I did'nt find nothing.
  - In case I'd got the custom LoginModule working fine in WLS... how can I get a HttpRequest from a LoginModule and avoid the username/password dialog? I've to make a filter and pass it to the my LoginModule? If it's correct... how?
  I don't post my code because is so simple, it's based on DBTableLoginModule but without all the database access code.
  Thanks to all!
  P.D.: If this message isn't in the correct forum, I'm sorry. Feel free to move it.
  P.D.2: Sorry about my english, I'm spanish. I know i've to practise a lot :)

  Hi Frank,
  Thanks a lot for your answer. Just one more easy question: what I need to do is a custom Authentication Module (which will read the cookie)? If only you can point me to the correct chapter of the WLS documentation I'll be very pleased.
  In future releases of JDeveloper will be easier to do this kind of things related to security?
  Riveck

• How to handle multiple SSO in ADF Security Framework

  Hello All,
  I have a question about ADF security with multiple SSO provider.
  What I am trying to achieve:
  Assume there are SSO provider A, B and C. Each provider will grant a different role to the ADF application (A grant Admin, B grant Business Manager, C grant Configuration Manager). Sign out from the ADF application will log all the SSO out at the same time.
  What I know:
  Each SSO will need to have information about the role it provides. I will also need to write code like the following: (modified from an old answer from Frank Nimphius before)
      try {
          IdentityStore idstore = JpsCommonUtil.getValidIdStore("idstore.xml.provider").getIdmStore(); //Need to get the specific IDM store based on the SSO the user is using.
          try {
              UserManager userManager = idstore.getUserManager();
              RoleManager roleManager = idstore.getRoleManager();
              Role role = idstore.searchRole(Role.SCOPE_APPLICATION,idmRole); //Again, idmRole based on which SSO the user is using.
                  // create user
                  //TODO check for empty username and password
                  User user = userManager.getUser(SecurityContext.getUserName()); //the user may already login from another SSO.
                  if (user == null)
                      user = userManager.createUser(this.username,this.password.toCharArray());
                  roleManager.grantRole(role,user.getPrincipal());
              } catch (IMException e) {
                  // TODO
          } catch (JpsException e) {
              // TODO
          return null;
  }Also a logout code like this
        doLogout()
           if(A) logoutFromA(user);
           if(B) logoutFromB(user);
           if(C) logoutFromC(user);
        } My Question:
  Would the code above handle what I described? Also, how do I set the SecurityContext for ADF security - Or the grantRole automatically does that for me?

  Hello Sudipto,
  Yeah, I had watched that tutorial, it is pretty helpful on getting 1 SSO working with the ADF security.
  I am confused when there is multiple provider - do I setup the web gate so that "http://myapp:7777/LoginViaA" point to SSO Provider A, "http://myapp:7777/LoginViaB" point to SSO Provider B and so forth? **Note: the login/username can be different on different SSO provider.
  In that case, I will still need to set the value in SecurityContext to say "This current user login as [email protected] via SSO A and [email protected] via SSO B", or is there some other way to handle this?
  Thanks,
  Louis

• How to retrieve WorkflowContext without passing username and password ?

  Hi,
  I have created a dynamic ApprovalGroup and inside this class i have the following private method.
  private IWorkflowContext fetchWorkflowContext() {
            IWorkflowServiceClient wfSvcClient =
                 WorkflowServiceClientFactory.getWorkflowServiceClient(WorkflowServiceClientFactory.LOCAL_CLIENT);
            ITaskQueryService queryService = wfSvcClient.getTaskQueryService();
            IWorkflowContext workflowContext;
            try {
                 workflowContext =queryService.authenticate("weblogic", "weblogic1".toCharArray(), null);
                 } catch (WorkflowException e) {
                 e.printStackTrace();
  But when i retrieve workflowContext, I have to pass username and password.As this dynamic ApprovalGroup class will be deployed on the same SOA server under D:\Oracle\Middleware111150\Oracle_SOA1\soa\modules\oracle.soa.ext_11.1.1
  I have kept wf_client_config.xml under D:\Oracle\Middleware111150\Oracle_SOA1\soa\modules\oracle.soa.ext_11.1.1\classes.
  <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
  <workflowServicesClientConfiguration
  xmlns="http://xmlns.oracle.com/bpel/services/client">
       <server name="default" default="true" excludeFromFederatedList="true">
       <localClient>
            <participateInClientTransaction>false</participateInClientTransaction>
       </localClient>
       <remoteClient>
            <serverURL>t3://localhost:8001</serverURL>
            <userName>weblogic</userName>
  <password>weblogic1</password>
            <initialContextFactory>weblogic.jndi.WLInitialContextFactory</initialContextFactory>
            <participateInClientTransaction>false</participateInClientTransaction>
       </remoteClient>
       <soapClient>
            <rootEndPointURL>t3://localhost:8001</rootEndPointURL>
            <identityPropagation mode="dynamic" type="saml">
                 <policy-references>
                 <policy-reference enabled="true" category="security" uri="oracle/wss10_saml_token_client_policy"/>
                 </policy-references>
            </identityPropagation>
       </soapClient>
       </server>
  </workflowServicesClientConfiguration>
  How to retrieve WorkflowContext without passing username and password ?
  ============================
  workflowContext =queryService.authenticate("weblogic", "weblogic1".toCharArray(), null);
  ============================
  regards.
  Edited by: user10303338 on Oct 5, 2011 1:51 AM

  Use :
  Properties prop = System.getProperties();
  prop.put("proxySet","true");
  prop.put("http.proxyHost","yourProxy");
  prop.put("http.proxyPort","8080"); // change the port
  //prop.put("https.proxyHost","yourProxy");
  //prop.put("https.proxyPort","8080"); // change the port
  Denis