Is Secure ADF application refer javacache.xml

Similar Messages

• How to deploy Secure ADF applications w/o Fusion Middleware Control

  Just got the team upgraded to the new JDeveloper 11.1.1.1.0 and things have come to a halt because we can't deploy to our test servers.
  The previous process from OTN for 11.1.1.0.2 doesn't seem to work anymore.
  http://www.oracle.com/technology/products/jdev/tips/muench/credmig111100/index.html
  The new on-line docs say the way to deploy Secure ADF Application is either Fusion Middleware Control or WLST command. The instructions for the FMC are there, but not the WLST. (See section 7.2 http://download.oracle.com/docs/cd/E12839_01/core.1111/e10043/addlsecfea.htm#CFHFAIGE)
  Is there a new documented set of instructions for deploying a Secure ADF Application using WLST????
  rodger....
  Edited by: rodger63 on Aug 17, 2009 3:21 PM
  Edited by: rodger63 on Aug 17, 2009 3:22 PM

  Rodger, I'd be interested in hearing any answers you come up with please. If you could post your findings here it would be appreciated.
  Regards,
  CM.

• 10.1.3.4 securing ADF application

  We have created 2 simple ADF based jsps. I want to secure them so that users are authenticated against our Ms Active Directory and based on their group membership they get access to 1 or both pages.
  I tried the examples under http://www.oracle.com/technology/products/jdev/howtos/1013/adfsecurity/adfsecurity_10132.html, but i can make it work using file based jazn provider. I am not sure how to make it work against external LDAP like AD. any idea what needs to be done for setting up security using this option ?
  I also tried another example based on the 3rdPartyLDAP example in metalink. There i am getting a little further, I am getting the login page (I am using FORM based auth) and seems to authenticate against my LDAP, but instead of taking me to the page I am trying to go to, it gives me a 404 and the url is .../faces/j_security_check. If i type in the url again in the browser window, the page is displayed.
  any idea how I can achieve this ? the first example seems more relevant since it gives me the facilities to control the access between pages. But its not clear what is required to make it work against external LDAP.

  Ok try this link
  first
  http://technology.amis.nl/blog/1426/implement-jaas-based-authentication-and-authorization-for-adf-faces-applications-on-oc4j-1013
  After you do this try this
  http://technology.amis.nl/blog/1462/create-a-webapplication-secured-with-custom-jaas-database-loginmodule-deploy-on-jdeveloper-1013-embedded-oc4j-stand-alone-oc4j-and-opmn-managed-oc4j-10g-as
  Regards
  rohit

• Deploying ADF application to a managed weblogic server - ADF security error

  Hi,
  Our group has written an ADF web application, which we are attempting to deploy to a managed weblogic server. Thus far, we have been unsuccessful. The application does successfully deploy to the AdminServer. Our setup:
  Weblogic version is 10.3.0. Domain name is adf_domain. We have installed the ADF (ADF version is 11.1.1.0.0), JSTL(1.2.0.1), and JSF(1.2.7.1) runtime libraries, and they are targeted to both the admin server AND the managed server, which is called CollabServer. This server communicates with the node manager and can be started and stopped via the admin console successfully. The AdminServer is on port 7101, and the CollabServer is on port 7104. We are not using SSL.
  application.xml:
  <?xml version = '1.0' encoding = 'windows-1252'?>
  <application xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/application_5.xsd"
  version="5" xmlns="http://java.sun.com/xml/ns/javaee">
  <display-name>OracleRetailCollaboration</display-name>
  <module>
  <web>
  <web-uri>orc.war</web-uri>
  <context-root>orc</context-root>
  </web>
  </module>
  </application>
  weblogic-application.xml (as taken from the ear file):
  <?xml version = '1.0' encoding = 'windows-1252'?>
  <weblogic-application xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.bea.com/ns/weblogic/weblogic-application.xsd" xmln
  s="http://www.bea.com/ns/weblogic/weblogic-application">
  <listener>
  <listener-class>oracle.security.jps.wls.listeners.JpsApplicationLifecycleListener</listener-class>
  </listener>
  <library-ref>
  <library-name>adf.oracle.domain</library-name>
  </library-ref>
  </weblogic-application>
  weblogic.xml (as taken from the war file):
  <?xml version = '1.0' encoding = 'UTF-8'?>
  <weblogic-web-app xmlns="http://www.bea.com/ns/weblogic/weblogic-web-app" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://ww
  w.bea.com/ns/weblogic/weblogic-web-app http://www.bea.com/ns/weblogic/weblogic-web-app/1.0/weblogic-web-app.xsd">
  <container-descriptor>
  <prefer-web-inf-classes>true</prefer-web-inf-classes>
  </container-descriptor>
  <security-role-assignment>
  <role-name>valid-users</role-name>
  <principal-name>users</principal-name>
  </security-role-assignment>
  <library-ref>
  <library-name>jstl</library-name>
  <specification-version>1.2</specification-version>
  </library-ref>
  <library-ref>
  <library-name>jsf</library-name>
  <specification-version>1.2</specification-version>
  </library-ref>
  </weblogic-web-app>
  As I said, there are no deployment errors when we deploy to the admin server. However, we always see the following errors when deploying to the managed server:
  java.lang.ClassNotFoundException: oracle.security.jps.wls.listeners.JpsApplicationLifecycleListener
  etc.
  This error occurs when deploying via the <wldeploy> ant task included with weblogic, and when deploying the application manually via the admin console.
  So I removed this from weblogic-application.xml:
  <listener>
  <listener-class>oracle.security.jps.wls.listeners.JpsApplicationLifecycleListener</listener-class>
  </listener>
  Which resolved the initial error (I assume there is some sort of bug that causes this workaround to be necessary). The next error is this:
  java.lang.ClassNotFoundException: oracle.adf.share.security.authentication.AuthenticationServlet
  Again, we don't get this error when deploying to the AdminServer - ONLY the managed server CollabServer.
  web.xml:
  <servlet>
  <servlet-name>adfAuthentication</servlet-name>
  <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
  <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet-mapping>
  <servlet-name>adfAuthentication</servlet-name>
  <url-pattern>/adfAuthentication/*</url-pattern>
  </servlet-mapping>
  I then added some adf jar files to the ear file, finally get this error message:
  java.lang.ClassNotFoundException: oracle.adf.share.jsp.ADFLibUtils
  Any ideas on how to resolve this? Thanks.
  Edited by: user10451099 on Apr 15, 2009 12:10 PM

  Dan,
  thanks fro reminding me :-)
  Here are the steps we had to take to get a managed WLS to run an adf application without copying any jar in the domain/lib directory:
  1. you still have to install the adf runtime to any server you want the adf application to deploy to
  2. open the admin console, select the managed server, and select the 'server start' tab in configutation settings.
  3. add /u01/bea/patch_wls1030/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/u01/bea/patch_jdev1111/profiles/default/sys_manifest_classpath/weblogic_patch.jar:
  /u01/bea/patch_cie660/profiles/default/sys_manifest_classpath/weblogic_patch.jar:/u01/bea/jrockit_160_05/lib/tools.jar:/u01/bea/wlserver_103/server/lib/weblogic_sp.jar:
  /u01/bea/wlserver_103/server/lib/weblogic.jar:/u01/bea/modules/features/weblogic.server.modules_10.3.0.0.jar:/u01/bea/wlserver_103/server/lib/webservices.jar:
  /u01/bea/modules/org.apache.ant_1.6.5/lib/ant-all.jar:/u01/bea/modules/net.sf.antcontrib_1.0.0.0_1-0b2/lib/ant-contrib.jar:/u01/bea/jdeveloper/modules/features/adf.share_11.1.1.jar:
  /u01/bea/wlserver_103/common/eval/pointbase/lib/pbclient57.jar:/u01/bea/wlserver_103/server/lib/xqrl.jar:
  /u01/bea/patch_wls1030/profiles/default/sysext_manifest_classpath/weblogic_ext_patch.jar to the classpath edit box you have to change '/u01/bea/' with your bea home. The classpath should be on one line without the CR/LF i put in to make it readable.
  4. add -Xms256m -Xmx512m -da -Dplatform.home=/u01/bea/wlserver_103 -Dwls.home=/u01/bea/wlserver_103/server -Dweblogic.home=/u01/bea/wlserver_103/server
  -Ddomain.home=/u01/bea/user_projects/domains/naa_qs -Doracle.home=/u01/bea/jdeveloper -Doracle.security.jps.config=/u01/bea/user_projects/domains/naa_qs/config/oracle/jps-config.xml
  -Doracle.dms.context=OFF -Djava.protocol.handler.pkgs=oracle.mds.net.protocol -Dweblogic.management.discover=false -Dweblogic.management.server=http://localhost:7001
  -Dwlw.iterativeDev=false -Dwlw.testConsole=false -Dwlw.logErrorsToConsole=
  -Dweblogic.ext.dirs=/u01/bea/patch_wls1030/profiles/default/sysext_manifest_classpath:/u01/bea/patch_jdev1111/profiles/default/sysext_manifest_classpath:/u01/bea/patch_cie660/profiles/default/sysext_manifest_classpath
  -Dweblogic.management.username=weblogic -Dweblogic.management.password=******** -Dweblogic.Name=GESTIS_QS
  -Djava.security.policy=/u01/bea/wlserver_103/server/lib/weblogic.policy to the 'Arguments' edit box. As with the calsspath change '/u01/bea' to your bea home and change the domain name (in our case 'naa_qs') to your domain name. change the managementuser and passwort to your needs. As whith the classpath I put some CR/LF into the code section to make it readable.
  5. save the changes and restart the server
  Essentially all we copied the arguments from the admin server start script in addition to adding the class path.
  Timo

• How to configure ADF application to use OAM Identity Assertion ? web.xml

  We have a web application developed using ADF (application development framework) and deployed on WebCenter 11.1.1.2 (weblogic 10.3.2)
  OID Authentication and OAM identity assertion is configured in WebLogic 10.3.2 .
  How to configure security in ADF application (web.xml or weblogic.xml) so that it uses OAM identity assertion (already configured as authentication providers in weblogic server)
  Any pointers or documentation so that application (developed using ADF) check for identity tocken and verifies it with one of identity assertion providers.

  John,
  I have to concur. With OAM you don't need this. OAM intercepts the calls and inserts a cookie for WLS to get user information from.
  I strongly advise to go through the above mention OFM Security Guide. Esp. Chapter 10 tells you in every detail how to implement OAM SSO with WLS (with or without OHS as a proxy).
  Reading this chapter saves you time and turnarounds on this topic...
  --olaf                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               

• Error while Portetizing ADF Application with security feature.

  Dear All,
  I am able to portletise a normal ADF application and is running fine on Portal. But as I add security feature to it I am getting error, For reference i am pasting my web.xml and portlet.xml.
  ------------------------web.xml-------------------------------------------------------------
  <?xml version = '1.0' encoding = 'windows-1252'?>
  <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee">
  <description>Empty web.xml file for Web Application</description>
  <context-param>
  <param-name>javax.faces.application.CONFIG_FILES</param-name>
  <param-value>/WEB-INF/faces-config.xml,/WEB-INF/portlet.xml</param-value>
  </context-param>
  <context-param>
  <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
  <param-value>server</param-value>
  </context-param>
  <context-param>
  <param-name>CpxFileName</param-name>
  <param-value>view.DataBindings</param-value>
  </context-param>
  <filter>
  <filter-name>adfFaces</filter-name>
  <filter-class>oracle.adf.view.faces.webapp.AdfFacesFilter</filter-class>
  </filter>
  <filter>
  <filter-name>adfBindings</filter-name>
  <filter-class>oracle.adf.model.servlet.ADFBindingFilter</filter-class>
  </filter>
  <filter-mapping>
  <filter-name>adfFaces</filter-name>
  <servlet-name>Faces Servlet</servlet-name>
  <dispatcher>FORWARD</dispatcher>
  <dispatcher>REQUEST</dispatcher>
  </filter-mapping>
  <filter-mapping>
  <filter-name>adfBindings</filter-name>
  <url-pattern>*.jsp</url-pattern>
  </filter-mapping>
  <filter-mapping>
  <filter-name>adfBindings</filter-name>
  <url-pattern>*.jspx</url-pattern>
  </filter-mapping>
  <servlet>
  <servlet-name>Faces Servlet</servlet-name>
  <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
  <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet>
  <servlet-name>adfAuthentication</servlet-name>
  <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
  <init-param>
  <param-name>success_url</param-name>
  <param-value>faces/Welcome.jspx</param-value>
  </init-param>
  <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet>
  <servlet-name>resources</servlet-name>
  <servlet-class>oracle.adf.view.faces.webapp.ResourceServlet</servlet-class>
  </servlet>
  <servlet-mapping>
  <servlet-name>Faces Servlet</servlet-name>
  <url-pattern>/faces/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>adfAuthentication</servlet-name>
  <url-pattern>/adfAuthentication/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>resources</servlet-name>
  <url-pattern>/adf/*</url-pattern>
  </servlet-mapping>
  <session-config>
  <session-timeout>35</session-timeout>
  </session-config>
  <mime-mapping>
  <extension>html</extension>
  <mime-type>text/html</mime-type>
  </mime-mapping>
  <mime-mapping>
  <extension>txt</extension>
  <mime-type>text/plain</mime-type>
  </mime-mapping>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>adfAuthentication</web-resource-name>
  <url-pattern>/adfAuthentication</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>Guest</role-name>
  <role-name>oc4j-administrators</role-name>
  <role-name>users</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>Login.jspx</form-login-page>
  <form-error-page>Login.jspx</form-error-page>
  </form-login-config>
  </login-config>
  <security-role>
  <role-name>Guest</role-name>
  </security-role>
  <security-role>
  <role-name>oc4j-administrators</role-name>
  </security-role>
  <security-role>
  <role-name>users</role-name>
  </security-role>
  </web-app>
  ---------------------------------portlet.xml----------------------------------------------
  <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
  <portlet-app version="1.0" xsi:schemaLocation="http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd">
  <portlet>
  <portlet-name>UC68PortletKunal</portlet-name>
  <display-name>UC68PortletKunal</display-name>
  <portlet-class>oracle.portlet.server.bridges.jsf.FacesPortlet</portlet-class>
  <init-param>
  <name>DefaultPage.view</name>
  <value>/SearchInput.jspx</value>
  </init-param>
  <init-param>
  <name>BridgeLifecycleListeners</name>
  <value>
  oracle.portlet.server.bridges.jsf.adf.ADFFacesBridgeLifecycleListener,oracle.portlet.server.bridges.jsf.adf.BindingFacesBridgeLifecycleListener
  </value>
  </init-param>
  <supports>
  <mime-type>text/html</mime-type>
  <portlet-mode>VIEW</portlet-mode>
  </supports>
  <supported-locale>en</supported-locale>
  <portlet-info>
  <title>UC68PortletKunal</title>
  <short-title>UC68PortletKunal</short-title>
  </portlet-info>
  </portlet>
  </portlet-app>
  Your reply is most welcomed. I am working for 2 days, if you know just give few minutes to address this issue.

  Hi,
  not sure what the error message is that you get. However, if you access an application through prortal then the security needs to be enforced by the portal, not the application itself because the portal will modify the request headers.
  Did you ask the question on the WebCenter or Portal forum here on OTN
  WebCenter Portal
  Frank

• Not able to portletise an ADF application with Security Feature.

  Dear All,
  I am able to portletise a normal ADF application and is running fine on Portal. But as I add security feature to it I am not able to portletise it, For reference i am pasting my web.xml and portlet.xml. Do i need to include any filter or listener?
  ------------------------web.xml-------------------------------------------------------------
  <?xml version = '1.0' encoding = 'windows-1252'?>
  <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee">
  <description>Empty web.xml file for Web Application</description>
  <context-param>
  <param-name>javax.faces.application.CONFIG_FILES</param-name>
  <param-value>/WEB-INF/faces-config.xml,/WEB-INF/portlet.xml</param-value>
  </context-param>
  <context-param>
  <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
  <param-value>server</param-value>
  </context-param>
  <context-param>
  <param-name>CpxFileName</param-name>
  <param-value>view.DataBindings</param-value>
  </context-param>
  <filter>
  <filter-name>adfFaces</filter-name>
  <filter-class>oracle.adf.view.faces.webapp.AdfFacesFilter</filter-class>
  </filter>
  <filter>
  <filter-name>adfBindings</filter-name>
  <filter-class>oracle.adf.model.servlet.ADFBindingFilter</filter-class>
  </filter>
  <filter-mapping>
  <filter-name>adfFaces</filter-name>
  <servlet-name>Faces Servlet</servlet-name>
  <dispatcher>FORWARD</dispatcher>
  <dispatcher>REQUEST</dispatcher>
  </filter-mapping>
  <filter-mapping>
  <filter-name>adfBindings</filter-name>
  <url-pattern>*.jsp</url-pattern>
  </filter-mapping>
  <filter-mapping>
  <filter-name>adfBindings</filter-name>
  <url-pattern>*.jspx</url-pattern>
  </filter-mapping>
  <servlet>
  <servlet-name>Faces Servlet</servlet-name>
  <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
  <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet>
  <servlet-name>adfAuthentication</servlet-name>
  <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
  <init-param>
  <param-name>success_url</param-name>
  <param-value>faces/Welcome.jspx</param-value>
  </init-param>
  <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet>
  <servlet-name>resources</servlet-name>
  <servlet-class>oracle.adf.view.faces.webapp.ResourceServlet</servlet-class>
  </servlet>
  <servlet-mapping>
  <servlet-name>Faces Servlet</servlet-name>
  <url-pattern>/faces/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>adfAuthentication</servlet-name>
  <url-pattern>/adfAuthentication/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>resources</servlet-name>
  <url-pattern>/adf/*</url-pattern>
  </servlet-mapping>
  <session-config>
  <session-timeout>35</session-timeout>
  </session-config>
  <mime-mapping>
  <extension>html</extension>
  <mime-type>text/html</mime-type>
  </mime-mapping>
  <mime-mapping>
  <extension>txt</extension>
  <mime-type>text/plain</mime-type>
  </mime-mapping>
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>adfAuthentication</web-resource-name>
  <url-pattern>/adfAuthentication</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>Guest</role-name>
  <role-name>oc4j-administrators</role-name>
  <role-name>users</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>Login.jspx</form-login-page>
  <form-error-page>Login.jspx</form-error-page>
  </form-login-config>
  </login-config>
  <security-role>
  <role-name>Guest</role-name>
  </security-role>
  <security-role>
  <role-name>oc4j-administrators</role-name>
  </security-role>
  <security-role>
  <role-name>users</role-name>
  </security-role>
  </web-app>
  ---------------------------------portlet.xml----------------------------------------------
  <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
  <portlet-app version="1.0" xsi:schemaLocation="http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/portlet/portlet-app_1_0.xsd">
  <portlet>
  <portlet-name>UC68PortletKunal</portlet-name>
  <display-name>UC68PortletKunal</display-name>
  <portlet-class>oracle.portlet.server.bridges.jsf.FacesPortlet</portlet-class>
  <init-param>
  <name>DefaultPage.view</name>
  <value>/SearchInput.jspx</value>
  </init-param>
  <init-param>
  <name>BridgeLifecycleListeners</name>
  <value>
  oracle.portlet.server.bridges.jsf.adf.ADFFacesBridgeLifecycleListener,oracle.portlet.server.bridges.jsf.adf.BindingFacesBridgeLifecycleListener
  </value>
  </init-param>
  <supports>
  <mime-type>text/html</mime-type>
  <portlet-mode>VIEW</portlet-mode>
  </supports>
  <supported-locale>en</supported-locale>
  <portlet-info>
  <title>UC68PortletKunal</title>
  <short-title>UC68PortletKunal</short-title>
  </portlet-info>
  </portlet>
  </portlet-app>
  Your reply is most welcomed. I am working for 2 days, if you know just give few minutes to address this issue.

  hi thanks for reply,
  I am using 10.1.3.3 version
  Steps followed are mentioned in one of the PDF
  Oracle WebCenter Framework Tutorial, 10g (10.1.3.2.0)
  B31072-02
  Here I am tring to secure some page of application as per user role usinf ADF secuiry feature.
  The application runs fine in "stand alone" mode.
  While tring portletise i am getting portlet unavilable. So i think i need to modify my portlet.xml OR web.xml
  From Welcome Page:
  I have login and logout link displayed to user not loggged in and logged in user respectively I have done using golink propery.
  Also i have some command button as:
  On clicking: Go To MyWeather Rendered to #{backing_Welcome.authenticated &&
  bindings.permissionInfo['MyWeatherPageDef'].allowsView}
  On clicking: Go To MyContent Rendered to #{backing_Welcome.authenticated &&
  bindings.permissionInfo['MyContentPageDef'].allowsView}

• How to deploy a secured ADF 11g application to WebLogic 10.3 server?

  Hi,
  I have just enabled security in our ADF 11g application, as descripbed in [chapter 29|http://download.oracle.com/docs/cd/E12839_01/web.1111/b31974/adding_security.htm#insertedID0] of the Fusion Developer's Guide. It works fine in the embedded WebLogic server of JDeveloper.
  Now I'm trying to deploy to our WebLogic 10.3 server, which runs in production mode. I'm running into all sorts of problems. The WebLogic console seems to have hundreds of security related pages, I don't know which one I should use, let alone how to use it. The Fusion Developer's Guide doesn't cover deployment to a production server:
  >
  When the target server is configured for production mode, you typically handle the migration task outside of JDeveloper using tools like Oracle Enterprise Manager. For details about using tools outside of JDeveloper to migrate the policy store to the domain-level in a production environment, see the [Oracle Fusion Middleware Security Guide|http://download.oracle.com/docs/cd/E12839_01/core.1111/e10043/toc.htm].
  >
  However, this guide is of very little help to me. I found [chapter 7|http://download.oracle.com/docs/cd/E12839_01/core.1111/e10043/addlsecfea.htm#insertedID0], which says "The recommended tool is Fusion Middleware Control." I have no idea what "Fusion Middleware Control" is, where to get it and how to use it.
  Long story short: I'm totally lost. I'm looking for a step by step guide on how to deploy a secured ADF 11g application to a WegLogic 10.3 server that is running in production mode. Any help is highly appreciated.

  Ok, I found a [very helpful blog post |http://andrejusb.blogspot.com/2009/01/practical-adf-security-deployment-on.html] by [Andrejus Baranovski|http://www.blogger.com/profile/04468230464412457426]. I wish Oracle's documentation was as clear as this...
  The blog post refers to an article by Steve Muench, called [Simplified ADF 11g Application Credential and Policy Migration to Standalone WebLogic Servers|http://www.oracle.com/technology/products/jdev/tips/muench/credmig111100/index.html]. This article presents an Ant script that migrates policies from JDeveloper to WebLogic, using some PFM. (See the last definition here.)
  The problem is that Steve Muench's script assumes that JDeveloper and the standalone WebLogic are on the same machine. However, in a typical environment, such as the one I'm working in currently, this is not the case. In our case the developer stations are Windows machines, while our WebLogic server runs on a HP-UX machine. So the question is: how to perform this migration between two machines with different operating systems?
  Regards,
  Bart Kummel

• How to call OWSM secured web-service from ADF application

  I have a OWSM secured web-service, which takes username/password.
  I want to invoke this webservice from ADF application. ADF application has its own security and it takes its own username/password. End user can't provide the username/password for web-service call. My ADF application should call the webservice and provide it appropriate username/password.
  What is the best practice to handle such scenario. I don't want to hardcode username/password in Java (ADF) code.
  Thanks
  Sanjeev.

  it is not clear to me if you are having problems with calling java code from OIM or if the problem is the web service API.
  Lets do some divide and conquer:
  Can you create a simple java class that just writes a couple of lines to the log? Please attach this code to the OIM task and make sure it runs.
  Once this works we can start looking at the web service call.
  Best regards
  /Martin

• Authenticate ADF application using adf security wizard against LDAP OID

  I have an adf application which i intend to authorise using LDAP. For now , i have actually hand coded in java for authenticating the users of my application. Using JNDI I directly connect to LDAP and authenticate users. However , recently it came to my notice that i can also do that using ADF sercurity wizard , but i am unable to do so. which securing the ADF application ,no where in the wizard LDAP configuration is mentioned. do i have to change some file manually ? i have no idea on how to proceed on that.

  i have setup wls , making th OIDAuthentication as Sufficient. but i dont know how to configure from ADF side so that it can authenticate against LDAP. when i try the ADF sercurity wizard option , it tells me to create new Roles . Is there any way where i can import the ldap credentials to the security wizard ..?

• Change security of adf application on weblogic

  hi all,
  i am new in weblogic. i set oid in weblogic succesfully. But i couldn't change security of adf application. Is there any documantationof how change security of adf application?

  hi frank,
  i mean that i set oid in myrealm which is my default security realm. I change order of Authentication Providers. all of the users of oid are in myrealm . However my application does not use this ldap configuration. i couldn't change security of application, and i need help. Before i deploy my 10.1.3 adf application to oc4j and during deployment i can set the security of application but i couldnt see anything like oc4j in weblogic
  i configure my oid like below link
  http://www.oracle.com/technology/products/jdev/tips/fnimphius/oidconfig/index.html

• System-jazn-data.xml corruption after few ADF Application Deployments in Weblogic 11g

  We have been facing issues of system-jazn-data.xml getting corrupted after deploying some ADF Applications causing impact on other deployed applications accessibility. As a work around, we need un-deploy the application and restore the template jazn file and bounce Admin and Managed Servers and then re-deploy the application. Anyone faced this issue? Is the root cause identified and a solution to this issue.
  Thanks,
  Kumar

  Hello Kumar,
  We faced similar issues after deploying new applications and bouncing the manager servers, but not with "system-jazn-data.xm" though. Suggest to check with oracle(SR), they would come up with a more appropriate solution/work around.
  Good luck!
  Thanks,
  Rajiv.

• Using SAML secured webservice in ADF Application

  I am looking for some tutorial/docs to use SAML secured webservice in ADF application. In my adf application, I am using the webservices using WebProxy and WebServiceDataControls.
  Any pointers in this direction will be helpful.
  Thanks,
  Rajdeep

  Take a look at the following blog posts - which provides some information regarding the SAML security in ADF
  http://biemond.blogspot.com/2009/05/sso-with-saml-adf-security.html
  http://biemond.blogspot.com/2009/05/sso-with-weblogic-103-and-saml.html
  Thanks,
  Navaneeth

• Help need in ADF application security.

  Hi All,
  I need to implement the ADF application with authentication.Iam using jdeveloper 11.1.1.3.0 and Standalone WLS.
  I want to create group in WLS and map the user present in group for authentication.
  Any one please provide the tutorial link or video link so that i can implement the authentication as most of the link is for jdev 10 not for jdev 11.
  Regards,
  Suresh kumar.k

  would this help you:(which is exactly what I suggested in the other place Suresh asked :) )
  Reading the docs is always a good place to start.
  Good luck,
  john

• To make adf application secure(HTTPS)----------------urgent !!!!

  Hi all,
  I need to have my application run on HTTPS rather than http .i have used jdev 10 for my adf application and deployed on oracle application server 10 g .
  so can someone help me out how to run or get my url in https.
  Do i need to make settings in Jdev only or do customization in application server.
  Thnks in advance.

  In the app server. Consult the OC4J documentation.
  CM.