Process of login with ADF security

Hi,
I was looking at how to implement the process of Login with the ADF security using JDev 11g and I feel very good...
My question is if it is possible to use this tool in case of use a container as Tomcat 6.x or JBoss. If it is possible to use ADF security for these containers, what should be configured to work?

Hi,
ok, I'd like to use authorization with ADF security, but as you say it is not possible in Tomcat. well, but could implement it, if there must be 3 users with different roles of the little system that I want to develop. Any idea?. There maybe a small example with user roles to use without authorization of ADF security?.

Similar Messages

  • Web Center app with ADF Security - login problem

    I have a custome Oracle Web Center app.
    I have a page.html with an embedded login form posting to j_security_check. I've configured the ADF security policies to redirect to a JSPX on successful login.
    When I try the correct username/password, I get redirected not to the page I defined in ADF, but to the root page http://127.0.0.1:7101/MyApp-ViewController-context-root/
    and i get
    Error 403--Forbidden
    I've checked the weblogic.xml as per http://andrejusb.blogspot.com/2009/12/solving-error-403-forbidden-in-adf.html, all the required entries are there.
    This works fine if i use a Login link with
    destination="#{'/adfAuthentication?login=true&end_url=/faces/postLogin.jspx'} "
    which redirects to the default login.html and then to the right page. I've copied the form from the default login.html into my master HTML page.
    Hope my question is clear. Any suggestions why it is going to the wrong URL after login.
    Is there anything specific I should see in the jazn-data.xml or web.xml regarding the post-login URL since i cant see that in either.
    P.S. Have been advised to try here when I originally asked this in the WebCenter forum. Web Center app ADF Security - login problem
    Edited by: new_to_webcenter on 18-Jan-2011 05:25

    Thanks for your response Frank.
    The web.xml has
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>adfAuthentication</web-resource-name>
    <url-pattern>/adfAuthentication</url-pattern>
    </web-resource-collection>
    <auth-constraint>
    <role-name>valid-users</role-name>
    </auth-constraint>
    </security-constraint>
    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/login.html</form-login-page>
    <form-error-page>/error.html</form-error-page>
    </form-login-config>
    </login-config>
    When configuring ADF Security via JDev , I chose "Redirect upon successful authentication" to the Welcome Page
    "/faces/postLogin.jspx"
    this then adds into web.xml
    <servlet>
    <servlet-name>adfAuthentication</servlet-name>
    <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
    <init-param>
    <param-name>success_url</param-name>
    <param-value>/faces/postLogin.jspx</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
    </servlet>
    So the sequence which works is:
    Login via the '/adfAuthentication?login=true&end_url=/faces/postLogin.jspx' and this redirects to login.html (OOTB form which posts to j_security_check) and then to the postLogin.jspx
    I'm trying to do away with a Login link, and trying the simple login form embedded in my page alongwith other content.
    So should the form be posting to j_security_check directly or to the adfAuthentication ?

  • Problem with ADF Security / SQL Authenticator after upgrade to 11.1.1.6

    Hi,
    We have an ADF application built with JDeveloper 11.1.1.2 that's been in production for a couple of years. Now we are in the process of upgrading to 11.1.1.6 so I have upgraded WLS and ADF in a test environment and re-deployed the application there. The application uses users and groups from database using SQL Authenticator configured in WLS. This worked fine in the old version but now after the upgrade we can't log in with credentials from the database. I can log in if I add a user to the default authenticator. We didn't touch any of the authenticator settings or security realm configurations during the upgrade. Both authenticators are marked as SUFFICIENT, as they have always been.
    Has something changed in the way SQL Authenticator is used since 11.1.1.2? What could be the problem?
    Regards,
    Joonas

    Answering myself here: after recreating the SQL Authenticator and the ADF Security configuration logins are working again. Don't know where the problem was though.

  • How to integrate a SSO based in cookie with ADF Security

    At work they asked me to integrate a existing SSO based in cookie with the new ADF + Jdeveloper 11g + WLS. After google for days and read a lot of blogs and official documentation I've made a custom LoginModule. I made it very simple, it's just an "if" inside the login() function with the username, if the username is "john" I put to the Subject some Principals. My steps are:
    1- Create a new app based on "Fusion application" template.
    2- Make a new ADF Taskflow with only one view inside (the entry point of the taskflow). The jspx only contains a welcome message.
    3- Run the ADF Security wizard, all the steps with the default option, I don't change anything.
    4- Put some users and some roles in jazn-data.xml, and maping them to an application role. Then I grant permissions to the application role to view the previous task flow.
    At this point everything is ok. I run the taskflow and a basic login popup prompts me to write my username and password. Now I try to remove everything useless for me, like idstore, credentials, anonymous, etc. I only want a LoginModule that get the HttpRequest and passes it to an already done class that returns a true/false depending if the cookie is correct or not but, as I said before, my LoginModule is so simple now and even didn't try to do something more complicated than an if. The steps I try are:
    in jps-config.xml
    5- Remove idstore.xml and credentials.
    6- (loginmodule tab) Make a new login module, and put here my class. The class is in the ViewController project and JDeveloper find it navigating through the heriarchy, so I have visibility. I put REQUIRE flag, add all roles and debug mode.
    7- In the security context unmark the idstore.loginmodule and mark myLoginModule. Also delete the anonymous security context.
    All that I got until now is a 500 error (Internal server error - Authorization Exception). Sometimes (the close i've ever been to do something correct) the browser ask me for user/password but then only recognizes the users that already are in WLS (idstore from previous tests), but NOT the "john" user that is inside my custom LoginModule. Even more, if I run the WLS from JDeveloper 11g in debug mode, the runtime never stops at breakpoints inside my custom login module. It seems that my LoginModule isn't deployed or I made some error maping the roles.
    So, my questions are:
    - I'm in the good way? If I want an authentication based in cookie/httprequest I have to do a custom LoginModule? My goal is to do a re-usable code, and re-use the code that my co-workers have done. They have a class that with only the HttpRequest determines if a user is logged or not.
    - If I'm in the good way... how can I put my custom LoginModule in the WLS? I tried to search something in the Administration Panel (localhost:7101/console) but I did'nt find nothing.
    - In case I'd got the custom LoginModule working fine in WLS... how can I get a HttpRequest from a LoginModule and avoid the username/password dialog? I've to make a filter and pass it to the my LoginModule? If it's correct... how?
    I don't post my code because is so simple, it's based on DBTableLoginModule but without all the database access code.
    Thanks to all!
    P.D.: If this message isn't in the correct forum, I'm sorry. Feel free to move it.
    P.D.2: Sorry about my english, I'm spanish. I know i've to practise a lot :)

    Hi Frank,
    Thanks a lot for your answer. Just one more easy question: what I need to do is a custom Authentication Module (which will read the cookie)? If only you can point me to the correct chapter of the WLS documentation I'll be very pleased.
    In future releases of JDeveloper will be easier to do this kind of things related to security?
    Riveck

  • Problem with ADF security and task flow calls

    Hi.
    I am using JDeveloper 11.1.2.0.0.
    I encountered a problem when tried to apply ADF security to my application.
    The way to reproduce the problem:
    1. Create new Fusion Web Application;
    2. Import Business Components from Tables from any existing schema and add at least one table to the ApplicationModule.
    3. Create "welcome page" (for instance, welcome.jsf). Add a button with fixed action outcome "test".
    4. Create test page, for instance, test.jsf. Drag and drop any view object from Data Controls onto the page and create a form with navigation controls. Add a button with fixed action outcome "return".
    5. Create bounded task flow, name it "test", drag and drop our test page on it - the page will be the default activity. Add a task flow return activity. Add a control flow case from the default view activity to the return activity, set From Outcome property to "return". So our return button should cause the task flow to exit.
    6. Open adfc-config.xml in diagram mode and place our welcome page on it. Then drag and drop the test task flow to create a task flow call activity. Add a control flow case from welcome page to task flow call activity, set the From Outcome property to "test". So our test button should call the test task flow.
    7. Configure application to run the unbounded task flow starting with Welcome view activity.
    At this point all works as expected: when application runs, the welcome page is displayed with test button. Pressing the test button results in displaying the test page, return button leads back to the welcome page.
    Now let's configure ADF Security.
    Run the ADF Security configuration wizard, choose ADF Authentication and Authorization.
    On the second page select Form-Based Authentication, check the Generate Default Pages flag.
    On the third page choose No Automatic Grants.
    On the next page keep the Redirect Upon Successful Authentication unchecked. Press Finish.
    Open jazn-data.xml to configure roles, users and resource grants:
    1. Create application role test-role.
    2. Grant the test-role privileges to view the test task flow.
    3. Create user and grant him the test-role.
    Now we have the public available welcome page and the test page with restricted access.
    When application runs, the welcome page is displayed as expected. Pressing the test button redirect us to auto-generated login page. After successful authorization the test page is displayed. But nothing happens if we click now the return button for the first time. When we click the return button once more, the application crushes with Error-500 and message "Target Unreachable, identifier 'bindings' resolved to null". The exact error trace depends on UI control bindings, but looks like this:
    javax.el.PropertyNotFoundException: //C:/Users/DUDKIN/AppData/Roaming/JDeveloper/system11.1.2.0.38.60.17/o.j2ee/drs/Test1/ViewControllerWebApp.war/test.jsf @10,120 value="#{bindings.Id.inputValue}": Target Unreachable, identifier 'bindings' resolved to null
         at com.sun.faces.facelets.el.TagValueExpression.isReadOnly(TagValueExpression.java:122)
         at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer._getUncachedReadOnly(EditableValueRenderer.java:476)
         at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.getReadOnly(EditableValueRenderer.java:390)
         at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.wasSubmitted(EditableValueRenderer.java:345)
         at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.decodeInternal(EditableValueRenderer.java:116)
         at oracle.adfinternal.view.faces.renderkit.rich.LabeledInputRenderer.decodeInternal(LabeledInputRenderer.java:56)
         at oracle.adf.view.rich.render.RichRenderer.decode(RichRenderer.java:342)
         at org.apache.myfaces.trinidad.render.CoreRenderer.decode(CoreRenderer.java:274)
         at org.apache.myfaces.trinidad.component.UIXComponentBase.__rendererDecode(UIXComponentBase.java:1324)
    (the rest of lines skipped).
    Any suggestions?
    Edited by: user13307311 on Apr 16, 2013 11:39 PM

    @Lovin_JV_941794
    The welcome page is public available since it does not have appropriate PageDef file.
    Login page comes not from the welcome page, it comes after attempt to access the test page. So after the login succeeded the test page appears, because redirect to welcome page after successful login is not configured. I do not need to return the welcome page at this moment, I need to go to the test page.
    It seems the task flow call stack to be destroyed after redirect to login page.
    Edited by: user13307311 on Apr 17, 2013 12:45 AM

  • Error when trying to see pages in webcenter app with adf security activated

    Greetings
    I have this problem
    I developed a WebCenter Application that uses ADF Security with form authentication. This App has
    two JSPX the first one is the login page and the second one is the page where i manage runtime created pages
    using the CREATE PAGE task flow and a page tree iterator to see my created pages.
    when i deploy de application on the weblogic server i am able to login successfully and create as many pages as
    i want and also see them using the link generated. the problem is that when a delete the application from the weblogic
    server, i mean the deployed application, then redeploy the same application on the server i can login again and
    see the pages i created before but when i try to reach them i get this error showed in my internet browser:
    Error 401--Unauthorized
    From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
    10.4.2 401 Unauthorized
    The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46)
    containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization
    header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that
    authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response,
    and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was
    given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained
    in section 11.
    Does anybody now what kind of configuration i am missing or what is happening?
    thanks for your help

    this issue has a solution showed on the this thread Re: ERROR when trying to see pages created with create page task flow

  • ADF BC 11g, Weblogic 10.3 - Deployment Issue with ADF Security

    Hi all,
    I know there are many many blogs about deployment of an 11g app using ADF Security to a WLS 10.3 server, however, none appear to be working for me.. or I'm not working with them! :P
    I've deployed an .ear file to the WLS 10.3 and this works fine - after following these steps
    http://www.freewebalbum.com/blogs/faces/bjanko/blogs.jsp?blog=bjanko20090127130431
    I then followed Steve's migration technique
    http://www.oracle.com/technology/products/jdev/tips/muench/credmig111100/index.html
    That all built correctly.
    I then tried to access the app via browser, entered in the user cred (created under Security Realms in WLS 10.3 admin console - user and groups).
    I attempted to login, and received an "Error 401--Unauthorized" error.
    I'll that I see in the server log is:
    [JpsWlsFilter.doFilter] setContextID to testApp
    I'm totally stuck, so any ideas would be awesome.
    Cheers,
    chris

    Just gave that a shot.. No dice unfortunately.
    Steve Muench wrote:
    You can omit -DdstApp=DEPLOYAPPNAME if the deployed application name is the same as the source application name you supplied in the -DsrcApp=APPNAME argument.I hate massive code dumping... but this is my jazn-data.xml
    <?xml version = '1.0' encoding = 'UTF-8'?>
    <jazn-data>
       <jazn-realm default="jazn.com">
          <realm>
             <name>jazn.com</name>
             <users>
                <user>
                   <name>system</name>
                   <guid>0300AED0A9A411DD8F304FB2D3E85932</guid>
                   <credentials>{903}G5cbldq4HwMVt/gQpv1lXuNdLYbSu20y</credentials>
                </user>
             </users>
             <roles>
                <role>
                   <name>PlusAdmin</name>
                   <guid>0300AED1A9A411DD8F304FB2D3E85932</guid>
                   <members>
                      <member>
                         <type>user</type>
                         <name>system</name>
                      </member>
                   </members>
                </role>
                <role>
                   <name>PlusUser</name>
                   <guid>0300AED2A9A411DD8F304FB2D3E85932</guid>
                   <members>
                      <member>
                         <type>user</type>
                         <name>system</name>
                      </member>
                   </members>
                </role>
             </roles>
          </realm>
       </jazn-realm>
       <policy-store>
          <applications>
             <application>
                <name>TestApp</name>
                <app-roles>
                   <app-role>
                      <name>PlusAdmin</name>
                      <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                      <members>
                         <member>
                            <class>oracle.security.jps.internal.core.principals.JpsXmlUserImpl</class>
                            <name>system</name>
                         </member>
                      </members>
                   </app-role>
                   <app-role>
                      <name>PlusUser</name>
                      <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                      <members>
                         <member>
                            <class>oracle.security.jps.internal.core.principals.JpsXmlUserImpl</class>
                            <name>system</name>
                         </member>
                      </members>
                   </app-role>
                </app-roles>
                <jazn-policy>
                   <grant>
                      <grantee>
                         <principals>
                            <principal>
                               <class>oracle.security.jps.internal.core.principals.JpsAnonymousRoleImpl</class>
                               <name>anonymous-role</name>
                            </principal>
                         </principals>
                      </grantee>
                      <permissions>
                         <permission>
                            <class>oracle.adf.share.security.authorization.RegionPermission</class>
                            <name>com.delexian.plus.ui.pageDefs.LogonPageDef</name>
                            <actions>view</actions>
                         </permission>
                         <permission>
                            <class>oracle.adf.share.security.authorization.RegionPermission</class>
                            <name>com.delexian.plus.ui.pageDefs.LogonErrorPageDef</name>
                            <actions>view</actions>
                         </permission>
                      </permissions>
                   </grant>
                   <grant>
                      <grantee>
                         <principals>
                            <principal>
                               <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                               <name>PlusAdmin</name>
                            </principal>
                         </principals>
                      </grantee>
                      <permissions>
                         <permission>
                            <class>oracle.adf.share.security.authorization.RegionPermission</class>
                            <name>com.delexian.plus.ui.pageDefs.HomePageDef</name>
                            <actions>customize,edit,grant,personalize,view</actions>
                         </permission>
                      </permissions>
                   </grant>
                   <grant>
                      <grantee>
                         <principals>
                            <principal>
                               <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                               <name>PlusUser</name>
                            </principal>
                         </principals>
                      </grantee>
                      <permissions>
                         <permission>
                            <class>oracle.adf.share.security.authorization.RegionPermission</class>
                            <name>com.delexian.plus.ui.pageDefs.HomePageDef</name>
                            <actions>customize,edit,grant,personalize,view</actions>
                         </permission>
                      </permissions>
                   </grant>
                </jazn-policy>
             </application>
          </applications>
       </policy-store>
       <jazn-policy/>
    </jazn-data>

  • Show images without login in ADF security

    Hi,
    I use JDeveloper 11.1.1.0.0.
    I use ADF Authentication Security. I use some images to login.html page but I can't see these images without authentication.
    can anybody help me?
    Thanks very much

    Hi,
    this is because you protect the application root "/". I assume you only enabled ADF Security for authentication.
    Frank

  • ADF 11g:Error When running login page: ADF security

    I am using Jdeveloper 11.1.1.2.0.Based on the following post
    http://blogs.oracle.com/fusionmiddlewarereallife/adf11gsecurity.html when I am running the application I am getting following error in web browser:-
    Error 403--Forbidden
    From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
    +10.4.4 403 Forbidden+
    The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.
    Steps to reproduce the error:-
    1) Unzip the lession6.zip file (http://blogs.oracle.com/fusionmiddlewarereallife/Lesson6.zip)
    2) Open application in your Jdeveloper and run the login.html page.
    3) In the login page,give user id as "James" and password as "welcome1"
    4) You will see above error.
    I have tested the above in Firefox 3.6.3 and IE7.*Please note that when you run the PublicPage.jspx, application works fine*. Its not working in the case when you are running the application using login.html
    I have checked the Adnrejus post on this error(http://andrejusb.blogspot.com/2009/12/solving-error-403-forbidden-in-adf.html), but weblogic.xml is generated with required entries.
    Can anyone help me in this please:-
    Thanks,
    Vikram

    Me too have tested the application by running the public page. Its working fine.
    But my hole point here is, why application is not moving to the PrivatePage.jspx from login page. Means why can't we directly run the login page and access the PrivatePage. Even when success_url is configured in web.xml
    <servlet>
    <servlet-name>adfAuthentication</servlet-name>
    <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
    <init-param>
    <param-name>success_url</param-name>
    <param-value>/faces/PrivatePage.jspx</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
    </servlet>
    Thanks again,
    Vikram

  • Issue with ADF security enabled App deployed to java cloud services

    Hi,
    Here are the instance details:
    Jdev cloud build:JDEVADF_11.1.1.6.0CLOUD_GENERIC_121118.1600.6229
    Java cloud service version:13.1
    I have created a simple ADF Application & enabled security by editing web.xml:
    <login-config>
        <auth-method>CLIENT-CERT</auth-method>
        <realm-name>default</realm-name>
      </login-config>
      <security-role>
        <description>manager</description>
        <role-name>manager</role-name>
      </security-role>
    Then I have tried to deploy this Application to Java cloud services.Deployment works fine.
    I have 2 users created in Identity console- x & y.In my case x user has manager role enabled & y doesn't have manager role enabled.
    Now when I try to access the above deployed ADF Application with 'y' user,the page is accessible.
    My question here is that since 'y' user does not have the privilege he should not be able to access this page,could you please let me know if am missing something?
    Thanks.

    Hi,
    You may refer to the documentation available in the link: Developing Applications for Oracle Java Cloud Service - Release 13.1
    Please refer to the section: Securing Java EE Applications- Roles and Constraints
    Hope this helps
    Regards,
    Santhosh

  • ADF Security, Task Flow as a region in a page resource grant

    JDeveloper 12c (12.1.2); Application uses ADF form based security, external LDAP provider (Active Directory)
    After sign-in page (upon successful authentication/authorization) user is forwarded to a page that executes VO method prior to render. I am new to task flow concept and am told to achieve this like:
    - create bounded task flow, with method call activity (execute exposed AM method that calls VO method, runs custom SQL) and view activity as page fragment.
    - then drop the above task flow into a page as a region
    In ADF security setup, I gave resource grant task-flow to certain application role. Started the application, login and got 403 error. Then went back and gave resource grant 'view' to the actual page that contains task flow. It worked fine.
    So the question is, when protecting application (implemented with task flows) with ADF security, I thought it is enough to grant those task flows to whatever application roles (groups) and inherently any page that uses that task flow(s) (as a region) will be protected?
    From this test, it seems that I have to assign each page (that has task flow as a region) to application roles individually?

    Hi,
    any page that is contained in a bounded task flow is protected  by the task flow permission grant, this is correct. If this is not what you see, please file a bug with support or send me a simple reproducible test case please. My mail address (replace all < name > with the described symbol.
    frank <dot> nimphius <at> oracle <dot> com
    The test case will need to be in a ZIP file nemaed to "unzip" and should be able for me to run stand alone (please no database scripts to run prior to try the test case)
    Frank

  • ADF Security not working 401 error

    I am having problems with securing my ADF using LDAP after the server I was using was rebuilt and all software re-installed.....
    This did work before the rebuild so I am guessing that there are some settings that were no configured after the rebuild.
    We are using weblogic and Jdeveloper 11.1.1.6 and When I use the Wizard to secure my app and if I pick "ADF Authentication" I get the login in page and I can log into the application and things work.
    I then try to go in and use the "ADF Authentication and Authorization" option and deploy and I get a 401 - Unauthorized error..
    It used to work so I am pretty sure I am setting the Enterprise roles / Application Roles etc... correctly but wondered if anyone might be able to point me to what settings might be the issue etc.
    Thank you in advance for any assistance.

    After turning off ADF security in application - it works.
    When ADF security is turned on - it doesn't.
    When opening the same application with ADF security on in previous version of JDev - it works again.
    Our application uses custom login bean, but it is not even reaching login bean after login form submit (sample is made as http://www.youtube.com/watch?v=mAWBezngA1s)

  • Bug concerning ADF security

    Just wanted to make a thread about this strange behavior when working with ADF security. Discovered it was a bug (i think).
    I have just enabled ADF security in my project after reading chapter 28 of the developers manual and watching Franks tutorials on the Code Core center. I was having trouble implementing it and thought I was just doing it wrong. It seemed so simple in the manual. The trouble I was having was that if I granted some access to a task flow or a web page to a application role or to the anonymous role it wouldn't become active. No changes made in the jazn-data.xml would make any different. Next day when I started up again it all worked. But making further changes would also not become active. I looked ad the logs and noticed the following error in the deploy process:
    +[Running application Health_Project1 on Server Instance DefaultServer...]+
    Uploading jazn-data identities.
    Uploading jazn-data policies.
    oracle.security.jps.JpsException: Destination context default missing in the specified jps-config.xml.
    +     at oracle.security.jps.internal.tools.utility.mgrs.JpsPolicyAPIManager.getPolicyStoreForDestination(JpsPolicyAPIManager.java:165)+
    +     at oracle.security.jps.internal.tools.utility.destination.apibased.JpsDstPolicy.<init>(JpsDstPolicy.java:150)+
    +     at oracle.security.jps.internal.tools.utility.destination.JpsInitializerDst.getDestinations(JpsInitializerDst.java:82)+
    +     at oracle.security.jps.internal.tools.utility.JpsUtility.<init>(JpsUtility.java:63)+
    +     at oracle.security.jps.internal.tools.utility.JpsUtilDeploymentImpl.migrateAppPolicyToFarmLevelPolicyStore(JpsUtilDeploymentImpl.java:81)+
    +     at oracle.security.jps.internal.tools.utility.JpsUtilDeploymentImpl.migrateAppPolicyToFarmLevelPolicyStore(JpsUtilDeploymentImpl.java:103)+
    +     at oracle.jdevimpl.adrs.weblogic.JaznDataUploader.uploadPolicies(JaznDataUploader.java:610)+
    +     at oracle.jdevimpl.adrs.weblogic.JaznDataUploader.uploadJaznData(JaznDataUploader.java:212)+
    +     at oracle.jdevimpl.runner.adrs.AdrsStarter.uploadJaznData(AdrsStarter.java:1703)+
    +     at oracle.jdevimpl.runner.adrs.AdrsStarter.mav$uploadJaznData(AdrsStarter.java:116)+
    +     at oracle.jdevimpl.runner.adrs.AdrsStarter$5.run(AdrsStarter.java:1344)+
    +     at java.lang.Thread.run(Thread.java:619)+
    Uploading credentials.
    After some digging I found that this was a bug related to the application path. The application was located in "My Documents" with the path c:\Documents and Settings\.......
    It is no good to have space in the application path. After I moved the application to a more simple like path c:\dev\sb\mywork the ADF security worked fine. Changes in policies would become affective immediately. Later I ran into the same problem but this time the application path was simple but the application name had an underscore in it "my_project". By removing the underscore and making the application name MyProject along with changing all the properties, xml and connection files the ADF security worked like it should.
    So in short:
    ** Don't have a space in the path where the application is stored.*
    ** Don't have a underscore in the application name.*
    Please comment if I'm wrong. This post is just for information if other users are running into similar problems.
    Best regards,
    Sturla Thor

    hi,
    if you delete this line
    <property value="doasprivileged" name="oracle.security.jps.jaas.mode"/>
    in the jsp-config.xml you can at least use your application with authentication but authorization doesn't work b/c the subject does not contain the principals:
    ADFContext.getCurrent().getSecurityContext().getUserRoles();
    returns an empty String[].
    Is there a workaround?
    Cheers Andy

  • ADF Security against database?

    I am working with JDeveloper 10.1.3.4 on a project which uses adf/bc and adf faces/jsf 1.1; the application is deploying to iAS 10.1.3.4 and is hooked as a mid-tier instance via SSO to an infra iAS instance on another machine.
    How do you change ADF Security to reference a database table to find out settings for page/iterator/attribute security settings?
    Most of the existing code in this environment is Web Pl/sql toolkit and portal work. I am adding ADF apps. They would like to control what the different roles have access to via the database...hence this question.
    Normally with ADF Security you use an editor in JDeveloper which you can access from within the page def file in the structure pane within JDeveloper; I think this changes system-jazn.xml. If you, instead, want these settings to be located within a database table, what do you have to do?
    In my initial research I am thinking somehow I must create an override for ADFPermission.getContext() somehow...but I have not figured out if that is right or not yet.
    It may just be easier to re-invent the wheel: just do things programmatically using Java; but there is a lot of structure inherant in ADF Security that I would be reproducing if I go that route, I think.
    Anybody have any ideas?
    I am continuing to research this issue, but I think this is an unusual use-case; so I am not expecting to find this answer anywhere in particular. Maybe somebody knows this off the top of their head.

    Right, Frank; I mostly meant that it would help me learn more about the subject of J2EE permissions. Vik has pointed me in the direction of the Sun Java Forums for more information on this topic, which I will hopefully get a chance to pursue.
    Thank you for getting back to me. Thank you again, also, for all your work on custom login modules; I have used that work of yours several times professionally. It is just that this client I am working with now is satisfied with their SSO/LDAP setup...they just want to store permissions in the database also.

  • Google maps don't work properly with ADF

    Hi!
    I have tried to integrate Google maps with ADF http://blogs.oracle.com/middleware/2010/06/integrating_google_maps_with_adf.html. This tutorial works good, but then I insert the same code in real ADF application Google maps don’t work properly, there are problems with zoom buttons, map doesn’t display right region but shows another one (does it with offset) etc.
    Can be this issues connected with ADF Security? Or there are some other things in my project which doesn’t allow JavaScript to work correctly?

    andrejs,
    I just tried the tutorial (works fine) and the tutorial with ADF security (works fine). It seems to be something more specific to your application than anything else.
    John

Maybe you are looking for

  • When I reboot in Windows 7 partition, it comes up with an error.

    Hello all, I have recentry formatted my Primary Partition for windows 7, and when i reboot to the HHD, it comes up with an error; "Windows failed to start. a recent hardware or software change might be the cause". Under i get some options; 1, insert

  • Backbase: Amazing rich interfaces

    Came across this small European company called Backbase http://www.backbase.com in a popular industry rag http://www.infoworld.com/article/05/08/08/32TCback_1.html The demos on their website are very very slick. No page refreshes, very continuous, re

  • SAP Netweaver Portal compatibility issues with IE 8?

    Does anybody have information or possibly another thread where the upcoming IE 8 is discussed in regards to SAP changes?  Will SAP need any patches, updated, etc. for the new IE 8 functionality? When using IE 8, our portal shows errors below, does an

  • Starup Class Not Found.

    Hai every body I am using Strtup class prvide by weblogic that i plased in c:\startup.jar i set class path in C:\bea\user_projects\domains\mydomains\startwebloic.cmd and i mention fully classified name of class like--- com.startup.StartupSample in st

  • Missing calendars from iPad

    I have 3 calendars synced from yahoo to iPad; however only 1 of them is showing on the iPad.  Upgraded to ios5 Sun and all calendars were showing up on iPad until today.  All calendars are checked but still only 1 of them shows up.  Any ideas?