Protect the adf url from anonymous users

Hi All,
How can i protect my adf application url from anonymous users?Please give me your valuable suggestions.

Have you read about ADF Security in the documentation?

Similar Messages

  • Is it possible to get the URL from which user came to Apex Application?

    Hi,
    I have 1 web site which is created by Apex. And I have to create similar sites with slight differences. For example, even though the contents are almost same, each telephone # have to be modified.
    So, if possible, I want to use only 1 web site and depending on the URL from which user came, change some information on the page. Is it possible?
    And if it is possible, what if the user set Apex URL as favorite and visit it after some days?

    Thank you Scott,
    This is the one.
    But I have another issue.
    If a user comes to our page from their link directly, I can identify where he come from. But if he added our site to Bookmark and comes to our site through the link, is it possible to identify his original route?
    If it is impossible, I will create other Apex Application and put each URL to the link in order to catch where the user is from.

  • How to strongly protect the step types from being modified by others?

    how to strongly protect the step types from being modified by others?

    Hi Jacky,
    You can make a property of a step uneditable by changing the property
    flags for the step.  First, you want to be able to view the hidden
    properties so that you can change the flags for these properties as
    well.  You do this by going to Configure>>Station Options
    and selecting the Preferences tab.  Check the box for Show Hidden
    Properties.  Once you have done this you can select the step type
    from the types palette.  In the window to the left, you can expand
    the tree for the type to see all the properties of that step. 
    Right click on the property that you do not want users to be able to
    edit, select Properties.  Then click the Advanced button. 
    Here you will see a list of the setable flags.  Check the box for
    PropFlag_NonEditable.  You can then do this for all the properties
    of the step that you do not want users to edit.
    Thanks,
    Caroline Tipton
    Data Management Product Manager
    National Instruments

  • Printing the Package output from Anonymous block

    Hi,
    I need to call the below package from anonymous block and get the output.
    Could you let me know.
    I tried using this, but i don't get data.
    ===========Anonymous Block=====================================================================
    declare
    var              xxdc.xxdc_sr_log_his_pkg.sr_tbl_type;
    l_sr_idx_bi  BINARY_INTEGER := 0;
    BEGIN
    xxdc.xxdc_sr_log_his_pkg.service_record('14040',var);
    dbms_output.put_line('CLAIM_CREDIT_OFFERS  :'||var(l_sr_idx_bi).qa_credit_offers(l_sr_idx_bi).character1 );
    end;
    =============================================================================================
    ============================================================================================
    Package Spec
    TYPE cr_offer_type IS TABLE OF apps.qa_results_v%ROWTYPE  
    INDEX BY BINARY_INTEGER;
    TYPE sr_rec_type IS RECORD
    (task_status                      apps.jtf_task_statuses_tl.name%TYPE
    ,task_type                        apps.jtf_task_types_tl.name%TYPE
    ,qa_credit_offers                 cr_offer_type
    TYPE sr_tbl_type IS TABLE OF sr_rec_type
    INDEX BY BINARY_INTEGER;
    PROCEDURE  service_record(p_service_req_num IN  VARCHAR2
                                               ,p_service_req_tbl OUT sr_tbl_type
    Package Body
           FOR emp_row_rec IN cur_credit_off
           LOOP
             l_sr_tbl(l_sr_idx_bi).qa_credit_offers(l_sr_idx_bi).character1 := emp_row_rec.character1;
             --dbms_output.put_line( l_sr_tbl(l_sr_idx_bi).qa_credit_offers(l_sr_idx_bi).character1);   --commenting for testing
              l_sr_idx_bi := l_sr_idx_bi + 1;
           END LOOP;
          p_service_req_tbl := l_sr_tbl;
    =============================================================================================
    Thank

    Hi,
    Did you issue the SQL*Plus command
    SET  SERVEROUTPUT  ON
    or, if you're using some other front end, its equivalent?
    Can you ever see output from dbms_output?  For example, what happens when you run this?
    SET  SERVEROUTPUT  ON
    BEGIN
        dbms_output.put_line ('Hello, world!');
    END;
    Since I don't have your tables, I can't actually run your code.  If you'd post CREATE TABLE and INSERT statements, or re-write the package to reference commonly available tables, such as those in the scott schema, then I could test it.

  • Using the Import utility from other users and going to a different schema

    I has a user today with rights
    Insert into XXXX.TABLE values(); Works just fine for another schema's table which has select,insert,update,delete.
    We tried to utiile the import utility from OTHER USERS
    Insert failed ORA-00942
    Do you want ot ignore all errors
    Even though we have rights to the schema under OTHER USERS.
    When connected as the owner it works fine.

    I've be trying to find a work-around to this issue & found this old post -- I'm having the same problem.
    I'm using Oracle 11g and SD 2.1.1.64.
    I have user A with a table that grants select,insert,update, and delete privs to user B. Logging into user B I, of course, can do inserts, deletes, etc. on the the table in user A's schema.
    When I use the import data feature to load data from a CSV file I can't get it to work while logged into user B. It does work fine if logged into user A. It looks like the issue may be that it doesn't put the schema prefix of "A." on the insert statements.
    Has anyone found a way to get around this issue yet?

  • Hide the Core universe from some user groups

    Hi all,
    We have one Core universe and few derived universes for each user group. One team is responsible to implement the Core and the derived universes. This means they have Full access on these universes. There are few other user groups which have VOD access on their group specific derived universe and the VOD access on the Core universe in order to create or run WebI reports. Since they have VOD access on the core universe, they will be able to create report against it. We like to hide the core universe from our user group and they should always use their derived universes.
    Does someone know which entitlement setting will allow us to hide then core universe or prevent a certain user group to create new report against it without impacting their ability to run existing reports?
    Thank you.
    Sunny

    Hi,
    Step 1. Try at CMC level
    CMC-> Universes-> remove the groups (don't shouldn't have access to that universe)-> ok
    If it doesn't work then try step 2.
    Step 2. At Designer level -
    Try to restrict the universe at designer level. i.e goto Tools-> Manage Restrictions -> Manage Access Restrictions -> add groups(required groups dont should have access to users) ->Ok.
    Cheers,
    Suresh Aluri.

  • Keep track of the shopping cart for anonymous user

    Hi,
    I have the following problem on b2c site. Anonymous user can browse through the site and adds items to the shopping cart. At the checkout the login page is prompted, however login page is located on the different application server where the actual login happening. After that control is returned to my server where I need to create login object and associate the shopping cart with it. My problem is how to maintain shopping cart without losing it.
    I came with that solution : On checkout attach shopping cart to context object with unique key, then pass this unique key to the remote server, then remote server passes it back to me together with the login id, then I create new session and attach shopping cart to it after retrieving shopping cart from the context.
    I hope it will work, however I think there is a standard solution for this type of the problems. Any ideas, hints, suggestions are strongly appreciated.
    We use WebLogic 9.0 and Servlets.

    Do you have a problem keeping track of the shopping cart for a user who is logged in? No, I didn't think so. So give the anonymous user an internal name, just for your own convenience. Then keep track of the shopping cart for the user with that name. You already know how to do that.

  • Edit The Logon Page for anonymous user

    HIII frnds.
    I am working on concept of anonymous user. For this I have created a Anon user group and it is working succesfully . Now i have to design a  Logon page for this group of users.
    Pls anybody help me out , becoz i have no idea that  how to edit a logon page for a particular user .
    Thanks in advance
    regards,
    Mayank Saxena

    Hi
    The portal provides a form of anonymous logon with u2018namedu2019 anonymous users. Named anonymous users are users that exist either in the user data store or as service users. You configure the names of these users in the UME properties. These users are automatically assigned to the group Anonymous Users. You can assign roles containing anonymous content to the users individually or to the group Anonymous Users.
    Here is the reference link request you to go tru:
    http://help.sap.com/erp2005_ehp_03/helpdata/EN/cd/1aad4abcb98c4597f9e395a6b62f43/frameset.htm
    Here is the link for Configuring Anonymous Logon with Named Anonymous Users:
    http://help.sap.com/erp2005_ehp_03/helpdata/EN/cd/1aad4abcb98c4597f9e395a6b62f43/frameset.htm
    Rajnikanth

  • Packaging and Deploying the ADF Application From JDeveloper to weblogic

    Hi,
    I Have Created ADF Project in JDeveloper.
    I had created the EAR file from JDeveloper (from deployment tab) to deploy my project on weblogic server (Other Than Integrated Weblogic Server).
    i have already installed ApplicationDevelopment Runtime (ADR) on weblogic and also extend the domain with JRF.
    but when i try to deploy it on my weblogic it gives me the following exceptions :
    An error occurred during activation of changes, please see the log for details.
    Failed to load webapp: 'My-ViewController-context-root'
    org.apache.myfaces.trinidad.webapp.UIXComponentELTag
    Can anybody help what i am missing ?
    Please Help...

    Hi,
    i have installed the ADF Runtime 11.1.1.5.0_disk1_1of1.
    but when i try to deploy the ADF application it gives me some tags missing exception
    the exception gone when i insert the following jar files :
    trinidad-api-1.2.11.jar
    trinidad-impl-1.2.11.jar
    and application is get deployed successfully.
    but when i try to run the application it gives me following exception
    java.lang.ClassCastException: org.apache.myfaces.trinidadinternal.config.xmlHttp.XmlHttpConfigurator cannot be cast to org.apache.myfaces.trinidad.config.Configurator
         at org.apache.myfaces.trinidadinternal.config.GlobalConfiguratorImpl.init(GlobalConfiguratorImpl.java:366)
         at org.apache.myfaces.trinidadinternal.config.GlobalConfiguratorImpl.beginRequest(GlobalConfiguratorImpl.java:199)
         at org.apache.myfaces.trinidadinternal.config.GlobalConfiguratorImpl.getExternalContext(GlobalConfiguratorImpl.java:304)
         at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$CacheRenderKit.(FacesContextFactoryImpl.java:86)
         at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl.getFacesContext(FacesContextFactoryImpl.java:64)
         at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl.getFacesContext(FacesContextFactoryImpl.java:64)
         at javax.faces.webapp.FacesServlet.service(FacesServlet.java:260)
         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
         at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
         at java.security.AccessController.doPrivileged(Native Method)
         at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
         at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
         at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
         at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
         at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
         at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
         at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    what went wrong...
    i am stuck up here...
    please help.

  • How do I transfer files on the same iMac from one user to another?

    I recently transferred files from my Macbook Pro to my iMac.  Now I have two user profiles on my iMac.  How do I transfer files from one user to the other user on the same iMac?

    Choose Go to Folder from the Finder's Go menu, provide /Users/Shared/ as the path, drag them there, and then to the desired location.
    (115866)

  • How to hide 'Sign In' bar from anonymous users

    Hi guys,
    I am using a custom master page for a site. I want to hide the top white bar which contains the sign in link, for anonymous users; and display the sign in link somewhere else.
    I followed some other questions and wrapped "ms-designer-ribbon"
    in a Security Trim web part, but it still shows the bar for anonymous users.

    You can check the below thread
    http://social.msdn.microsoft.com/Forums/sharepoint/en-US/d06897e5-b36d-4c65-bf77-c6ebc75d4e76/hide-sign-in-link-sharepoint-2013?forum=sharepointdevelopment
    My Blog- http://www.sharepoint-journey.com|
    If a post answers your question, please click Mark As Answer on that post and Vote as Helpful

  • Does the Smart Cover protect the ipad mini from falls

    I have smashed my ipad mini and am getting a new one. I need something to protect the screen from falls and the Smart Cover doesn't look like it will do it?

    The Smart Cover will provide no real protection against falls. Only a case will provide much protection, and then only a case that provides significant padding or other shock protection, cases like the Otterbox models.
    Regards.

  • Hide the Core universe from some user groups - where is SAP?

    We are using BOXI 3.1 and want to hide core universes from the users. We can't use 'deny view objects' on the core universe. If we do so the derived universe can't run. Maybe the problem could be solved if we could make a shorcut to an universe and put this shortcut in another universefolder, but this possibility isn't there.
    Another problem is when using LOVs from the core universe. If you move the derived universe to another folder you won't be able to use the LOVs defined in the core univers because they are placed on the pc in a folder where the core universe is placed and the derived universe doesn't use the LOVs.
    We have a lot of core universes and many derived universes using core universes with different right for group of users. What we want is to create a AccessLevel for each usergroup and asign this to a usergroup and a universefolder and then place the derived universe in theese folders.
    We could do so in 6.5.
    There is a thread about this hiding problem, but this is not answered by SAP.

    Hi Vallabhaneni 
    Thanks for your answer. I think your idea is the way to solve my problem, but I'm not satified with the solution because I have to put all universes in 1 universefolder, and as you mentioned it's time consuming because I must set rights on each universe. Nor is it a safe solution because I can forget to restrict users from using a universe.
    I'd like to have a structure like this
    Top universfolder
          Universe (all universes with View objects denied for all normal users - allowed for designers)
          Basic (shortcut to derived universes that everybody are allowed to see) ACL Basic
          Spec HR (shortcut to derived special universe for HR-group) ACL Basic
          Spec XX (shortcut to another derived special universe for a group of users) ACL Basic
    Usergroups
          Basic (everybody in that group)
          Spec HR (a group of users are also in this group and are allowed to see the universe in Spec HR)
          Spec XX (a group of users are also in this group and are allowed to see the universe in Spec XX)
    Rights
         UG Basic - UNIfolder Basic --> Assigned rights ACL Basic
         UG Spec HR - UNIfolder Spec HR --> Assigned rights ACL Basic
         UG Spec XX - UNIfolder Spec XX --> Assigned rights ACL Basic
    In that way the designers always must import and eksport to Universe and the administrator can give som users access to a special univers by adding them to a SPEC usergroup and remove them from that group if they no longer must see the universes in the special folders.
    I have the same structure on folder where the reports are placed and it will give a minimum of administration.
    The funny thing is that you can use shortcut on reports but not on universes. In 6.5 you can linked universes to a special usergroup and you only need to linked the derived universe.
    I hope SAP will come up with a better solution so i leave the question open, but once again thank you for taking time to reply.

  • Protecting the jar files from being web access

    I have a jnlp file which is put under tomcat webapps folder, say (\webapps\TEST\launch.jnlp), with the jar and lib files put in the subfolder (\webapps\TEST\folder1\*.jar AND \webapps\TEST\folder1\lib\*.jar).
    My question is how can i prevent user from direct access to the jar files via typing http://www.someip.com/TEST/folder1/main.jar ? I tried the following methods but it seemed not working:
    1. Change the folder permisson in \webapps\TEST\*.*, but when user type the above hyperlink they can still get the jar file
    2. put the jar and related files under \WEB-INF\, but now this time running the launch.jnlp, it returns an error saying that it can't access/find the WEB-INF.
    Is there any method? Or should I say, when you published jnlp to web, the related jar files are forced to be accessed by everyone.

    Sounds easy to me: encrypt your xml, then instead of just storing your key as plain bytes do some reversable operations on it (xor masks, reversions, whatever you like), just do them in many different points (and classes) of your code, have some parts done by methods that actually check application is running under JWS with proper codebase, scramble it all, and suddently the whole stealing operation won't be worth the effort. Obviously you should have many private (and package protected) methods, seal packages and so on. Maybe, somehow, you can even use reflection to identify calling classes (not sure, never looked for anything similar).
    What else? write down some c++ code into your own dll/JNI library and make it do something too, so they'll even need to decompile the dll. If you know first execution is always online you can send another xor key and store it with persistence service or write it down to windows registry. You can keep making it harder as much as you like, even just with silly code like
    Math.ceil((new GregorianCalendar.getField(Calendar.YEAR)%2000)/1000)*((int)('c'-'a'))just to retrieve the number 2. If you distribute such code through many lines and methods, once you scramble it, most people will give up.
    Bye.

  • Protecting the attribute value from getting reset!

    Hello all,
    I have attached a custom drop down search help to the attribute "SERVICE_UNIT_NAME" in the "BTPARTNERSET" context node. The drop down list contains a blank entry as well as a couple of other entries, I have placed a create object statement for my search help class in the Getter method "GET_V_SERVICE_UNIT_NAME" while written the following code in the setter method "GET_P_SERVICE_UNIT_NAME" as suggested by one of the esteemed experts here on the forum.
      case iv_property.
        when if_bsp_wd_model_setter_getter=>fp_fieldtype.
             rv_value = cl_bsp_dlc_view_descriptor=>field_type_picklist.
      endcase.
    This drop down list is showing correctly, however my problem is that if the user selects any value from the drop down list, the selected value gets copied to the attribute but when ever the user press an "ENTER KEY" or any other action, the value in the attribute gets initialized to the first value in the drop down list which is a "BLANK" value. I want to preserve the value originally selected by the user from the drop down list, without it being reset by any other user actions on the screen.  Do I need to redefine any other method for this attribute? I'll appreciate any help.
    Regards,

    Naresh and Sumit, many thanks for your valuable inputs however, I have tried your code but I am still facing the same issue, as the attribute value for "SERVICE_UNIT_NAME" is getting refresh every time an "ENTER" is pressed on the page. Let me specify some other detail that may help in understanding this behaviour for the attribute value, actually when on the initial page, user has to enter his phone no / network ID, so that the standard functionality bring about the city, postal code, country etc. so once these values are set in the related attributes, the user will click on the incident button, which brings about a search help (web dialogue) for partner selection, so any value selected, is displayed afterwards in the "SERVICE_UNIT_NAME" attribute on the next page. However, after putting the custom drop down list at the said attribute, the value selected on the previous page is not populating in the attribute and the user can select the value from the custom drop down list now, but once he press "ENTER" or pushes any other button the page, the selected value in the attribute gets initialized. Is there a way to check for the user input?

Maybe you are looking for