Role based oracle adf security and filtering data

Similar Messages

• Oracle ADF security integration with Oracle E-Business Suite SDK JAAS

  I have an Oracle ADF 11.1.2.2 application that is using ADF security for authentication and authorization.
  When we deploy this application to our JDeveloper integrated weblogic server, we utilize the security setting of "Custom" and use weblogic users and roles to map to the ADF application roles. In that environment our security is working properly.
  I have a Weblogic 10.3.5 standalone server that has the ADF runtime installed as well as the Oracle E-Business Suite SDK JAAS implementation installed.
  When I deploy the Oracle ADF application to the standalone weblogic server, I am directed to the JAAS login page when I attempt to access any JSF page (including those that I have granted View access through the anonymous-role. Does the Oracle ADF anonymous-role work (allow for anonymous page access) when JAAS security is handled by the Oracle E-Business Suite SDK JAAS implementation?
  Per the SDK instructions, when we install the Oracle ADF deployment on Weblogic we have selected "DD only" for our security setting. We have defined enterprise roles in the Oracle ADF security setup (jazn-data.xml) that are assigned the appropriate application roles. Those enterprise roles have the same name (i.e. UMX|YOURROLE) as the E-Business Suite roles that are assigned to our test users. When we login with an E-Business Suite user / password we are receiving an error:
  Error 401--Unauthorized
  From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
  10.4.2 401 Unauthorized
  Any thoughts on why that would be?
  Thanks
  Dan

  Thanks Juan.
  With the debugging options enabled it appears the issue is not an issue with the user / role credentials - it seems like the resource grants from jazn-data.xml are not being reviewed in my standalone weblogic instance EAR deployment:
  [JpsAuth] Check Permission
  PolicyContext: [TestApp]
  Resource/Target: [untitled1PageDef]
  Action: [view]
  Permission Class: [oracle.adf.share.security.authorization.RegionPermission]
  Result: [FAILED]
  Evaluator: [ACC]
  Failed ProtectionDomain:ClassLoader=sun.misc.Launcher$AppClassLoader@13f5d07
  CodeSource=file:/app/oracle/product/Middleware/oracle_common/modules/oracle.adf.share_11.1.1/adf-share-support.jar
  Principals=total 2 of principals(
  1. JpsPrincipal: oracle.security.jps.internal.core.principals.JpsAnonymousUserImpl "anonymous" GUID=null DN=null
  2. JpsPrincipal: oracle.security.jps.internal.core.principals.JpsAnonymousRoleImpl "anonymous-role" GUID=null DN=null)
  When I access the same page from my integrated weblogic server I see:
  [JpsAuth] Check Permission
  PolicyContext: [TestApp]
  Resource/Target: [untitled1PageDef]
  Action: [view]
  Permission Class: [oracle.adf.share.security.authorization.RegionPermission]
  Result: [FAILED]
  Evaluator: [ACC]
  Failed ProtectionDomain:ClassLoader=sun.misc.Launcher$AppClassLoader@13f5d07
  CodeSource=file:/app/oracle/product/Middleware/oracle_common/modules/oracle.adf.share_11.1.1/adf-share-support.jar
  Principals=total 2 of principals(
  1. JpsPrincipal: oracle.security.jps.internal.core.principals.JpsAnonymousUserImpl "anonymous" GUID=null DN=null
  2. JpsPrincipal: oracle.security.jps.internal.core.principals.JpsAnonymousRoleImpl "anonymous-role" GUID=null DN=null)
  When I review my EAR - I do see jazn-data.xml at:
  /META-INF/jazn-data.xml
  I will review the system-jazn-data.xml to see if the policy information has been migrated properly as part of the EAR deployment.
  Thanks.
  -Dan

• Oracle ADF Security Login page

  hi.
  I am using oracle ADF 11.1.2.2.0 (oracle Jdevelopr 11g release 2) in my job environment. There are 3000 users working as client level in our company. They have separated user Id and roles. They can change their passwords. There are expiration period for passwords which is handle by in database level. when the employees are going to terminate or retirement , we can control their login status. that mean we change their Active status as a Inactive status. some times we recruit number of emplooyes for cover our business targets. Their User Id also in database table level.
  My main problem is how we can handle number of employees using Oracle ADF security configuration.
  second one is how user can change their passwords.
  Third is how number of employees going to terminate ,handle their Active/Inactive State.
  Fourth one is If we use this Oracle Security system ,project managers or project cordinator or Adminstrator level authenticator must need to deploy time to time war file, because of adding removing users in jazn-data.xml.
  hoping help from you.Thanking for all.

  So, you can define SQLAuthenticator/SQLReadOnlyAuthenticator on Weblogic which will retrieve users from your db table(instead of jazn-data file) to application server.
  Then, in your application you can enable ADF Security and this will generate login page.
  And, this is it :)
  If you need some custom processing before users login to your app, then you can create custom login page and do whatever you want in Java code:
  http://docs.oracle.com/cd/E16162_01/web.1112/e16182/adding_security.htm#BABDEICH
  >
  But 11g has Database connection in Application Resource. Using that connection I need to log to the system using user's User iD and Password
  >
  This connection is valid only in design time. When you deploy your application to application server, then you can include this connection in .ear file, or you can define Data Source on Weblogic(which is better approach).
  To programmatically retreive db connection, you can create utility method in your Application Module.
  Dario

• What are the differences between oracle adf 10g and adf 11g

  Could you please let me know what are the diff b/w oracle adf 10g and 11g, i tried in many user guides but i could not find it.
  Thanks in advance,
  Poli Reddy P

  893771 wrote:
  Hi all,
  I would like to know what the differences between Oracle and other NoSQL database are.
  When and why should we use Oracle?I suggest that you start here:
  http://www.oracle.com/technetwork/database/nosqldb/overview/index.html
  Is Oracle NoSQL database link with Big Data Appliance?Yes, Oracle NoSQL Database will be a component of the Big Data Appliance.
  Can we use map-reduce on a single personal computer? How should we install Oracle NoSQL database to use map reduce on a single personal computer?Yes, I believe you can run M/R on a single computer. Consult the various pieces of documentation available on the web. You may run Oracle NoSQL Database on the same computer that you are running M/R on, but it is likely that they will compete for CPU and IO resources and therefore performance may suffer.
  Do we also have eventual consistency with Oracle NoSQL database? Yes.
  Can we lose data if master node fails?If you run Oracle NoSQL Database with the default (recommended) durability settings, then if the master fails, a new one will be elected and data is not lost.
  Are transactions ACID with Oracle NoSQL database? How can we prove it?Yes, each operation is executed in an ACID transaction. The API has the concept of "multi" operations which allow the caller to perform multiple operations on sets of records with the same major key, but different minor keys. Those operations are also performed within a transaction.
  Charles Lamb

• Oracle ADF Model and BC4J api reference in JDev 10.1.3.03

  Hi
  Where I can find Oracle ADF Model and Business Components API Reference in JDev 10.1.3.03? Maybe it's not ready yet?

  I don't know how up-to-date they are, but the javadoc files are all archived into jar files in the JDeveloper installation at: <jdev-install-dir>\jdev\doc\ohj. Most of the business component interfaces and classes are covered in the bc4jjavadoc.jar. You can either open the index.html file of the jar in JDeveloper and move through the links in the preview pane, or use the jar utility (or other unzipping util) to extract the jar file into your directory structure and then access the html files directly.
  Johnny Lee

• How to store Custom principal in Oracle ADF security Framework

  Hi guys, hope somebody will help me out.
  I am facing the following issue, i need to have a custom principal instance after oracle adf security frame work does authenticate and authorize user.
  My custom principal instance should have per say addition attribute, say clientId. I am using Jdeveloper 11.1.2.4 and i setup weblogic to use ReadOnlySQLAuthenticator(it does most of desired functionality).
  As far as i get it, i would have to implement a custom provider to have a chance to implement a custom LoginModule, so i can set it up to use my custom principal, am i right ? and i am not sure how ReadOnlySQLAuthenticatorImpl that i chose in weblogic is bound to
  DBMSAtnLoginModuleImpl (i mean how does it knows what LoginModule should it use) and if i can , how can i make  ReadOnlySQLAuthenticatorImpl  use my custom LoginModule.
  Sorry if i violated forum rules.

  and i am not sure how ReadOnlySQLAuthenticatorImpl that i chose in weblogic is bound to
  DBMSAtnLoginModuleImpl (i mean how does it knows what LoginModule should it use)
  This info is returned by getLoginModuleConfiguration(): AuthenticationProvider (BEA WebLogic Server 10.0 API Reference)
  Dario

• Is apple working on a fix so it plays nice with internet security and filtering programs?

  Question is in the title.
  The conflict that causes us to disable internet security and filtering programs to get iTunes Store to open. Is that planning on being resolved?

  None of us know, and you won't get an answer from Apple on here. We are users just like you. Although not everyone has problems with that, I know I didn't when I used iTunes on my PC.

• Problem with ADF security and task flow calls

  Hi.
  I am using JDeveloper 11.1.2.0.0.
  I encountered a problem when tried to apply ADF security to my application.
  The way to reproduce the problem:
  1. Create new Fusion Web Application;
  2. Import Business Components from Tables from any existing schema and add at least one table to the ApplicationModule.
  3. Create "welcome page" (for instance, welcome.jsf). Add a button with fixed action outcome "test".
  4. Create test page, for instance, test.jsf. Drag and drop any view object from Data Controls onto the page and create a form with navigation controls. Add a button with fixed action outcome "return".
  5. Create bounded task flow, name it "test", drag and drop our test page on it - the page will be the default activity. Add a task flow return activity. Add a control flow case from the default view activity to the return activity, set From Outcome property to "return". So our return button should cause the task flow to exit.
  6. Open adfc-config.xml in diagram mode and place our welcome page on it. Then drag and drop the test task flow to create a task flow call activity. Add a control flow case from welcome page to task flow call activity, set the From Outcome property to "test". So our test button should call the test task flow.
  7. Configure application to run the unbounded task flow starting with Welcome view activity.
  At this point all works as expected: when application runs, the welcome page is displayed with test button. Pressing the test button results in displaying the test page, return button leads back to the welcome page.
  Now let's configure ADF Security.
  Run the ADF Security configuration wizard, choose ADF Authentication and Authorization.
  On the second page select Form-Based Authentication, check the Generate Default Pages flag.
  On the third page choose No Automatic Grants.
  On the next page keep the Redirect Upon Successful Authentication unchecked. Press Finish.
  Open jazn-data.xml to configure roles, users and resource grants:
  1. Create application role test-role.
  2. Grant the test-role privileges to view the test task flow.
  3. Create user and grant him the test-role.
  Now we have the public available welcome page and the test page with restricted access.
  When application runs, the welcome page is displayed as expected. Pressing the test button redirect us to auto-generated login page. After successful authorization the test page is displayed. But nothing happens if we click now the return button for the first time. When we click the return button once more, the application crushes with Error-500 and message "Target Unreachable, identifier 'bindings' resolved to null". The exact error trace depends on UI control bindings, but looks like this:
  javax.el.PropertyNotFoundException: //C:/Users/DUDKIN/AppData/Roaming/JDeveloper/system11.1.2.0.38.60.17/o.j2ee/drs/Test1/ViewControllerWebApp.war/test.jsf @10,120 value="#{bindings.Id.inputValue}": Target Unreachable, identifier 'bindings' resolved to null
       at com.sun.faces.facelets.el.TagValueExpression.isReadOnly(TagValueExpression.java:122)
       at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer._getUncachedReadOnly(EditableValueRenderer.java:476)
       at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.getReadOnly(EditableValueRenderer.java:390)
       at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.wasSubmitted(EditableValueRenderer.java:345)
       at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.decodeInternal(EditableValueRenderer.java:116)
       at oracle.adfinternal.view.faces.renderkit.rich.LabeledInputRenderer.decodeInternal(LabeledInputRenderer.java:56)
       at oracle.adf.view.rich.render.RichRenderer.decode(RichRenderer.java:342)
       at org.apache.myfaces.trinidad.render.CoreRenderer.decode(CoreRenderer.java:274)
       at org.apache.myfaces.trinidad.component.UIXComponentBase.__rendererDecode(UIXComponentBase.java:1324)
  (the rest of lines skipped).
  Any suggestions?
  Edited by: user13307311 on Apr 16, 2013 11:39 PM

  @Lovin_JV_941794
  The welcome page is public available since it does not have appropriate PageDef file.
  Login page comes not from the welcome page, it comes after attempt to access the test page. So after the login succeeded the test page appears, because redirect to welcome page after successful login is not configured. I do not need to return the welcome page at this moment, I need to go to the test page.
  It seems the task flow call stack to be destroyed after redirect to login page.
  Edited by: user13307311 on Apr 17, 2013 12:45 AM

• ADF security and database

  Hi all,
  I am implementing ADF security on my application and I came across the following Documents:
  1- http://www.oracle.com/technology/products/jdev/howtos/1013/adfsecurity/adfsecurity_10132.html
  2-http://www.oracle.com/technology/products/jdev/howtos/1013/oc4jjaas/oc4j_jaas_login_module.htm
  and I have a few of questions :
  1- in ADF security, the edit authorization options in the PageDef reads the roles (gorups) stored on the system-jazn-data.xml file. If my roles are stored on the Database how can I read them?
  2- In the first document it is said " If the role name in web.xml matches a group name in system-jazn-data.xml, no further mapping is required. If the names do not match, then the web.xml role name needs to be mapped to the name in the system-jazn-data.xml using the orion-application.xml file. ". Can I do the mapping between the system-jazn-data.xml and the Database?
  3-When I assign ADF security permissions on PageDefs, It will be stored in the app-jazn-data.xml file. Can I store/read those permissions from the Database and no the app-jazn-data.xml file or at least can I do some kind of mapping between the Database and this file?
  thanks in advance,
  Ahmad Esbita

  Hi albertpi,
  Thanks for you response. This is our first ADF application.
  We are planning to impliment the security as mentioned above.
  We can configure the LDAP users in Weblogic server.
  We have a page with multiple tables which need to be shown based on the User roles.
  These roles we are planning to define in the table.
  1. I need to show list of users from my LDAP Users on the ADF UI to assign the roles.
  2. We will be defining our list of roles in a database table, which not sure whether they need to map to ADF application security roles.
  Data in table will be something like this.
  User Role
  Admin Tab1
  Admin Tab2
  Admin Tab3
  User1 Tab1
  User2 Tab2
  User2 Tab3
  Once the User is logged in we will read this table to show/hide the respective tabs.
  Can you tell us are we in right path, if yes How to achieve this.
  Thanks,
  Satya

• Oracle ADF Secured App Gives HTTP 401 Error

  I am new to Oracle ADF Framework. I develop on JDeveloper 11g R2 with Weblogic 10.3.5.0. I developed an project like described in a Firebox training video on Youtube link: [http://bit.ly/HT1HZ9] . You can download my project from http://db.tt/Y8J3fj3y
  The video was about creating a custome login page. You have to create login,error anad the target pages. When you try to open target page login page comes then you enter your credentials. After success yoou should be directed to the target page. I used a backing bean to process credentials but instead of redirected to target page the response page gives:
  Error 401--Unauthorized From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1: 10.4.2 401 Unauthorized
  And the weblogic console this error:
  Target URL -- http://127.0.0.1:7101/Deneme-ViewController-context-root/faces/protectedPage.jspx
  <ViewHandlerImpl> <_checkTimestamp> Apache Trinidad is running with time-stamp checking enabled. This should not be used in a production environment. See the org.apache.myfaces.trinidad.CHECK_FILE_MODIFICATION property in WEB-INF/web.xml
  <UIXEditableValue> <_isBeanValidationAvailable> A Bean Validation provider is not present, therefore bean validation is disabled
  <LifecycleImpl> <_handleException> ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase RENDER_RESPONSE 6
  java.lang.IllegalStateException: Cannot forward a response that is already committed
  at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:122)
  at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:546)
  at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
  at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
  at oracle.adfinternal.view.faces.config.rich.RecordRequestAttributesDuringDispatch.dispatch(RecordRequestAttributesDuringDispatch.java:44)
  at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
  at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
  at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
  at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$OverrideDispatch.dispatch(FacesContextFactoryImpl.java:167)
  at com.sun.faces.application.view.JspViewHandlingStrategy.executePageToBuildView(JspViewHandlingStrategy.java:363)
  at com.sun.faces.application.view.JspViewHandlingStrategy.buildView(JspViewHandlingStrategy.java:154)
  at org.apache.myfaces.trinidadinternal.application.ViewDeclarationLanguageFactoryImpl$ChangeApplyingVDLWrapper.buildView(ViewDeclarationLanguageFactoryImpl.java:341)
  at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:982)
  at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:334)
  at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:232)
  at javax.faces.webapp.FacesServlet.service(FacesServlet.java:313)
  at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
  at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:122)
  at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
  at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
  at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
  at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
  at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
  at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
  at java.security.AccessController.doPrivileged(Native Method)
  at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
  at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
  at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
  at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
  at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
  at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
  at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
  at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
  at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  <Apr 18, 2012 3:21:24 PM EEST> <Error> <HTTP> <BEA-101020> <[ServletContext@28001210[app:Deneme module:Deneme-ViewController-context-root path:/Deneme-ViewController-context-root spec-version:2.5]] Servlet failed with Exception
  java.lang.IllegalStateException: Cannot forward a response that is already committed
  at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:122)
  at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:546)
  at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
  at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
  at oracle.adfinternal.view.faces.config.rich.RecordRequestAttributesDuringDispatch.dispatch(RecordRequestAttributesDuringDispatch.java:44)
  Truncated. see log file for complete stacktrace
  >
  <Apr 18, 2012 3:21:24 PM EEST> <Notice> <Diagnostics> <BEA-320068> <Watch 'UncheckedException' with severity 'Notice' on server 'DefaultServer' has triggered at Apr 18, 2012 3:21:24 PM EEST. Notification details:
  WatchRuleType: Log
  WatchRule: (SEVERITY = 'Error') AND ((MSGID = 'WL-101020') OR (MSGID = 'WL-101017') OR (MSGID = 'WL-000802') OR (MSGID = 'BEA-101020') OR (MSGID = 'BEA-101017') OR (MSGID = 'BEA-000802'))
  WatchData: DATE = Apr 18, 2012 3:21:24 PM EEST SERVER = DefaultServer MESSAGE = [ServletContext@28001210[app:Deneme module:Deneme-ViewController-context-root path:/Deneme-ViewController-context-root spec-version:2.5]] Servlet failed with Exception
  java.lang.IllegalStateException: Cannot forward a response that is already committed
  at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:122)
  at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:546)
  at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
  at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
  at oracle.adfinternal.view.faces.config.rich.RecordRequestAttributesDuringDispatch.dispatch(RecordRequestAttributesDuringDispatch.java:44)
  at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
  at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
  at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
  at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$OverrideDispatch.dispatch(FacesContextFactoryImpl.java:167)
  at com.sun.faces.application.view.JspViewHandlingStrategy.executePageToBuildView(JspViewHandlingStrategy.java:363)
  at com.sun.faces.application.view.JspViewHandlingStrategy.buildView(JspViewHandlingStrategy.java:154)
  at org.apache.myfaces.trinidadinternal.application.ViewDeclarationLanguageFactoryImpl$ChangeApplyingVDLWrapper.buildView(ViewDeclarationLanguageFactoryImpl.java:341)
  at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:982)
  at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:334)
  at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:232)
  at javax.faces.webapp.FacesServlet.service(FacesServlet.java:313)
  at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
  at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
  at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
  at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:122)
  at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
  at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
  at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
  at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
  at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
  at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
  at java.security.AccessController.doPrivileged(Native Method)
  at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
  at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
  at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
  at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
  at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
  at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
  at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
  at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
  at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
  at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
  at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  SUBSYSTEM = HTTP USERID = <WLS Kernel> SEVERITY = Error THREAD = [ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)' MSGID = BEA-101020 MACHINE = Metasis-PC TXID = CONTEXTID = 922cea34c05f1394:4758d71c:136c5648195:-8000-0000000000000074 TIMESTAMP = 1334751684128
  WatchAlarmType: AutomaticReset
  WatchAlarmResetPeriod: 30000
  >
  <Apr 18, 2012 3:21:26 PM EEST> <Alert> <Diagnostics> <BEA-320016> <Creating diagnostic image in c:\users\metasis\appdata\roaming\jdeveloper\system11.1.2.1.38.60.81\defaultdomain\servers\defaultserver\adr\diag\ofm\defaultdomain\defaultserver\incident\incdir_39 with a lockout minute period of 1.>
  My backing bean java code:
  public String doLogin() {
  String un = _username;
  byte[] pw = _password.getBytes();
  FacesContext ctx = FacesContext.getCurrentInstance();
  HttpServletRequest request = (HttpServletRequest)ctx.getExternalContext().getRequest();
  Subject mySubject;
  try {
  mySubject = Authentication.login(new URLCallbackHandler(un, pw));
  ServletAuthentication.runAs(mySubject, request);
  ServletAuthentication.generateNewSessionID(request);
  String loginUrl = "/adfAuthentication?success_url=/faces/protectedPage.jspx";
  HttpServletResponse response = (HttpServletResponse)ctx.getExternalContext().getResponse();
  RequestDispatcher dispatcher = request.getRequestDispatcher(loginUrl);
  dispatcher.forward(request, response);
  //response.sendRedirect(loginUrl);
  } catch (FailedLoginException e) {
  FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_ERROR, "Invalid Username or Password", "Invalid Username or Password");
  ctx.addMessage(null, msg);
  } catch (Exception e) {
  e.printStackTrace();
  return null;
  And before the application start there is an interesting error code:
  [03:20:38 PM] Redeploying Application...
  <CodebasePolicyHandler> <migrateDeploymentPolicies> Migration of codebase policy failed. Reason: oracle.security.jps.JpsException: java.lang.reflect.InvocationTargetException.
  <AppPolicyHandler> <migrateAppPolicies> Migration of application policy failed. Reason: oracle.security.jps.JpsException: java.lang.reflect.InvocationTargetException.
  [03:20:55 PM] Application Redeployed Successfully.
  Thanx for the help!

  Hi
  i have created a similar adf project from the same site.
  i am facing the same issue.
  i deleted the anonymous role but i still get the HTTP 404 error
  here is my jazn.data.xml file
  Please help out on this
  <?xml version = '1.0' encoding = 'UTF-8' standalone = 'yes'?>
  <jazn-data xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/jazn-data-11_0.xsd">
  <jazn-realm default="jazn.com">
  <realm>
  <name>jazn.com</name>
  <users>
  <user>
  <name>bob</name>
  <credentials>{903}roINL8sMhkkl2tkXbhufyu80sTkEtEBXt79hzI/P3uI=</credentials>
  </user>
  <user>
  <name>julie</name>
  <credentials>{903}sS25AaE6ZE1B3sqmsWr0DmNcDbY+id0734qTxK6bam8=</credentials>
  </user>
  </users>
  <roles>
  <role>
  <name>managerGroup</name>
  <members>
  <member>
  <type>user</type>
  <name>bob</name>
  </member>
  </members>
  </role>
  </roles>
  </realm>
  </jazn-realm>
  <policy-store>
  <applications>
  <application>
  <name>adf_security</name>
  <app-roles>
  <app-role>
  <name>manager</name>
  <class>oracle.security.jps.service.policystore.ApplicationRole</class>
  <members>
  <member>
  <name>managerGroup</name>
  <class>oracle.security.jps.internal.core.principals.JpsXmlEnterpriseRoleImpl</class>
  </member>
  </members>
  </app-role>
  </app-roles>
  <jazn-policy>
  <grant>
  <grantee>
  <principals>
  <principal>
  <name>manager</name>
  <class>oracle.security.jps.service.policystore.ApplicationRole</class>
  </principal>
  </principals>
  </grantee>
  </grant>
  </jazn-policy>
  </application>
  </applications>
  </policy-store>
  </jazn-data>
  Thenx

• Getting error while invoking ADF Start and End Dates

  Hi,
  I am new to developing ADF Application.
  Into :
  I am developing a search Page which has a select (drop down), startDate and endDate and a 'GO' Button
  when user selects 'data from Drop Down', selects startDate and endDate and Presses 'GO' Button
  Based on the Selected combination of Data i should get the Data.
  Problem :
  I am getting the following Error
  WARNING: JBO-25058: Definition TheStartDate of type Variable not found in FastTelcoQueryTransactionDetailsVO1
  What i have done / doing
  Jspx -
  <af:selectInputDate label="Start Date" value="#{FastTelcoTransactionBean.startDate}"></af:selectInputDate>
  <af:selectInputDate label="End Date" value="#{FastTelcoTransactionBean.endDate}"></af:selectInputDate>
  Bean File
  I am converting the this.startDate and this.endDate (both Date format) (which i have taken startDate & endDate as Dates and Generated Getters & Setters for them ) to String format.
  DateFormat.getDateTimeInstance(DateFormat.SHORT, DateFormat.SHORT).format(this.startDate);
  map.put("_startDate", startDate);
  map.put("_endDate", endDate);
  VOImpl File
  public void getTransStartEndDate(Number transTypeId, String startDate, String endDate)
  TransactionDetailsVOImpl QueryVO = getQueryTransactionDetailsVO1();
  QueryVO.setNamedWhereClauseParam("MstTransTypeId", transTypeId);
  QueryVO.setNamedWhereClauseParam("TheStartDate",_startDate);
  QueryVO.setNamedWhereClauseParam("TheEndDate",_endDate);
  QueryVO.executeQuery();
  BindVariables Used
  TheStartDate - String format
  TheEndDate - String format
  SQL Query in VOIMPL - JDEV
  SELECT DISTINCT
  TransactionDetail.TRANS_TYPE_ID,
  MstTransaction.TRANS_DESC,
  TransactionDetail.TRANSACTION_NUMBER,
  TransactionDetail.CREATOR_NAME,
  TransactionDetail.CREATOR_EMAIL,
  TO_CHAR(TransactionDetail.TRANS_DATE, 'MM/DD/YYYY hh:mm:ss') TRANS_DATE,
  Error.ERROR_SH_MSG,
  Error.ERROR_DETAIL_MSG
  FROM
  TRANSACTION_DETAIL TransactionDetail,
  MST_TRANSACTION MstTransaction,
  ERROR Error
  WHERE
  (TransactionDetail.TRANS_TYPE_ID = MstTransaction.TRANS_TYPE_ID)
  AND (TransactionDetail.ERROR_ID = Error.ERROR_ID)
  AND MstTransaction.TRANS_TYPE_ID=(:MstTransTypeId)
  AND MstTransaction.IS_NOTIFICATION_REQ='Y'
  AND TransactionDetail.TRANS_DATE BETWEEN (TO_DATE((:TheStartDate), 'MM/DD/YYYY')) AND (TO_DATE((:TheEndDate), 'MM/DD/YYYY'))
  order by TRANS_DATE
  NOTE : TheStartDate & TheEndDate are not in Attribute list of JDEV
  i think i made it clear ...
  anybody as a solution or Idea please provide
  Thanx in advance
  regards,
  anvv sharma

  Hi,
  I have started developing the code with the following SQL Query -
  Query 1
  SELECT DISTINCT
  TransactionDetail.TRANS_TYPE_ID,
  MstTransaction.TRANS_DESC,
  TransactionDetail.TRANSACTION_NUMBER,
  TransactionDetail.CREATOR_NAME,
  TransactionDetail.CREATOR_EMAIL,
  TO_CHAR(TransactionDetail.TRANS_DATE, 'MM/DD/YYYY hh:mm:ss') TRANS_DATE,
  Error.ERROR_SH_MSG,
  Error.ERROR_DETAIL_MSG
  FROM
  TRANSACTION_DETAIL TransactionDetail,
  MST_TRANSACTION MstTransaction,
  ERROR Error
  WHERE
  (TransactionDetail.TRANS_TYPE_ID = MstTransaction.TRANS_TYPE_ID)
  AND (TransactionDetail.ERROR_ID = Error.ERROR_ID)
  AND MstTransaction.TRANS_TYPE_ID=(:MstTransTypeId)
  After that there is a change in the Requirement to add "Start Date" and "End Date" with a "Go Button" --> Clicking on this Go Button displays the Data Based on
  "Drop Down" box, "Start Date" & "End Date" --> Corresponding Data is Picked From Database and Displayed....
  Now, i have Updated the VO (From JDEV Design Time) with the latest Updated Query (added Start Date and End Date in the Query),
  also check the Corresponding XML file is also Updated with the latest Query.
  Query 2
  SELECT DISTINCT
  TransactionDetail.TRANS_TYPE_ID,
  MstTransaction.TRANS_DESC,
  TransactionDetail.TRANSACTION_NUMBER,
  TransactionDetail.CREATOR_NAME,
  TransactionDetail.CREATOR_EMAIL,
  TransactionDetail.TRANS_DATE,
  Error.ERROR_SH_MSG,
  Error.ERROR_DETAIL_MSG
  FROM
  TRANSACTION_DETAIL TransactionDetail,
  MST_TRANSACTION MstTransaction,
  ERROR Error
  WHERE
  (TransactionDetail.TRANS_TYPE_ID = MstTransaction.TRANS_TYPE_ID)
  AND (TransactionDetail.ERROR_ID = Error.ERROR_ID)
  AND MstTransaction.TRANS_TYPE_ID=(:MstTransTypeId)
  AND MstTransaction.IS_NOTIFICATION_REQ='Y'
  AND TransactionDetail.TRANS_DATE BETWEEN (TO_DATE((:TheStartDate), 'YYYY-MM-DD')) AND (TO_DATE((:TheEndDate), 'YYYY-MM-DD')) order by TRANS_DATE
  So now at Design Time i have Query 2, but Strangely at RUN Time Query 1 is Excecuting asking for "Start Date" Binding Variable NOT Found (as there is no Start Date Bind Variable in Query 1)
  for this i have to re-Design the required Part...to make it work
  can any body explain why it behaved like this ??
  regards,
  anvv sharma

• Oracle ADF Security

  Dear All,
  we have created some good number of Custom ResourcePermissions in our Oracle ADF 11g Application. we are trying to refer the permissions with wildcard character in jazn-data.xml. The same worked well for taskflows.
  Is there anyway that we can implement wildcard character in custom resource  Permissions ?
  we are calling hasPermission() API to check whether permission exists or not. Currently this method returns false when we configured the resource name in wildcard character.
  For example, actual key - a.b.c.menu
  wild card character we are referring for this key is a.*.*.menu  . The hasPermission() returns false for this case.
  Regards
  Deivee

  Hi,
  more an OPSS question than ADF Security. Anyway, the answer is
  "No wildcard use is supported in a resource permission."
  See:  The OPSS Policy Model - 11g Release 1 (11.1.1)
  Frank

• Difference between Oracle ADF Mobile and Oracle ADF Mobile Client.

  Hi Experts,
  I am new ADF Mobile app development. I found docs for Oracle ADF Mobile here as [http://docs.oracle.com/cd/E35521_01/doc.111230/e24475/toc.htm]. I was following it sequentially.
  But when i searched for achieving offline data , data synchronization and using database for Mobile apps, i got another docs link [http://docs.oracle.com/cd/E23549_01/doc.1111/e14826/toc.htm] which is for Oracle® Fusion Middleware ADF Mobile Client .
  So I got confused which one to prefer over the other..? Both support on device mobile apps.
  do they have any difference over other or data sync & db features are not available for Oracle ADF Mobile..? & available only for Oracle ADF Mobile Client..?
  It would be much helpful if someone could provide clear difference between these two technologies.
  Thanks,
  Praveen S K

  I made a topic and the 'same' question popuped up.
  ( ADF Mobile: Data synchronization )
  In Mobile Client iOS is not supported, in ADF Mobile it is. That's the main difference (in my opinion).

• Oracle ADF UIX and Struts

  Does Oracle ADF UIX use Struts components internally? If yes, Does Oracle Support the issues that arises because this internally used Struts components? (I am using Oracle ADF in my application.
  Thanks,
  Aravind.

  DataForwardAction and DataAction are build on top of struts actions to coordinate ADF databindings and it's life cycle;
  UIX, has xmlns:struts="http://xmlns.oracle.com/uix/struts" this XML namespace has some elements like
  <struts:form> and <struts:messageTextInput> also <struts:dataScope>
  They work like struts jsp tag;
  here a good paper;
  http://download-west.oracle.com/otn_hosted_doc/jdeveloper/904preview/uixhelp/uixdevguide/struts.html
  Marcos Ortega
  Brazil

• Does Studio Creator support Oracle ADF Faces and other components?

  Hi everyone
  According to:
  http://www.oracle.com/technology/products/jdev/htdocs/partners/addins/exchange/jsf/doc/faq.html
  "Although ADF Faces is "vanilla" JSF we have not been able to run with Java Studio Creator Build 04.06.2. We are working with Sun to resolve the issues in Java Studio Creator."
  Does anyone know if Oracle ADF faces now work with Studio Creator and if so which version.
  In addition I am also looking for JSF visualization components. In addition to advanced 3-D graphs (send as PNG to client) I am also looking for components to visualize the structure of a website. These all need to work with Studio Creator.

  Importing 3rd party libraries used to be complicated. The .complib stuff was added precisely to make it easy.
  It does make packaging slightly harder for third party -vendors-, since there's one extra step, but this makes everything easier for (the much larger number of) users of the third party components, since the packaging format specifies a bunch of stuff that we used to have to ask of users when trying to add the jar and associated metadata into the IDE.
  The complib stuff is documented, so if you're producing a 3rd party JSF library, or if you really want to use one that hasn't yet been packaged, you can do the steps yourself.
  See http://wiki.java.net/bin/view/People/EdwinGoei -- the first couple of links describes the process. Yes, we're working with third party vendors to get this done for their component sets, and yes, there's talk with other IDE vendors to standardize all this.
  -- Tor
  http://blogs.sun.com/tor