Task-flow ADF security on Standalone WLS

Similar Messages

• Role Grants to Bounded Task Flow not Recognized on standalone WLS 10.3

  Jdeveloper 11G Build 1188
  Weblogic 10.3
  I receive this error
  oracle.adf.controller.security.AuthorizationException: ADFC-0619: Authorization check failed: '/WEB-INF/menuflow.xml#menuflow' 'VIEW'.
  This occurs before and after security migration.
  I have spent 4 days on this problem and read and re-read Jdeveloper and Weblogic docs and all the blogs I could find as well as this forum.
  The security works fine using Integated WLS.
  It seems to me that the roles in Jazn and the roles I setup in Weblogic are NOT being associated
  I followed step by step the blogs concerning security migration, weblogic standalone install, weblogic setup as to rolls and groups, etc.
  Before I go through every step I took, I would like to know If anyone has received this error.
  Chuck

  Hi Frank,
  I copied the <jazn-policy> section from the jazn-data.xml to system-jazn-data.xml and it is working
  So as expected something wrong with the migration...I will check what
  Thanks
  Jamil

• Problem while deploying ADF application to standalone WLS server

  Hi,
  I am facing a problem while deploying ADF application to standalone WLS Server.
  Following is the error message that I am getting.
  [07:24:03 PM] ----  Deployment started.  ----
  [07:24:03 PM] Target platform is  (Weblogic 10.3).
  [07:24:07 PM] Retrieving existing application information
  [07:24:08 PM] Running dependency analysis...
  [07:24:08 PM] Building...
  [07:24:13 PM] Deploying 2 profiles...
  [07:24:14 PM] Wrote Web Application Module to D:\WorkSpace3\DashboardUi\deploy\Dashboard.war
  [07:24:14 PM] Wrote Enterprise Application Module to D:\WorkSpace3\deploy\Dashboard.ear
  [07:24:14 PM] Deploying Application...
  [07:24:22 PM] [Deployer:149191]Operation 'deploy' on application 'Dashboard' is initializing on 'msDevServer1'
  [07:24:27 PM] [Deployer:149193]Operation 'deploy' on application 'Dashboard' has failed on 'msDevServer1'
  [07:24:27 PM] [Deployer:149034]An exception occurred for task [Deployer:149026]deploy application Dashboard on msDevServer1.: .
  [07:24:27 PM] Weblogic Server Exception: weblogic.application.ModuleException:
  [07:24:27 PM] Caused by: weblogic.common.ResourceException: DataSource DashboardDb already exists
  [07:24:27 PM]   See server logs or server console for more details.
  [07:24:27 PM] weblogic.application.ModuleException:
  [07:24:27 PM] ####  Deployment incomplete.  ####
  [07:24:27 PM] Remote deployment failed (oracle.jdevimpl.deploy.common.Jsr88RemoteDeployer)Any suggestion how to fix this.
  Thanks
  Ajay

  I logged into console and browsed to 'Home >Summary of JDBC Data Sources' but not able to locate DashboardDb. Please let me know where to find DashboardDB on wls console.
  Also, please let me know how to configure the app to not to auto-deploy JDBC data sources

• ADF11g security in standalone WLS

  Hi ,
  We have a project requirement where security settings can get changed after application deployment. I understand we can add new application roles and secure pages/task flows from WLS console without the need to redeploy the application. In this scenario, since these run time settings in stand alone WLS are not reflected in the jazn.xml of the original application developed in Jdeveloper, how can we make sure that the security changes are not overwritten in the next deployment?
  Regards,
  Rekha

  Hi Rekha,
  In JDeveloper, Application Properties>Deployment, uncheck the Overwrite Application Policies and Credentials. Users and Groups will not be migrated in production instance application server.
  I believe it is necessary to make back-up of those production deployed application policies.
  Regards,
  Pino

• Participate in the same DB Transaction within Human Task Flow ADF screen.

  Functionality:-
  I have a ADF workflow screen generated from a Human Task flow, and for the business reason I run through the ADF Iterator and get the attribute values and persist within a table using an Application Module.
  I am using the Application Module, and creating as below:-
  String amDef = "model.TestAM";
  String config = "AppModuleLocal";
  TestAM service = (TestAM)Configuration.createRootApplicationModule(amDef,config);
  Now, the issue is when I call the saving mechanism within the above AM client interface, it expects a commit, and this transaction doesnt participate in the same transaction as workflow process, so can anyone let me know how to get hold of the transaction handler and make this persistence to participate within the same one workflow transaction.
  Cheers,
  Saran.

  Hi,
  don't see how the transaction can be shared between the two. Any reason you don't use a DataControl for the ADF BC access and instead use client code creating a root application module?
  Frank

• WSRP Portlets in Oracle WebCenter: transforming task flows(ADF) in portlets

  I am doing some research on the portlets offered by WebCenter, but I have some problems related with transferring parameters between them. My idea was to create 2 portlets: a department portlet where I can chose a departmentId which is sent as a parameter to the second portlet, employees, so I will have a table with the corresponding employees from the specified department. These 2 portlets are constructed based on some page flows. The department portlet works fine, but with the employees portlet, I have some problems.
  The JSP page fragment corresponding to the employees has a table based on a ViewObject which has behind him a query based on a bind variable. I have created an EmployeesBean, where I have the method that takes the received parameter and executes the query with this bind variable. Here is the code:
  import javax.el.ELContext;
  import javax.el.ExpressionFactory;
  import javax.el.ValueExpression;
  import javax.faces.application.Application;
  import javax.faces.context.FacesContext;
  import oracle.adf.view.rich.context.AdfFacesContext;
  import oracle.jbo.ApplicationModule;
  import oracle.jbo.Row;
  import oracle.jbo.ViewObject;
  public class EmployeesBean {
  private static final String DEPARTMENT_NUMBER_KEY = "DEPTNO";
  private static final int DEPARTMENT_NUMBER_NULL_VALUE = -1;
  public EmployeesBean() {
  super();
  public void getEmployees(String deptno) {
  System.out.println("enters in getEmployees()");
  int filterDeptno = findDepartmentValue(deptno);
  FacesContext facesContext = FacesContext.getCurrentInstance();
  Application app = facesContext.getApplication();
  ExpressionFactory elFactory = app.getExpressionFactory();
  ELContext elContext = facesContext.getELContext();
  ValueExpression valueExp =
  elFactory.createValueExpression(elContext, "#{data.AppModuleDataControl.dataProvider}",
  Object.class);
  ApplicationModule am = (ApplicationModule)valueExp.getValue(elContext);
  ViewObject emplVO;
  emplVO = am.findViewObject("EmployeesVO1");
  emplVO.setNamedWhereClauseParam("deptno", filterDeptno);
  emplVO.executeQuery();
  Row r = emplVO.first();
  System.out.println(r.getAttribute("FirstName"));
  public void setDepartmentNumber(String deptno) {
  selectDepartment(deptno);
  public void selectDepartment(String deptno) {
  System.out.println("aici e problema");
  AdfFacesContext afContext = AdfFacesContext.getCurrentInstance();
  System.out.println(deptno);
  afContext.getPageFlowScope().put(DEPARTMENT_NUMBER_KEY, deptno);
  public int findDepartmentValue(String defaultValue) {
  AdfFacesContext afContext = AdfFacesContext.getCurrentInstance();
  String deptno =
  (defaultValue == null ? (String)afContext.getPageFlowScope().get(DEPARTMENT_NUMBER_KEY) :
  defaultValue);
  return (deptno == null ? DEPARTMENT_NUMBER_NULL_VALUE :
  Integer.valueOf(deptno));
  I have also dragged on the employees.jsff the getEmployees() method so if I go to page definition I have there a binding, which will determine the getEmployees method to be executed every time an event appears. All this mixed with the departments.jsff works in a .jspx page if I create the Event mapping
  Now I am trying to transform this task flow into a portlet. After I create a portlet entry for the page flow, I need to create a navigational parameter, and I am doing this in the employees.xml:
  <input-parameter-definition>
  <description>Main context parameter</description>
  <display-name>Department Number</display-name>
  <name>deptno</name>
  <value>#{pageFlowScope.contextProvider.departmentNumber}</value>
  <class>java.lang.String</class>
  </input-parameter-definition>
  <managed-bean>
  <managed-bean-name>contextProvider</managed-bean-name>
  <managed-bean-class>view.EmployeesBean</managed-bean-class>
  <managed-bean-scope>pageFlow</managed-bean-scope>
  </managed-bean>
  Everything works fine, but when I am trying to use this as a portlet in a WebCenter application, when I select a department the departmentId is transferred to the employees portlet, the selectDepartment is called, but the getEmployees() is never called(the event is not propagated), so no data is returned in my table. I'm a beginner in portlets and I can't see what the problem is. Can anyone give me some ideas?

  issue is described in Unable To Register EBS WSRP Producer In Webcenter (Doc ID 1567314.1)
  Cause
  The root cause is the current implementation of JOC within Oracle Applications which initiates JOC within the Applications rather than at the J2ee level.
  Bug 9850207 - DOC: PORTLET PROVIDER REGISTRATION ISSUE WITH OACORE PROCESSES > 1
  Solution
  There are two workarounds for the issue described
  1. Reduce number of J2EE OACore (OC4J) porcesses to 1.
  2. Add to the OACore J2ee startup parameters    -Doracle.ias.jcache=true
  Note: This changes have to be done in the Oracle E-Business Suite  portlet producer  installation.

• To Enable ADF Logging on Standalone WLS

  Hi All,
  I have read the following article to enable ADF loggin in my code and testing using JDeveloper:
  http://blogs.oracle.com/groundside/entry/adventures_in_adf_logging_part
  However, now I want to know how can I test it on a standalone server. How to enable fine level trace for my application code on a stanalone(or production) server incase to debug any issue.
  Could you please tell me the steps for this.
  Thanks,
  Lalit.

  If you have the EM (Enterprise Manager) installed on your stand alone WLS (which you should) you can select the managed server your app is running on, select the 'Log Configuration' menu and you should see almost the same representation an in jdev.
  Timo

• Bounded Task Flow is not rendering

  Hi all,
  I am very new to ADF. I have a problem related to bounded task flows. I created bounded task flow with two simple steps like ViewX.jsff and EditX.jsff. Then I created a jsf page and put a splitter into main frame. On the left side of splitter, the master data of X is placed as read-only table. And in the right side of the splitter, I draged and dropped bounded task flow. It is render properly in jdeveloper editor, however when i run the page, bounded task flow is not displayed. I did some solution research about this problem in the forum. I implemented ADF Authentication and Authorization with HTTP Basic Authentication. I dont want a login form. I gave grants to anonymous-role and authenticated-role but it is still not working.
  Indeed, I dont want to implement a security procedure at the moment. However, if i disable security, application throws an error message about permissions. Also, is there a way for running bounded task flow while security is not enabled?
  Jdev Version: 11.1.2.2 JSF 2.0
  Sorry for bad English.
  Regards.
  Anil.

  Hi,
  I have already given grants to Bounded Task Flow. However it is still not displaying when i run the page.
  If i disable security, i am getting the following error log when i run a page with bounded task flow.
  Error 500--Internal Server Error
  java.lang.IllegalStateException
       at oracle.adf.share.security.SecurityContextImpl.createPermissionInstance(SecurityContextImpl.java:854)
       at oracle.adf.share.security.providers.jps.JpsSecurityContext.createPermissionInstance(JpsSecurityContext.java:386)
       at oracle.adf.share.security.binding.BindingPermission.createPermissionInstance(BindingPermission.java:88)
       at oracle.adf.share.security.binding.BindingPermission.hasPermission(BindingPermission.java:93)
       at oracle.adf.model.binding.DCBindingContainer.internalIsViewable(DCBindingContainer.java:3861)
       at oracle.adf.model.binding.DCBindingContainer.isViewable(DCBindingContainer.java:3821)
       at oracle.adf.controller.internal.binding.TaskFlowRegionController.resetViewableFlag(TaskFlowRegionController.java:456)
       at oracle.adf.controller.internal.binding.TaskFlowRegionController.doRegionRefresh(TaskFlowRegionController.java:276)
       at oracle.adf.controller.internal.binding.TaskFlowRegionModel.processBeginRegion(TaskFlowRegionModel.java:124)
       at oracle.adf.view.rich.component.fragment.UIXRegion$RegionContextChange.doChangeImpl(UIXRegion.java:1392)
       at oracle.adf.view.rich.context.DoableContextChange.doChange(DoableContextChange.java:91)
       at oracle.adf.view.rich.component.fragment.UIXRegion._beginInterruptibleRegion(UIXRegion.java:762)
       at oracle.adf.view.rich.component.fragment.UIXRegion.processRegion(UIXRegion.java:525)
       at oracle.adf.view.rich.component.fragment.UIXRegion._preRenderView(UIXRegion.java:1043)
       at oracle.adf.view.rich.component.fragment.UIXRegion.processEvent(UIXRegion.java:1005)
       at oracle.adfinternal.view.faces.lifecycle.PreRenderViewUtils$1.visit(PreRenderViewUtils.java:122)
       at oracle.adfinternal.view.faces.lifecycle.PreRenderViewVisitContext._invokeVisitCallback(PreRenderViewVisitContext.java:152)
       at oracle.adfinternal.view.faces.lifecycle.PreRenderViewVisitContext.invokeVisitCallback(PreRenderViewVisitContext.java:131)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitTree(UIXComponent.java:531)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitTree(UIXComponent.java:354)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitAllChildren(UIXComponent.java:437)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitChildren(UIXComponent.java:415)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitChildren(UIXComponent.java:695)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitTree(UIXComponent.java:558)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitTree(UIXComponent.java:354)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitAllChildren(UIXComponent.java:437)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitChildren(UIXComponent.java:415)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitChildren(UIXComponent.java:695)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitTree(UIXComponent.java:558)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitTree(UIXComponent.java:354)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitAllChildren(UIXComponent.java:437)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitChildren(UIXComponent.java:415)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitChildren(UIXComponent.java:695)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitTree(UIXComponent.java:558)
       at org.apache.myfaces.trinidad.component.UIXComponent.visitTree(UIXComponent.java:354)
       at org.apache.myfaces.trinidad.component.UIXDocument.visitTree(UIXDocument.java:82)
       at javax.faces.component.UIComponent.visitTree(UIComponent.java:1518)
       at oracle.adfinternal.view.faces.lifecycle.PreRenderViewUtils._visit(PreRenderViewUtils.java:110)
       at oracle.adfinternal.view.faces.lifecycle.PreRenderViewUtils.__deliverPreRenderViewEvents(PreRenderViewUtils.java:61)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:997)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:339)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:237)
       at javax.faces.webapp.FacesServlet.service(FacesServlet.java:509)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:125)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
       at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
       at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
       at java.security.AccessController.doPrivileged(Native Method)
       at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
       at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
       at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
       at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
       at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  Caused by: java.lang.reflect.InvocationTargetException
       at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
       at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
       at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
       at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
       at oracle.adf.share.security.SecurityContextImpl.createPermissionInstance(SecurityContextImpl.java:848)
       ... 78 more
  Caused by: java.lang.IllegalArgumentException: Invalid parameter: actions cannot be null
       at oracle.adf.share.security.authorization.ADFPermission.(ADFPermission.java:45)
       at oracle.adf.controller.security.TaskFlowPermission.(TaskFlowPermission.java:42)

• How to control Transaction in task flow ?

  Hi All,
  In Each task flow under behavior tab we have transaction which contains following sub category
  1-Always Begin New Transaction
  2-Always use Existing Transaction
  3-use Existing transaction if possible
  Would any one give me real example which will show the purpose of this things
  Thanks
  Edited by: ADFORCLE on Jan 16, 2012 6:26 PM

  http://one-size-doesnt-fit-all.blogspot.com/2011/05/jdev-11g-task-flows-adf-bc-always-use.html
  http://one-size-doesnt-fit-all.blogspot.com/2011/05/jdev-11g-task-flows-adf-bc-one-root.html

• [JDev TP3] : Abou ADF Security ?

  i tryed to develop application that mange several (assignment/task/project) and using adf security that cofigure users and roles from database BUT i have for every task same types of roles For Example:
  i have
  task A ,task B,task C,.....
  for every task i have roles Manager,Technician,User
  note: the task created from application when i need.
  i know the users for every task from DB users table when i create a task, and i know them roles but how to configure the task in ADF security to determine that this user(Whatever role) for this task?
  can i do like this by ADF Security?

  Hi,
  ADF Security operates on the class level, not the data level. A task is an instance of an Entity (which most likely is task). Now the task might be exposed in a table. On this table ADF Security allows you to set Create, Edit, View, etc. privileges based on a role you are in. This however. So if there is a manager role then this manager can perform the oprations on the iterator or action.
  If a task assigns the manager role to a user just for this task, then ADF Security is not fine grained enough. In this case you need to expose a model (e.g. on the task table) that allows to use EL to get the task and the associated roles/role-holder to then implement the security with EL. Note that JAAS does not have instance specific authorization by design
  Frank

• Task flow with a database not working

  Hi everyone,
  I created a task flow (ADF fusion web application) with a very simple database and a pie chart. When I deploy it and integrate it to my WebCenter portal application, I can see it clearly in my jspx page in the Design view. But when I try to run it, I can't see it on my Web Page OR I have this error message:
  http://s17.postimage.org/4ne8fouwf/Sans_titre.png
  Thanks for your help!

  I know, in fact, I did my task flow with the same steps you do yours in your tutorial on taskflow, but I used a pie chart with data in it instead of a managed bean with login infos. Maybe the problem is with the data, but I don't know how the data is passed from a taskflow to a WebCenter project or even if it is possible. But, I know that the pie chart should be.

• ADF BC 11g, Weblogic 10.3 - Deployment Issue with ADF Security

  Hi all,
  I know there are many many blogs about deployment of an 11g app using ADF Security to a WLS 10.3 server, however, none appear to be working for me.. or I'm not working with them! :P
  I've deployed an .ear file to the WLS 10.3 and this works fine - after following these steps
  http://www.freewebalbum.com/blogs/faces/bjanko/blogs.jsp?blog=bjanko20090127130431
  I then followed Steve's migration technique
  http://www.oracle.com/technology/products/jdev/tips/muench/credmig111100/index.html
  That all built correctly.
  I then tried to access the app via browser, entered in the user cred (created under Security Realms in WLS 10.3 admin console - user and groups).
  I attempted to login, and received an "Error 401--Unauthorized" error.
  I'll that I see in the server log is:
  [JpsWlsFilter.doFilter] setContextID to testApp
  I'm totally stuck, so any ideas would be awesome.
  Cheers,
  chris

  Just gave that a shot.. No dice unfortunately.
  Steve Muench wrote:
  You can omit -DdstApp=DEPLOYAPPNAME if the deployed application name is the same as the source application name you supplied in the -DsrcApp=APPNAME argument.I hate massive code dumping... but this is my jazn-data.xml
  <?xml version = '1.0' encoding = 'UTF-8'?>
  <jazn-data>
     <jazn-realm default="jazn.com">
        <realm>
           <name>jazn.com</name>
           <users>
              <user>
                 <name>system</name>
                 <guid>0300AED0A9A411DD8F304FB2D3E85932</guid>
                 <credentials>{903}G5cbldq4HwMVt/gQpv1lXuNdLYbSu20y</credentials>
              </user>
           </users>
           <roles>
              <role>
                 <name>PlusAdmin</name>
                 <guid>0300AED1A9A411DD8F304FB2D3E85932</guid>
                 <members>
                    <member>
                       <type>user</type>
                       <name>system</name>
                    </member>
                 </members>
              </role>
              <role>
                 <name>PlusUser</name>
                 <guid>0300AED2A9A411DD8F304FB2D3E85932</guid>
                 <members>
                    <member>
                       <type>user</type>
                       <name>system</name>
                    </member>
                 </members>
              </role>
           </roles>
        </realm>
     </jazn-realm>
     <policy-store>
        <applications>
           <application>
              <name>TestApp</name>
              <app-roles>
                 <app-role>
                    <name>PlusAdmin</name>
                    <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                    <members>
                       <member>
                          <class>oracle.security.jps.internal.core.principals.JpsXmlUserImpl</class>
                          <name>system</name>
                       </member>
                    </members>
                 </app-role>
                 <app-role>
                    <name>PlusUser</name>
                    <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                    <members>
                       <member>
                          <class>oracle.security.jps.internal.core.principals.JpsXmlUserImpl</class>
                          <name>system</name>
                       </member>
                    </members>
                 </app-role>
              </app-roles>
              <jazn-policy>
                 <grant>
                    <grantee>
                       <principals>
                          <principal>
                             <class>oracle.security.jps.internal.core.principals.JpsAnonymousRoleImpl</class>
                             <name>anonymous-role</name>
                          </principal>
                       </principals>
                    </grantee>
                    <permissions>
                       <permission>
                          <class>oracle.adf.share.security.authorization.RegionPermission</class>
                          <name>com.delexian.plus.ui.pageDefs.LogonPageDef</name>
                          <actions>view</actions>
                       </permission>
                       <permission>
                          <class>oracle.adf.share.security.authorization.RegionPermission</class>
                          <name>com.delexian.plus.ui.pageDefs.LogonErrorPageDef</name>
                          <actions>view</actions>
                       </permission>
                    </permissions>
                 </grant>
                 <grant>
                    <grantee>
                       <principals>
                          <principal>
                             <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                             <name>PlusAdmin</name>
                          </principal>
                       </principals>
                    </grantee>
                    <permissions>
                       <permission>
                          <class>oracle.adf.share.security.authorization.RegionPermission</class>
                          <name>com.delexian.plus.ui.pageDefs.HomePageDef</name>
                          <actions>customize,edit,grant,personalize,view</actions>
                       </permission>
                    </permissions>
                 </grant>
                 <grant>
                    <grantee>
                       <principals>
                          <principal>
                             <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                             <name>PlusUser</name>
                          </principal>
                       </principals>
                    </grantee>
                    <permissions>
                       <permission>
                          <class>oracle.adf.share.security.authorization.RegionPermission</class>
                          <name>com.delexian.plus.ui.pageDefs.HomePageDef</name>
                          <actions>customize,edit,grant,personalize,view</actions>
                       </permission>
                    </permissions>
                 </grant>
              </jazn-policy>
           </application>
        </applications>
     </policy-store>
     <jazn-policy/>
  </jazn-data>

• Problem with ADF security and task flow calls

  Hi.
  I am using JDeveloper 11.1.2.0.0.
  I encountered a problem when tried to apply ADF security to my application.
  The way to reproduce the problem:
  1. Create new Fusion Web Application;
  2. Import Business Components from Tables from any existing schema and add at least one table to the ApplicationModule.
  3. Create "welcome page" (for instance, welcome.jsf). Add a button with fixed action outcome "test".
  4. Create test page, for instance, test.jsf. Drag and drop any view object from Data Controls onto the page and create a form with navigation controls. Add a button with fixed action outcome "return".
  5. Create bounded task flow, name it "test", drag and drop our test page on it - the page will be the default activity. Add a task flow return activity. Add a control flow case from the default view activity to the return activity, set From Outcome property to "return". So our return button should cause the task flow to exit.
  6. Open adfc-config.xml in diagram mode and place our welcome page on it. Then drag and drop the test task flow to create a task flow call activity. Add a control flow case from welcome page to task flow call activity, set the From Outcome property to "test". So our test button should call the test task flow.
  7. Configure application to run the unbounded task flow starting with Welcome view activity.
  At this point all works as expected: when application runs, the welcome page is displayed with test button. Pressing the test button results in displaying the test page, return button leads back to the welcome page.
  Now let's configure ADF Security.
  Run the ADF Security configuration wizard, choose ADF Authentication and Authorization.
  On the second page select Form-Based Authentication, check the Generate Default Pages flag.
  On the third page choose No Automatic Grants.
  On the next page keep the Redirect Upon Successful Authentication unchecked. Press Finish.
  Open jazn-data.xml to configure roles, users and resource grants:
  1. Create application role test-role.
  2. Grant the test-role privileges to view the test task flow.
  3. Create user and grant him the test-role.
  Now we have the public available welcome page and the test page with restricted access.
  When application runs, the welcome page is displayed as expected. Pressing the test button redirect us to auto-generated login page. After successful authorization the test page is displayed. But nothing happens if we click now the return button for the first time. When we click the return button once more, the application crushes with Error-500 and message "Target Unreachable, identifier 'bindings' resolved to null". The exact error trace depends on UI control bindings, but looks like this:
  javax.el.PropertyNotFoundException: //C:/Users/DUDKIN/AppData/Roaming/JDeveloper/system11.1.2.0.38.60.17/o.j2ee/drs/Test1/ViewControllerWebApp.war/test.jsf @10,120 value="#{bindings.Id.inputValue}": Target Unreachable, identifier 'bindings' resolved to null
       at com.sun.faces.facelets.el.TagValueExpression.isReadOnly(TagValueExpression.java:122)
       at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer._getUncachedReadOnly(EditableValueRenderer.java:476)
       at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.getReadOnly(EditableValueRenderer.java:390)
       at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.wasSubmitted(EditableValueRenderer.java:345)
       at oracle.adfinternal.view.faces.renderkit.rich.EditableValueRenderer.decodeInternal(EditableValueRenderer.java:116)
       at oracle.adfinternal.view.faces.renderkit.rich.LabeledInputRenderer.decodeInternal(LabeledInputRenderer.java:56)
       at oracle.adf.view.rich.render.RichRenderer.decode(RichRenderer.java:342)
       at org.apache.myfaces.trinidad.render.CoreRenderer.decode(CoreRenderer.java:274)
       at org.apache.myfaces.trinidad.component.UIXComponentBase.__rendererDecode(UIXComponentBase.java:1324)
  (the rest of lines skipped).
  Any suggestions?
  Edited by: user13307311 on Apr 16, 2013 11:39 PM

  @Lovin_JV_941794
  The welcome page is public available since it does not have appropriate PageDef file.
  Login page comes not from the welcome page, it comes after attempt to access the test page. So after the login succeeded the test page appears, because redirect to welcome page after successful login is not configured. I do not need to return the welcome page at this moment, I need to go to the test page.
  It seems the task flow call stack to be destroyed after redirect to login page.
  Edited by: user13307311 on Apr 17, 2013 12:45 AM

• ADF Security, Task Flow as a region in a page resource grant

  JDeveloper 12c (12.1.2); Application uses ADF form based security, external LDAP provider (Active Directory)
  After sign-in page (upon successful authentication/authorization) user is forwarded to a page that executes VO method prior to render. I am new to task flow concept and am told to achieve this like:
  - create bounded task flow, with method call activity (execute exposed AM method that calls VO method, runs custom SQL) and view activity as page fragment.
  - then drop the above task flow into a page as a region
  In ADF security setup, I gave resource grant task-flow to certain application role. Started the application, login and got 403 error. Then went back and gave resource grant 'view' to the actual page that contains task flow. It worked fine.
  So the question is, when protecting application (implemented with task flows) with ADF security, I thought it is enough to grant those task flows to whatever application roles (groups) and inherently any page that uses that task flow(s) (as a region) will be protected?
  From this test, it seems that I have to assign each page (that has task flow as a region) to application roles individually?

  Hi,
  any page that is contained in a bounded task flow is protected  by the task flow permission grant, this is correct. If this is not what you see, please file a bug with support or send me a simple reproducible test case please. My mail address (replace all < name > with the described symbol.
  frank <dot> nimphius <at> oracle <dot> com
  The test case will need to be in a ZIP file nemaed to "unzip" and should be able for me to run stand alone (please no database scripts to run prior to try the test case)
  Frank

• Error while deploying the ADF task flow project based on a SOA human task

  Hi,
  I created a SOA project with a BPEL process containing Human task, deployed it and could able to test it successfully. I created ADF task flow project based on the Human task created in the earlier project and tried to deploy it. It is giving the following error. The idea is to display the task details in BPM worklist.
  [04:10:53 PM] [Deployer:149034]An exception occurred for task [Deployer:149026]deploy application RevisionApprovalMgmtTaskFlow [Version=V2.0] on soa_server1.: null.
  [04:10:53 PM] Weblogic Server Exception: weblogic.application.WrappedDeploymentException
  [04:10:53 PM] See server logs or server console for more details.
  [04:10:53 PM] weblogic.application.WrappedDeploymentException
  [04:10:53 PM] #### Deployment incomplete. ####
  [04:10:53 PM] Deployment Failed
  The server log shows this detailed error.
  java.lang.IllegalArgumentException
       at oracle.xml.xpath.JXPathExpression.evaluate(JXPathExpression.java:178)
       at oracle.xml.xpath.JXPath.evaluate(JXPath.java:288)
       at oracle.security.jps.internal.config.xml.XmlConfigurationFactory.initialize(XmlConfigurationFactory.java:425)
       at oracle.security.jps.internal.config.xml.XmlConfigurationFactory.getConfiguration(XmlConfigurationFactory.java:149)
       at oracle.security.jps.internal.config.deploy.CredentialStoreDeployer.getCredentialStore(CredentialStoreDeployer.java:56)
       at oracle.security.jps.wls.listeners.CredentialDeployment.migrate(CredentialDeployment.java:83)
       at oracle.security.jps.wls.listeners.JpsApplicationLifecycleListener.migrateAppCredential(JpsApplicationLifecycleListener.java:137)
       at oracle.security.jps.wls.listeners.JpsApplicationLifecycleListener.preStart(JpsApplicationLifecycleListener.java:78)
       at weblogic.application.internal.flow.BaseLifecycleFlow$PreStartAction.run(BaseLifecycleFlow.java:277)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
       at weblogic.application.internal.flow.BaseLifecycleFlow$LifecycleListenerAction.invoke(BaseLifecycleFlow.java:194)
       at weblogic.application.internal.flow.BaseLifecycleFlow.preStart(BaseLifecycleFlow.java:57)
       at weblogic.application.internal.flow.HeadLifecycleFlow.prepare(HeadLifecycleFlow.java:279)
       at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:609)
       at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:37)
       at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:185)
       at weblogic.application.internal.EarDeployment.prepare(EarDeployment.java:53)
       at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154)
       at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60)
       at weblogic.deploy.internal.targetserver.operations.ActivateOperation.createAndPrepareContainer(ActivateOperation.java:197)
       at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doPrepare(ActivateOperation.java:89)
       at weblogic.deploy.internal.targetserver.operations.AbstractOperation.prepare(AbstractOperation.java:217)
       at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentPrepare(DeploymentManager.java:747)
       at weblogic.deploy.internal.targetserver.DeploymentManager.prepareDeploymentList(DeploymentManager.java:1216)
       at weblogic.deploy.internal.targetserver.DeploymentManager.handlePrepare(DeploymentManager.java:250)
       at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.prepare(DeploymentServiceDispatcher.java:159)
       at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doPrepareCallback(DeploymentReceiverCallbackDeliverer.java:157)
       at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$000(DeploymentReceiverCallbackDeliverer.java:12)
       at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$1.run(DeploymentReceiverCallbackDeliverer.java:45)
       at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:516)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Apart from these, I have Model and View Controller projects in the application. If I create the ADF task flow based on a Human task in another sample application, it works fine. Only in this application, it does not work. Not sure what this error is. Any ideas?
  Thanks,
  Manoj

  What I suggest is go into EM and undeploy this composite and all versions. (Only if you don't want the existing ones). Then redeploy your process. This will avoid the version conflict and create a new version. 1.0. Then the next time you try and deploy you need to either specify a new version or check the box to say the version can be over written.
  cheers
  James