UserName for non ADF secured app

I am struggling to find the appropriate binding to access the logged in user for an 11G worklist application that is not secured by ADF so that I can pass it to a newly introduced service. I've tried several different values and most are unpopulated. ADF documentation leads me to believe the following should work but it is blank as well:
#{data.adfContext.enterpriseName}
I'm currently employing a workaround assessing the worklist systemAttributes.assignees but that doesn't seem to be dynamic through Claim/Release for group activity.
The data input for 'Logged in as' is what I'm really after.
Thanks in advance.

Hi,
in ADF you use #{securityContext.userName}. If the user is not web authenticated, then this however will not return the username. You need to know how worklist is authenticating users and if this is nit with server authentication, where this information is stored in
Frank

Similar Messages

  • Use NitroX for non-Struts web app?

    empty

    Yes, you can import an existing JSP app in the same way you import a Struts
    app. The process is explained in chapter 8 of the Starting Guide.
    Creating new apps is currently limited to Struts. This will be fixed in
    future builds.
    M7 Support
    "Michael Schulz" <[email protected]> wrote in message
    news:40853b94$[email protected]..
    I have an existing (non-Struts) web app that I would like toimport into NitroX - does NitroX support non-Struts apps?
    I tried to create a generic web app, but NitroX seems
    to require a struts-type selection to be made.
    -Mike

  • Oracle ADF Secured App Gives HTTP 401 Error

    I am new to Oracle ADF Framework. I develop on JDeveloper 11g R2 with Weblogic 10.3.5.0. I developed an project like described in a Firebox training video on Youtube link: [http://bit.ly/HT1HZ9] . You can download my project from http://db.tt/Y8J3fj3y
    The video was about creating a custome login page. You have to create login,error anad the target pages. When you try to open target page login page comes then you enter your credentials. After success yoou should be directed to the target page. I used a backing bean to process credentials but instead of redirected to target page the response page gives:
    Error 401--Unauthorized From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1: 10.4.2 401 Unauthorized
    And the weblogic console this error:
    Target URL -- http://127.0.0.1:7101/Deneme-ViewController-context-root/faces/protectedPage.jspx
    <ViewHandlerImpl> <_checkTimestamp> Apache Trinidad is running with time-stamp checking enabled. This should not be used in a production environment. See the org.apache.myfaces.trinidad.CHECK_FILE_MODIFICATION property in WEB-INF/web.xml
    <UIXEditableValue> <_isBeanValidationAvailable> A Bean Validation provider is not present, therefore bean validation is disabled
    <LifecycleImpl> <_handleException> ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase RENDER_RESPONSE 6
    java.lang.IllegalStateException: Cannot forward a response that is already committed
    at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:122)
    at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:546)
    at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
    at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
    at oracle.adfinternal.view.faces.config.rich.RecordRequestAttributesDuringDispatch.dispatch(RecordRequestAttributesDuringDispatch.java:44)
    at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
    at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
    at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
    at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$OverrideDispatch.dispatch(FacesContextFactoryImpl.java:167)
    at com.sun.faces.application.view.JspViewHandlingStrategy.executePageToBuildView(JspViewHandlingStrategy.java:363)
    at com.sun.faces.application.view.JspViewHandlingStrategy.buildView(JspViewHandlingStrategy.java:154)
    at org.apache.myfaces.trinidadinternal.application.ViewDeclarationLanguageFactoryImpl$ChangeApplyingVDLWrapper.buildView(ViewDeclarationLanguageFactoryImpl.java:341)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:982)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:334)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:232)
    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:313)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:122)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
    at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
    at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    <Apr 18, 2012 3:21:24 PM EEST> <Error> <HTTP> <BEA-101020> <[ServletContext@28001210[app:Deneme module:Deneme-ViewController-context-root path:/Deneme-ViewController-context-root spec-version:2.5]] Servlet failed with Exception
    java.lang.IllegalStateException: Cannot forward a response that is already committed
    at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:122)
    at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:546)
    at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
    at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
    at oracle.adfinternal.view.faces.config.rich.RecordRequestAttributesDuringDispatch.dispatch(RecordRequestAttributesDuringDispatch.java:44)
    Truncated. see log file for complete stacktrace
    >
    <Apr 18, 2012 3:21:24 PM EEST> <Notice> <Diagnostics> <BEA-320068> <Watch 'UncheckedException' with severity 'Notice' on server 'DefaultServer' has triggered at Apr 18, 2012 3:21:24 PM EEST. Notification details:
    WatchRuleType: Log
    WatchRule: (SEVERITY = 'Error') AND ((MSGID = 'WL-101020') OR (MSGID = 'WL-101017') OR (MSGID = 'WL-000802') OR (MSGID = 'BEA-101020') OR (MSGID = 'BEA-101017') OR (MSGID = 'BEA-000802'))
    WatchData: DATE = Apr 18, 2012 3:21:24 PM EEST SERVER = DefaultServer MESSAGE = [ServletContext@28001210[app:Deneme module:Deneme-ViewController-context-root path:/Deneme-ViewController-context-root spec-version:2.5]] Servlet failed with Exception
    java.lang.IllegalStateException: Cannot forward a response that is already committed
    at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:122)
    at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:546)
    at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
    at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
    at oracle.adfinternal.view.faces.config.rich.RecordRequestAttributesDuringDispatch.dispatch(RecordRequestAttributesDuringDispatch.java:44)
    at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
    at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
    at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
    at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$OverrideDispatch.dispatch(FacesContextFactoryImpl.java:167)
    at com.sun.faces.application.view.JspViewHandlingStrategy.executePageToBuildView(JspViewHandlingStrategy.java:363)
    at com.sun.faces.application.view.JspViewHandlingStrategy.buildView(JspViewHandlingStrategy.java:154)
    at org.apache.myfaces.trinidadinternal.application.ViewDeclarationLanguageFactoryImpl$ChangeApplyingVDLWrapper.buildView(ViewDeclarationLanguageFactoryImpl.java:341)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:982)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:334)
    at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:232)
    at javax.faces.webapp.FacesServlet.service(FacesServlet.java:313)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
    at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:122)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
    at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
    at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
    at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
    at java.security.AccessController.doPrivileged(Native Method)
    at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
    at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
    at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
    at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
    at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
    at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
    at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
    SUBSYSTEM = HTTP USERID = <WLS Kernel> SEVERITY = Error THREAD = [ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)' MSGID = BEA-101020 MACHINE = Metasis-PC TXID = CONTEXTID = 922cea34c05f1394:4758d71c:136c5648195:-8000-0000000000000074 TIMESTAMP = 1334751684128
    WatchAlarmType: AutomaticReset
    WatchAlarmResetPeriod: 30000
    >
    <Apr 18, 2012 3:21:26 PM EEST> <Alert> <Diagnostics> <BEA-320016> <Creating diagnostic image in c:\users\metasis\appdata\roaming\jdeveloper\system11.1.2.1.38.60.81\defaultdomain\servers\defaultserver\adr\diag\ofm\defaultdomain\defaultserver\incident\incdir_39 with a lockout minute period of 1.>
    My backing bean java code:
    public String doLogin() {
    String un = _username;
    byte[] pw = _password.getBytes();
    FacesContext ctx = FacesContext.getCurrentInstance();
    HttpServletRequest request = (HttpServletRequest)ctx.getExternalContext().getRequest();
    Subject mySubject;
    try {
    mySubject = Authentication.login(new URLCallbackHandler(un, pw));
    ServletAuthentication.runAs(mySubject, request);
    ServletAuthentication.generateNewSessionID(request);
    String loginUrl = "/adfAuthentication?success_url=/faces/protectedPage.jspx";
    HttpServletResponse response = (HttpServletResponse)ctx.getExternalContext().getResponse();
    RequestDispatcher dispatcher = request.getRequestDispatcher(loginUrl);
    dispatcher.forward(request, response);
    //response.sendRedirect(loginUrl);
    } catch (FailedLoginException e) {
    FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_ERROR, "Invalid Username or Password", "Invalid Username or Password");
    ctx.addMessage(null, msg);
    } catch (Exception e) {
    e.printStackTrace();
    return null;
    And before the application start there is an interesting error code:
    [03:20:38 PM] Redeploying Application...
    <CodebasePolicyHandler> <migrateDeploymentPolicies> Migration of codebase policy failed. Reason: oracle.security.jps.JpsException: java.lang.reflect.InvocationTargetException.
    <AppPolicyHandler> <migrateAppPolicies> Migration of application policy failed. Reason: oracle.security.jps.JpsException: java.lang.reflect.InvocationTargetException.
    [03:20:55 PM] Application Redeployed Successfully.
    Thanx for the help!

    Hi
    i have created a similar adf project from the same site.
    i am facing the same issue.
    i deleted the anonymous role but i still get the HTTP 404 error
    here is my jazn.data.xml file
    Please help out on this
    <?xml version = '1.0' encoding = 'UTF-8' standalone = 'yes'?>
    <jazn-data xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/jazn-data-11_0.xsd">
    <jazn-realm default="jazn.com">
    <realm>
    <name>jazn.com</name>
    <users>
    <user>
    <name>bob</name>
    <credentials>{903}roINL8sMhkkl2tkXbhufyu80sTkEtEBXt79hzI/P3uI=</credentials>
    </user>
    <user>
    <name>julie</name>
    <credentials>{903}sS25AaE6ZE1B3sqmsWr0DmNcDbY+id0734qTxK6bam8=</credentials>
    </user>
    </users>
    <roles>
    <role>
    <name>managerGroup</name>
    <members>
    <member>
    <type>user</type>
    <name>bob</name>
    </member>
    </members>
    </role>
    </roles>
    </realm>
    </jazn-realm>
    <policy-store>
    <applications>
    <application>
    <name>adf_security</name>
    <app-roles>
    <app-role>
    <name>manager</name>
    <class>oracle.security.jps.service.policystore.ApplicationRole</class>
    <members>
    <member>
    <name>managerGroup</name>
    <class>oracle.security.jps.internal.core.principals.JpsXmlEnterpriseRoleImpl</class>
    </member>
    </members>
    </app-role>
    </app-roles>
    <jazn-policy>
    <grant>
    <grantee>
    <principals>
    <principal>
    <name>manager</name>
    <class>oracle.security.jps.service.policystore.ApplicationRole</class>
    </principal>
    </principals>
    </grantee>
    </grant>
    </jazn-policy>
    </application>
    </applications>
    </policy-store>
    </jazn-data>
    Thenx

  • Email address as an username for the ADF application login.

    Hi All,
    We have a requirement in our ADF application by creating usernames as an email address .We created an ADF application and deployed on the server by creating some users in the jazn-data.xml in our project code with the users as "admin1","admin2" as the actual requirement is to created the usernames as an email address say example "[email protected]".
    Can we create the user names with the email address as i have created some usernames in the Enterpise Manager as it dosent allow the special characters other thatn "."
    Any help in this highly appreciated.
    Please see the below link
    Re: Email address as an User in ADF application.
    Regards,
    Nagaraju .D

    Nagaraju,
    You can configure the application to use a different security mechanism other than jazn-data.xml (known as the file-based provider). Using something like LDAP or a custom JAAS provider would enable you to do what you want.
    The security documentation for OC4J is [url http://download.oracle.com/docs/cd/E12524_01/web.1013/e12514/toc.htm]here
    John

  • HT1688 Hello, my iphone 4s has  aproblem with the sound. The speaker rings for incoming calls/messages etc. However for non of the apps the speaker sound works anymore. volumebuttons also dont show the volume bar. Anyone has any ideas

    Hello, can anyone help Me? I have a problem with the external speaker of my iphone 4s. It works when i get calls, messages etc but nit for any app. The headphone does still work. The volumebuttons also do not show the regular volume bar. Any ideas please?

    Clean the iPhone charging port with a clean dry toothbrush. Dust or debris is causing iPhone to believe it is in Dock station.

  • Support for non-proprietary secure encrypt&sign format?

    Hi,
    I want to embed data in my application which I have encrypted and signed using strong cryptography, so that the application can verify the data (assuming the application itself doesn't get changed).
    Currently I construct three byte[] arrays:
    1.) DESede encrypted data
    2.) RSA encrypted DESede key
    3.) Signature of unencrypted data using the
    Signature signature = Signature.getInstance("SHA1withRSA")
    signature.initSign(rsaPrivateKey)
    signature.update(unencryptedData)
    I turn each of these three byte[]s into Strings using Base64Coder and then concatenate them ":" separated.
    While this works (I can decrypt and verify the data), the format in which I represent the encrypted and signed data (Base64 encoding and ":" separation) is not any widely used standard and also doesn't contain any metadata about the encryption algorithm used, as would e.g. a gnupg encrypted block.
    So I was wondering, why is there no static method in the JCE that just says
    String or byte[] encrypted = SomeClass.encryptAndSign(data, "RSAwithDESede")
    or something like that, which then encrypts and signs the data according to some standard format? E.g. such that I could then decrypt and verify the data with PGP/GnuPG/OpenSSL/... ?
    Is there any library that does this, and which preferrably provides a simple facade to the complexity of JCE?
    Any help is appreciated - thanks in advance!
    Tobias

    Other standards have addressed this problem. See XML Encryption (http://www.w3.org/Encryption/2001/) and XML Signature (http://www.w3.org/Signature/).
    XML Signature is now a standard component of J2SE 6.0 (http://java.sun.com/javase/6/docs/technotes/guides/security/xmldsig/XMLDigitalSignature.html)

  • How to retrieve ADF security username in PL/SQL?

    I would like to create a database trigger to log the change to a table and would like to catch the username logged in through ADF security setup.
    How do I retrieve this user name (not the database username) in the trigger?
    Thanks,
    Richard

    Richard,
    Welcome to OTN.
    Always mention your jdev and clear usecase (recommended to read this announcement first : https://forums.oracle.com/forums/ann.jspa?annID=56).
    What trigger do you mean? Logged in username for an adf app can be caught using #{securityContext.userName} groovy. You can use this to pass this wherever required. Set this to the place required accordingly, so that you can get it in the trigger.
    -Arun

  • Configuring ADF Security to use LDAP

    HI All
    We are building an application which is secured using SSO authentication. We have an LDAP setup for this.
    During development, we wanted to configure LDAP in ADF Security Wizard in Jdeveloper for authentication. I tried the following in ADF Security Wizard in the 10 steps of the wizard:
    1) Configure ADF for Web Application, enforce Authorization
    2) Enable Credential Store
    3) No Policy Store
    4) LDAP Identity Store
    5) Enter LDAP credentials, LdAp URL, user base
    6) No Anonymous Provider
    7) Did not select any login module
    8) Form Based Authentication, generate default
    9) Added pages that need to be secured
    10) Finish
    The login page is rendered whenever i try to access a protected page. But when I enter the LDAP user credentials for login, it does not work. It says "You are not authorized to view this page".
    Is there anything missing in the setup that is causing the issue. Any pointers on this would be helpful.
    Thanks
    Srinidhi.

    Hi,
    note that there don't exist documentation for configuring ADF Security in JDeveloper 11 with LDAP. In general, ADF Security in JDeveloper 11 is not yet ready for SSO and LDAP testings and still is under development. Note that LDAP authentication - as container managed authentication - is configured in the jps-config.xml file of the deployed application. However, as said, its not documented and would be just too much at this point to put into a forum answer
    Frank

  • Web Center app with ADF Security - login problem

    I have a custome Oracle Web Center app.
    I have a page.html with an embedded login form posting to j_security_check. I've configured the ADF security policies to redirect to a JSPX on successful login.
    When I try the correct username/password, I get redirected not to the page I defined in ADF, but to the root page http://127.0.0.1:7101/MyApp-ViewController-context-root/
    and i get
    Error 403--Forbidden
    I've checked the weblogic.xml as per http://andrejusb.blogspot.com/2009/12/solving-error-403-forbidden-in-adf.html, all the required entries are there.
    This works fine if i use a Login link with
    destination="#{'/adfAuthentication?login=true&amp;end_url=/faces/postLogin.jspx'} "
    which redirects to the default login.html and then to the right page. I've copied the form from the default login.html into my master HTML page.
    Hope my question is clear. Any suggestions why it is going to the wrong URL after login.
    Is there anything specific I should see in the jazn-data.xml or web.xml regarding the post-login URL since i cant see that in either.
    P.S. Have been advised to try here when I originally asked this in the WebCenter forum. Web Center app ADF Security - login problem
    Edited by: new_to_webcenter on 18-Jan-2011 05:25

    Thanks for your response Frank.
    The web.xml has
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>adfAuthentication</web-resource-name>
    <url-pattern>/adfAuthentication</url-pattern>
    </web-resource-collection>
    <auth-constraint>
    <role-name>valid-users</role-name>
    </auth-constraint>
    </security-constraint>
    <login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
    <form-login-page>/login.html</form-login-page>
    <form-error-page>/error.html</form-error-page>
    </form-login-config>
    </login-config>
    When configuring ADF Security via JDev , I chose "Redirect upon successful authentication" to the Welcome Page
    "/faces/postLogin.jspx"
    this then adds into web.xml
    <servlet>
    <servlet-name>adfAuthentication</servlet-name>
    <servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
    <init-param>
    <param-name>success_url</param-name>
    <param-value>/faces/postLogin.jspx</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
    </servlet>
    So the sequence which works is:
    Login via the '/adfAuthentication?login=true&end_url=/faces/postLogin.jspx' and this redirects to login.html (OOTB form which posts to j_security_check) and then to the postLogin.jspx
    I'm trying to do away with a Login link, and trying the simple login form embedded in my page alongwith other content.
    So should the form be posting to j_security_check directly or to the adfAuthentication ?

  • Web Center app ADF Security - login problem

    I'm making an Oracle Web Center app.
    I have an app page.html with an embedded login form posting to j_security_check. I've configured the ADF security policies to redirect to a JSPX on successful login.
    When I try the correct username/password, I get redirected not to the page I defined in ADF, but to the http://127.0.0.1:7101/MyApp-ViewController-context-root/
    and i get
    Error 403--Forbidden
    I've checked the weblogic.xml as per http://andrejusb.blogspot.com/2009/12/solving-error-403-forbidden-in-adf.html, all the entries are there.
    This works fine if i use a Login link with
    destination="#{'/adfAuthentication?login=true&amp;end_url=/faces/postLogin.jspx'} "
    which redirects to the default login.html and then to the right page. I've copied the form from the default login.html into my master HTML page.
    Hope my question is clear. Any suggestions why it is going to the wrong URL after login.
    Is there anything specific I should see in the jazn-data.xml or web.xml regarding the post-login URL since i cant see that in either.

    Ah so when you try to access a JSPX page it works but when you try to access an HTML page it does not work?
    I can't see what the problem could be if it works for a JSPX but not for an HTML. Perhaps something with the filters in the web.xml
    Maybe you should ask this at the ADF forum: JDeveloper and ADF
    The guys there have way more understanding about this stuff than here.

  • ADF Mobile - Security. Serving custom, non-j2ee security policies.

    We are trying to achieve session management across our ADF Mobile app.
    We were hoping to use the ADF Mobile inbuilt security framework.
    However our Mobile App is simply a UI interface to a large Enterprise App which already has a custom security framework(entirely database based) in place.
    The enterprise app exposes RESTful interfaces(JAX-RS-Jersey) for functionality which the mobile app consumes.
    This question has broadly 2 parts to it.
    1. Does ADF Mobile inbuilt security work ONLY with J2ee container managed security realm service?
    2. Can ADF Mobile inbuilt security be made to work with a custom application security framework?
    Following are the challenges we face in dealing with the 2nd question,
    2a. We need to extricate the Username and Password from the request as sent by the ADF Mobile default login page
    2b. Based on the authenticated state(using custom security framework) assign Roles to the user and set the response.
    2c. In the Mobile app use the custom roles to drive UI.
    2d. One of the statements in the documentation says that irrespective of successful or failed login the Springboard will be visible. Can this be prevented?
    2e. Can we maintain session while achieving the last 4?
    Using the following JAX-RS annotations it has been impossible to retrieve any user credentials at our webservice end.
    @Context SecurityContext, @Context HttpServletRequest, @CookieParams,  @HeaderParam

    Hi,
    here's how you do it
    - application roles are defined in jazn-data.xml
    - Write a custom JAAS LoginModule that authenticates against the database
    - Create WLS authentication provider for your JAAS LoginModule and configure it in WLS
    - LoginModule returns principal for user and the user group memberships
    - User logs in via login.jspx
    - WLS authenticates user
    - Security context is updated with user and user roles
    Frank

  • PDF generation for Non English Characters from ADF

    Hi
    We are using below piece of code to generate pdf from ADF Managed bean. It works fine. However for non English Characters(eg. Japanese,Vietnamese,Arabic)  it puts
    I got few blogs
    https://blogs.oracle.com/BIDeveloper/entry/non-english_characters_appears
    However we are not using BI Publisher product . We are using its API's
    Can anyone tell where do we need to setup fonts within ADF or Weblogic or Server ?
    Input Parameters are
    a)xml Data
    b)InputStream  ie rtf Template
    import oracle.apps.xdo.XDOException;
    import oracle.apps.xdo.template.FOProcessor;
    import oracle.apps.xdo.template.RTFProcessor;
        public static byte[] genPdfRep(String pOutFileType,byte[] pXmlOut ,InputStream pTemplate)
            byte[] dataBytes = null;
            try {
                //Process RTF template to convert to XSL-FO format
                RTFProcessor rtfp = new RTFProcessor(pTemplate);
                ByteArrayOutputStream xslOutStream = new ByteArrayOutputStream();
                rtfp.setOutput(xslOutStream);
                rtfp.process();
                //Use XSL Template and Data from the VO to generate report and return the OutputStream of report
                ByteArrayInputStream xslInStream = new ByteArrayInputStream(xslOutStream.toByteArray());
                FOProcessor processor = new FOProcessor();
                ByteArrayInputStream dataStream = new ByteArrayInputStream((byte[])pXmlOut);  
                processor.setData(dataStream);
                processor.setTemplate(xslInStream);
                ByteArrayOutputStream pdfOutStream = new ByteArrayOutputStream();
                processor.setOutput(pdfOutStream);
                byte outFileTypeByte = FOProcessor.FORMAT_PDF;
                processor.setOutputFormat(outFileTypeByte); //FOProcessor.FORMAT_HTML
                processor.generate();
                dataBytes = pdfOutStream.toByteArray();
            } catch (XDOException e) {
                e.printStackTrace();
            return dataBytes;
    Appreciate your help.
    Thanks,
    Abhijit

    Fonts are defined in the template you use to generate the pdf. Your application add the data and both is processed yb the FOP processor. Now there are two possible causes of the '???' :
    1. the data you sent to the template contains the '???' already
    2. the template can't digest the data (the special characters) and puts '???' in the pdf.
    Before going on you have to find out which one is your problem. The 2nd is the problem you better ask this in a FOP forum as you have to solve it by changing the template.
    Timo

  • Error when trying to see pages in webcenter app with adf security activated

    Greetings
    I have this problem
    I developed a WebCenter Application that uses ADF Security with form authentication. This App has
    two JSPX the first one is the login page and the second one is the page where i manage runtime created pages
    using the CREATE PAGE task flow and a page tree iterator to see my created pages.
    when i deploy de application on the weblogic server i am able to login successfully and create as many pages as
    i want and also see them using the link generated. the problem is that when a delete the application from the weblogic
    server, i mean the deployed application, then redeploy the same application on the server i can login again and
    see the pages i created before but when i try to reach them i get this error showed in my internet browser:
    Error 401--Unauthorized
    From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
    10.4.2 401 Unauthorized
    The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46)
    containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization
    header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that
    authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response,
    and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was
    given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained
    in section 11.
    Does anybody now what kind of configuration i am missing or what is happening?
    thanks for your help

    this issue has a solution showed on the this thread Re: ERROR when trying to see pages created with create page task flow

  • Obtain Username from ADF Security with BPM Task Page

    All,
    I have a requirement to obtain the currently logged on user within a BPM task page.
    I log onto either the BPM workspace or our own custom workspace that leverages the BPM Tasklist Taskflow. When navigating from a task in the tasklist, I have attempted to use an ADF EL expression to obtain the current user #{securityContext.userName}. However this seems to return anonymous. I have created a very simple test case and process to prove this, just displaying the user on the screen. However it shows as anonymous. I have done nothing special with either the task page or my workspace application to configure security aspects. Other than the standard ADF security of the custom workspace loggin.
    Does anyone know if this is achievable? (My ADF skills are limited)
    Interestingly, this seems to work fine on some of our 11.1.1.6.3 sever installs but not on others, including my Local Windows install. Therefore it is concidence it works on the servers (Linux).
    Many Thanks for any guidance you can provide
    FYI, The Task actions, task comments etc all record the logged in user correctly. I also reviewed comments in https://blogs.oracle.com/bpmbestpractice/entry/bpm_adf_task_forms_checking
    Regards Dave
    Edited by: DavidGaskell on Dec 1, 2012 12:41 AM

    Hi thanks,
    I'm a little confused so apologies.
    The steps we have followed to date as as follows:
    1) Written our own login page which inplements ADF security to authenticate the user
    2) Integrated the BPM task list task flow into our application as per Oracle docs.
    3) Written a separate application for the task page.
    4) run the application so u log into application, go to task list page, click in a bpm task in task list which launches the custom bpm task page. At this point the security context is anonymous evn though the login page shows the user logged in.
    Therefore are you suggesting I need to add some additional steps to pass the context into the custom page. FYI we have no single sign on implemented.
    I presume the BPM context must be set based on the logged on user as all task actions are performed as the user details are recorded.
    In a simpler scenario I get the same outcome whe using the out the box bpm workspace.
    Rgards Dave

  • What is a good security app for iphone 5s?

    What is a good security app for iphone5s?

    Since Apple is removing the few that managed to get on to the iTunes App Store, it now appears none.
    Why do you think you need one?
    Only jailbroken iPhone have security problems to worry about, so if your iPhone is not jailbroken one is not needed.

Maybe you are looking for

  • Reg: sql query output

    hi All,  select  substr(16878575,1, (length(16878575)-length(substr(16878575, -2,2)))) ||'.' || substr(16878575, -2,2) from dual; output - 168785.75. getting correct output. Can you please let me know is there any other way to do that? thanks in adva

  • Source system info in the transformation

    Hi, How to get the source system information in the transformation or start routines? Is there FM or field which tells what source system the datasource is assigned to in the transformations ? Regards, Kalyan

  • Can I use iPhone 5 in Bangladesh?

    All over the Bangladesh, only sim cards are available for communications but i've heard that iPhone 5 does not work in sim cards. therefore I can not use it in Bangladesh. I want to get a clear idea about this.

  • Popup help window using layeredpane

    what i would like to implement is a window that pops up whenever a user clicks on a button; it will show a bunch of help text (probably an JEditorPane full of HTML). i want it to behave like a popup menu (right click) in that it will disappear when f

  • Having multiple query windows open at once.

    I wasn't sure how to phrase it so after some digging I'm resorting to asking on here. I've been working out of the 'Joes2Pros' series and I work within SMMS with SQL standard installed locally for playing. Most of the time I like to have multiple que