Now, if you will run secured Application Module with Oracle Business Component Browser, you will get authentication dialog:
This dialog was raised in previous JDeveloper builds as well, however authentication never was passed, it works now.
You can download my sample application - ADFSecurity.zip. This sample is configured with ADF Security and contains 3 users (all with welcome1 password):
- john (role: clerk)
- susan (role: manager)
- steve (role: developer)
Two roles are authorized to update on entity level - manager and clerk:
Additionally, JobTitle attribute is secured for update action:
This action is authorized only to manager role:
If you will run Application Module with susan (role: manager) user:
All entity attributes will be available for udate:
With john (role: clerk) user:
All attributes except JobTitle can be updated. It happens, because only manager role is authorized to update JobTitle attribute:
If Application Module will be tested with steve (role: developer) user:
User will not be able to update any attribute, since this user is not authorized for update action:
Hi Sir,
ReplyDeleteCould you please help me solve a Jdeveloper query about Toplink. The problem is described here
http://www.club-oracle.com/forums/f14/confuse-with-toplink-t155/
hi Andrejus
ReplyDeleteI have posted a related question on the JDeveloper forum:
" ADF BC Entity Object read security "
http://forums.oracle.com/forums/thread.jspa?threadID=824435
regards
Jan Vervecken
Jan,
ReplyDeleteread access is only on the Entity Object, not the attribute level. To do this on the attribute level, use the viewable property in the binding layer in combination with EL
hi Andrejus,
ReplyDeleteThanks for the article, it's very helpful.
By the way, I have a question:how can I get a value from BC as an anonymous user? In my webcenter login Page I need to show some values that need to be retrieved from BC, but login hasn't been performed yet in that moment. Is there some setting to do on application module, or shall I disable security on it?
Thanks
Matteo
Above solution works fine when all permissions has been granted to resources before deployment. When if an application has thousand of resources and all users and groups/roles are in database. How we can assign resource permissions at run time by using ADF Security layer. I am seeing only programming and EL but ADF Security should provide this feature by using programming.
ReplyDeleteThis is possible. We were implementing custom ADF interface with OPSS API usage to manage ADF Security mappings on runtime. Alternative could be security mapping through Enterprise Manager.
ReplyDeleteRegards,
Andrejus