First we should take a look, what we can get from Oracle documentation:
- 30.5 Defining ADF Security Policies . Table 30-6 Securable Actions of ADF Page Definitions describes Customize, Edit and Personalize security actions. These actions are used by Oracle WebCenter framework. Customize enables Oracle WebCenter Composer editing with admin privileges. Personalize allows to edit in scope of one user. Edit allows to use Oracle WebCenter Composer for these users granted with Personalize action.
- Step 3: Add ADF Security Policies to Your Application. There is Oracle WebCenter tutorial, where we can read about customization functionality. However, it doesn't work - obviously some configuration steps missing.
- 10.3 Adding Customization Layers to View and Edit Modes: Example. This section describes how to configure Oracle WebCenter Composer for personalization and customization.
- 11.2.3 How to Customize the SessionOptions Object to Include Customization Policy. Finally, you need add ADF Security related configuration for Oracle WebCenter Composer.
My goal today is to join all this information together and provide more hints not described in documentation. Download sample application - PersonalizationCustomization.zip. All examples from this post are based on this sample, you need to have Oracle WebCenter JDeveloper extension installed to run this application.
UserCC class from Oracle documentation contains static user reference scott. I have modified this to retrieve current user name from security context:
As per documentation, I have created all required Java classes to support Edit and View layers:
User customizations and personalizations are enabled to be stored across sessions with MDS. This option is needed to store changes for ADF components, Oracle WebCenter Composer is working without this option as well:
I have change customization class from SiteCC to UserCC, this enables personalization:
Session options factory is class must be configured in adf-config.xml to enable customization:
As per documentation, additionally you need to declare Oracle WebCenter Composer servlet in web.xml.
ADF Security defines two application level roles - admin and customer. Admin role is granted with Customization permission:
Customer role is granted with Personalization permission only:
Session options factory class as per documentation, defines two layers - Edit and View. You can see that Edit layer is applied on global level (its when Oracle WebCenter Composer is invoked to perform customization). View layer is applied on global and user levels (this means each user will see global customizations and their own personalizations):
If Oracle WebCenter Composer is On, Edit layer is enabled, otherwise - View layer:
I have declared two users - scott (admin role) and john (customer role). Now I open application with admin role user scott - it brings blank screen and option to invoke Oracle WebCenter Composer (Edit):
Oracle WebCenter Composer invoked to perform customization visible to all users:
I can add my custom ADF Task Flow with Employees data from extended Resource Catalog:
Through composer we can change visual and layout properties:
Customization is done, user scott can close Oracle WebCenter Composer. Now the same user performs personalization - removes PhoneNumber column from Employees table. This change will not be visible to other users, because it is personalization:
In order to perform personalization on table and column components, you must declare them in tag configuration:
We can see two folders in MDS repository - site and user. All customizations are stored inside site and personalizations inside user. This means customizations will be visible to all users and personalizations per specific user only:
I login as user john and can see Employees table added by user scott (customization), I can see PhoneNumber column as well (because it was user scott personalization):
User john is not allowed to perform customization, only personalization - Oracle WebCenter Composer is disabled for this user. User removes all columns, except FirstName, LastName and PhoneNumber:
As we can expect, this personalizations are not visible for user scott:
Now we take a better look, what Personalize permission means. Let's revoke it from customer role:
We can't personalize anymore elements created by Oracle WebCenter Composer - WebCenter Customizable Components (in a Panel Customizable or Show Detail Frame). There is no option to disclose, resize or delete:
I enable Personalize permission again:
Now user with customer role is able to do personalization and remove Employees table added through Oracle WebCenter Composer customization:
Personalization is successful, however user granted with Personalize permission only is not allowed to invoke Oracle WebCenter Composer and add custom ADF Task Flow from Resource Catalog:
Only user scott, who is granted with Customize permission can do this:
Now I will describe how to apply personalization through Oracle WebCenter Composer, so user who is not granted with Customize permission will be able to invoke Composer as well.
We need to add one more customization layer, this time only UserCC:
I gave Edit Personal Layer name for this layer. Now we need to modify layer switch logic. Edit layer will be initialized only in that case, when current user is granted with admin role. In all other cases, Oracle WebCenter Composer will be opened in Edit Personal Layer - this means personalization will be applied:
In order to open Oracle WebCenter Composer, in addition to Personalize permission, we need to grant Edit permission:
User john, with Personalize and Edit permissions is able to open Oracle WebCenter Composer and perform personalization:
Personalization - Employees table:
John Employees List personalized table:
Because user john was allowed to do only personalization, another user scott will not see any changes:
We know that user scott is allowed to perform customization, let's test how it works. User scott will add the same Employees ADF Task Flow and name it - Global Employee List:
It should be visible for user john as well, because it is customization. Yes, user john can see both tables now - one comes from personalization and another from customization:
If user john, don't want to see global list of employees, he can perform personalization further and remove this customization. It will be removed only for this specific user:
Now user john can see only his personalizations, no global customizations:
As expected, another user scott, can see customizations (even they were removed by user john - personalized):
UserCC class from Oracle documentation contains static user reference scott. I have modified this to retrieve current user name from security context:
As per documentation, I have created all required Java classes to support Edit and View layers:
User customizations and personalizations are enabled to be stored across sessions with MDS. This option is needed to store changes for ADF components, Oracle WebCenter Composer is working without this option as well:
I have change customization class from SiteCC to UserCC, this enables personalization:
Session options factory is class must be configured in adf-config.xml to enable customization:
As per documentation, additionally you need to declare Oracle WebCenter Composer servlet in web.xml.
ADF Security defines two application level roles - admin and customer. Admin role is granted with Customization permission:
Customer role is granted with Personalization permission only:
Session options factory class as per documentation, defines two layers - Edit and View. You can see that Edit layer is applied on global level (its when Oracle WebCenter Composer is invoked to perform customization). View layer is applied on global and user levels (this means each user will see global customizations and their own personalizations):
If Oracle WebCenter Composer is On, Edit layer is enabled, otherwise - View layer:
I have declared two users - scott (admin role) and john (customer role). Now I open application with admin role user scott - it brings blank screen and option to invoke Oracle WebCenter Composer (Edit):
Oracle WebCenter Composer invoked to perform customization visible to all users:
I can add my custom ADF Task Flow with Employees data from extended Resource Catalog:
Through composer we can change visual and layout properties:
Customization is done, user scott can close Oracle WebCenter Composer. Now the same user performs personalization - removes PhoneNumber column from Employees table. This change will not be visible to other users, because it is personalization:
In order to perform personalization on table and column components, you must declare them in tag configuration:
We can see two folders in MDS repository - site and user. All customizations are stored inside site and personalizations inside user. This means customizations will be visible to all users and personalizations per specific user only:
I login as user john and can see Employees table added by user scott (customization), I can see PhoneNumber column as well (because it was user scott personalization):
User john is not allowed to perform customization, only personalization - Oracle WebCenter Composer is disabled for this user. User removes all columns, except FirstName, LastName and PhoneNumber:
As we can expect, this personalizations are not visible for user scott:
Now we take a better look, what Personalize permission means. Let's revoke it from customer role:
We can't personalize anymore elements created by Oracle WebCenter Composer - WebCenter Customizable Components (in a Panel Customizable or Show Detail Frame). There is no option to disclose, resize or delete:
I enable Personalize permission again:
Now user with customer role is able to do personalization and remove Employees table added through Oracle WebCenter Composer customization:
Personalization is successful, however user granted with Personalize permission only is not allowed to invoke Oracle WebCenter Composer and add custom ADF Task Flow from Resource Catalog:
Only user scott, who is granted with Customize permission can do this:
Now I will describe how to apply personalization through Oracle WebCenter Composer, so user who is not granted with Customize permission will be able to invoke Composer as well.
We need to add one more customization layer, this time only UserCC:
I gave Edit Personal Layer name for this layer. Now we need to modify layer switch logic. Edit layer will be initialized only in that case, when current user is granted with admin role. In all other cases, Oracle WebCenter Composer will be opened in Edit Personal Layer - this means personalization will be applied:
In order to open Oracle WebCenter Composer, in addition to Personalize permission, we need to grant Edit permission:
User john, with Personalize and Edit permissions is able to open Oracle WebCenter Composer and perform personalization:
Personalization - Employees table:
John Employees List personalized table:
Because user john was allowed to do only personalization, another user scott will not see any changes:
We know that user scott is allowed to perform customization, let's test how it works. User scott will add the same Employees ADF Task Flow and name it - Global Employee List:
It should be visible for user john as well, because it is customization. Yes, user john can see both tables now - one comes from personalization and another from customization:
If user john, don't want to see global list of employees, he can perform personalization further and remove this customization. It will be removed only for this specific user:
Now user john can see only his personalizations, no global customizations:
As expected, another user scott, can see customizations (even they were removed by user john - personalized):
6 comments:
Hi Andrejus,
This is Srinivasrao Annapareddy working on ADF 11g and Webcenter Portal Stuff.
I am having a different situation here. I need your help if you know anything about that.
Here follows:
1. I have created one Fusion Middle Ware (ADF) project with basic Model and View Controller.
2. I have created one basic task flow with one view (.jsff) in that.
3. I have customized the ADF skins , by adding .CSS file to project folder .
a. Update Trinidad-config.xml file to point my own skin family.
b. Created Trinidad-skins.xml with my own skin family , which is pointed in above file (Trinidad-config.xml).
Up to this point everything is perfect. My customized skins are working good .
After that I made my task flow as ADF Portlet .then the following files are created automatically.
a. Oracle-portlet.xml
b. Portlet.xml
Portlet is working good , I have successfully deployed into web logic and I have even identified my Portlet as WSRP compliance Portlet in Server.
Here is the problem.
Before creating this Portlet entry , ADF customized skins are working good.
After that skins are not working. When I open the .jsff files in Jdeveloper design mode , I can clearly see my customized adf skins are applied . But once I run the application skins are not in effect.
I strongly believe something is conflicted between Portlet entry files and ADF skins files.
I tried to identify what is the problem, but finally I didn’t .
I have attached the basic project here. Just use this project as reference to my problem. Before running the project add WEBCENTER related jars
( I mean in Jdev help -> check for updates - > just update the web center related .)
I would appreciate , if you find any solution for this.
I have de same problem!
When consume wsrp, the application skins are not in effect.
Hi,
I think skinning is not applies on portlet bridge. I was getting same problems.
Andrejus
Very nice post Andrejus.
Hi,
I followed your example but faced issues when deploying my application.
I ve tryed to only make a User personnalization using the UserCC class. I ve created a custom one but when i configured it in the adf-config.xml i had this error when i deployed to a managed server :
oracle.mds.lcm.exception.MDSLCMException: MDS-00035: cannot load the class: com.mhis.webfactory.customiz ation.SiteCC.
at oracle.mds.internal.lcm.deploy.DeployManager.deploy(DeployManager.java:733)
at oracle.mds.internal.lcm.deploy.DeployManager.startDeployment(DeployManager.java:204)
at oracle.mds.internal.lcm.MDSLifecycleListenerImpl.start(MDSLifecycleListenerImpl.java:215)
at oracle.mds.lcm.web
...
Caused by: oracle.mds.config.MDSConfigurationException: MDS-00035: cannot load the class: com.mhis.webfa ctory.customization.SiteCC.
at oracle.mds.config.CustConfig.getCustClassList(CustConfig.java:365)
at oracle.mds.config.CustConfig.loadFromBean(CustConfig.java:277)
at oracle.mds.config.CustConfig.(CustConfig.java:242)
at oracle.mds.config.MDSConfig.loadFromBean(MDSConfig.java:781)
at oracle.mds.config.MDSConfig.loadFromElement(MDSConfig.java:848)
Can you please tell me if you see anything that may cause this.
On a local server the application runs but without portal resource :/
Thanks and regards.
Achinto Banerjee , did you get an answer to your question?
Hi Andrejus,
Currently, I am just using MDS that saves the personalization in xml locally. I noticed that for ADF dynamic table or for column that is created dynamically inside foreach, it doesnt save the columns in the mds customisation xml file.
mds customization file - c18 i s missing which should correspond to the dynamic column (Manage Facility, Site, Line, Line Segment)
jspx related to the display, just to show the component id. In blue is the logic/code for dynamically displaying a column and the dropdown and contents of the dropdown
Thanks,
spidercatte
Post a Comment