I will describe how inside ADF 11g application you can retrieve users assigned to specific security group. My previous post provides information about Oracle OPSS API, this API is used to retrieve security information from WLS Security Provider (it can be Oracle OID or Active Directory) - Fusion Middleware 11g Security - Retrieve Security Groups from ADF 11g. Today I will use information from my previous post and will implement slightly more complex use case with the same Oracle OPSS API.
Download sample application - SecurityGroupsCustomAppRoleUsers.zip. This sample extends previous post functionality and provides list of users assigned to selected security group:
I select another security group, users table is refreshed:
Both tables are based on programmatic VO's. Security groups table row selection event is overridden and invokes Bind Variable setter method for Users VO:
Overridden table row selection method - performs row selection and calls Bind Variable setter method for Users VO:
Setter method gets currently selected security group name and sets it as Bind Variable value for Users VO:
Programmatic Users VO implements executeQueryForCollection method and checks if Bind Variable value is NULL. In case if it is NULL, first row of parent Roles programmatic VO is retrieved to initialize Bind Variable value. Bind Variable is used to filter User VO by selected security group:
Bind Variable value is stored and retrieved from User Data available in Session scope:
Generic VO implementation class contains getUsers method. This method is using Oracle OPSS API to retrieve all users for current security group:
As you can see, first we need to find RoleProfile for current security group. Then we are searching for all direct grantees and retrieving only users (another security group can be grantee as well).