X

The blog for hints & tips about Oracle Application Development Framework and Mobile Application Framework

About Entitlement Grants in ADF Security of JDeveloper 11.1.1.4

Frank Nimphius
Master Principal Product Manager

Oracle JDeveloper 11.1.1.4 comes with a new ADF Security feature
called "entitlement grants". This has nothing to do with Oracle
Entitlement Server (OES) but is the ability to group resources into permission
sets so they can be granted with a single grant statement. For example, as good
practices when organizing your projects, you may have grouped your bounded task
flows by functionality and responsibility in sub folders under the WEB-INF
directory. If one of the folders holds bounded task flows that are accessible
to all authenticated users, you may create an entitlement grant allAuthUserBTF and select all bounded
task flows that are accessible for authenticated users as resources. You can then
grant allAuthUserBTF to the authenticated-role so that with only a
single grant statement all selected bounded task flows are protected.


<permission-sets>

        <permission-set>

            <name>PublicBoundedTaskFlows</name>

            <member-resources>

              <member-resource>

                <resource-name>

                     /WEB-INF/public/home-btf.xml#home-btf

                </resource-name>

               
<type-name-ref>TaskFlowResourceType</type-name-ref>

                <display-name> ... </display-name>

                <actions>view</actions>

              </member-resource>

              <member-resource>

                <resource-name>

                        /WEB-INF/public/preferences-btf.xml#preferences-btf

               </resource-name>

                <type-name-ref>TaskFlowResourceType</type-name-ref>

                <display-name>...</display-name>

                <actions>view</actions>

   
          </member-resource>

            </member-resources>

          </permission-set>

  </permission-sets>

The grant statement for this permission set is added as
shown below

<grant>

  <grantee>

    <principals>

       <principal>

            <name>authenticated-role</name>

            <class>oracle.security.jps.internal.core.principals.JpsAuthenticatedRoleImpl</class>

        </principal>

      </principals>

    </grantee>

    <permission-set-refs>

        <permission-set-ref>

           <name>PublicBoundedTaskFlows</name>

        </permission-set-ref>

     </permission-set-refs>

</grant>

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.