Deploying an ADF Secure Application using WLS Console

Last week I worked on a requirement from a customer that wanted to understand how to deploy to WLS an application with ADF Security without using JDeveloper. The main question was, what steps where needed in order to set up Enterprise Roles, Security Policies and Application Credentials. In this entry I will explain the steps taken using JDeveloper 11.1.1.2. 0

Requirements:

Instead of building a sample application from scratch, we can use Andrejus 's sample application that contains all the security pieces that we need.

Open and migrate the project. Also make sure you adjust the database settings accordingly.

Creating the EAR file

Review the Security settings of the application by going into the Application -> Secure menu and see that there are two enterprise roles as well as the ADF Policies enforcing security on the main page.

Make sure the Application Module uses the Data Source instead of JDBC URL for its connection type, also take note of the data source name - in my case I have:

java:comp/env/jdbc/HrDS

To facilitate the access to this application once we deploy it. Go to your ViewController project properties select the Java EE Application category and give it a meaningful name to the context root as well to the Application Name

image

Go to the ADFSecurityWL Application properties -> Deployment  and create a new EAR deployment profile. Uncheck the Auto generate and Synchronize weblogic-jdbc.xml Descriptors During Deployment

image

Deploy the application as an EAR file.

Deploying the Application to WLS using the WLS Console

On the WLS console create a JNDI data source. This is the part that I found more tricky of the hole exercise given that the name should match the AM's data source name, however the naming convention that worked for me was

jdbc.HrDS

Now, deploy the application manually by selecting deployments ->Install look for the EAR and follow the default steps.

If this is the firs time you deploy the application, once the deployment finishes you will be asked to Activate Changes on the domain, these changes contain all the security policies and application roles insertion into the WLS instance.

image

Creating Roles and User Groups for the Application

To finish the after-deployment set up, we need to create the groups that are the equivalent of the Enterprise Roles of ADF Security.

imageFor our sample we have two Enterprise Roles employeesApplication and managersApplication. After that, we create the application users and assign them into their respective groups.

Now we can run the application and test the security constraints

image

Comments:

Hi sr,

Excelent post. But, i hava a problem with the deployment of this example.I have this error:

access denied (oracle.security.jps.JpsPermission AppSecurityContext.setApplicationID.null)

Do you have any idea about how to fix this bug?

Posted by Andrés Arias on November 03, 2011 at 08:15 AM PDT #

Hi Andres,

What version of JDeveloper are you using? Please post your question together with a description of your environment on the JDeveloper Forum, https://forums.oracle.com/forums/forum.jspa?forumID=83. We'll follow up in there.

Thanks,

Juan C.

Posted by Juan Ruiz on November 07, 2011 at 09:01 AM PST #

Hi Andres,

Are you fixed the issue. Am also getting the same error. What can i do for solve this issue. Am using Jdev 11g and weblogic server 11g.

java.security.AccessControlException: access denied (oracle.security.jps.JpsPermission AppSecurityContext.setApplicationID.null)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
at java.security.AccessController.checkPermission(AccessController.java:546)

Posted by Prabhu on December 26, 2011 at 08:46 PM PST #

Prabhu,

Check the permissions of your pageDefinition, these kind of errors are most likely related to accessing pages that have not authorization permissions set.

Juan Camilo

Posted by Juan C. Ruiz on December 27, 2011 at 05:17 AM PST #

Hi Juan,

Where can i find the pageDefinition in weblogic 11g. Can you please help with detail pls. Am new to this one.

Thanks,
Prabhu

Posted by Prabhu on December 27, 2011 at 02:18 PM PST #

Post a Comment:
  • HTML Syntax: NOT allowed
About

me
A blog that explores features, tips and tricks of ADF and JDeveloper by Juan Camilo Ruiz, Product Manager on the ADF and JDeveloper team
Follow me:
Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today