Professional Documents
Culture Documents
Environment
Jean-Marc Desvaux
ADF EMG
• A place to discuss best practices and
methodologies for JDeveloper ADF enterprise
applications
• Founded mid-2008 by Chris Muir, now 600+
members
• Focus is Fusion Tech Stack (ADF Faces, ADF BC)
• Online forum plus sessions at major Oracle
conferences (OOW, ODTUG, UKOUG, DOAG…)
<presenter,
organisation>
About me
twitter/jmdesvaux jmdesvaux.blogspot.com
Agenda
The GCC Business Case
The Security problem & the approach taken
Setting up the Infrastructure
Enabling ADF Security
Enabling Per Project & Module Security in ADF
Module Security
Manager
OID Group
New Users are added to the Site from HR Employees data by the
Security manager.
Auditing Accesses inside the database and Timesheet cross-
checking (Absent but logged on, not assigned to a Site but still
authorized etc..)
When an employee leaves the company, authorization is
automatically revoked
Ability to do more control as & when needed/decided
Security Data is backed up with Database
Oracle has plans to support Oracle Access Manager in future versions of Oracle Forms 11g.”
Webcache wls1034.gcc.mu:7785
HTTP 11g wls1034.gcc.mu:7777
WebLogic wls1034.gcc.mu:7007
Register the weblogic server URL with webcache port (7785) on the
OID/SSO Server :-
1/.Create a wls_osso.conf file from the ssoreg.sh tool on the OID/SSO infra server .
2/.Replace the Weblogic server webtier osso.conf with the generated file
Jdeveloper creates :
jazn-data.xml: Set security rules & permissions + dev/test
store for testing only (skipped on deployment)
and updates :
web.xml: Set type of Authentication selected.
weblogic.xml : where users are mapped to role (by default
a generic principal (user) is mapped to a Weblogic role “valid-
users” (authenticated user)
adf-config.xml: To indicate that ADF security is enabled &
handled by JPS (Java Platform Security)
Application Roles
ADF application specified role, ADF Authorization are set on these roles.
Enterprise Roles
Roles assigned to the ADF user from the Credential/Identity Store (Oracle
Internet Directory)
GCCCommon Workspace
GCC
adf-extensions gcc-security gcc-template
Libraries
project project Project
Application
Modules GCC Apps …… ……
Workspaces Module
Task Flows
Task Flows …… ……
Workspaces
TaskFlow Workspace
Oracle WebCenter
Application Entry point (Portal) + Customization for tasks shortcuts (Approving Requests etc..)
Improve Application Structure using Catalogs
Content Integration & Web 2.0 features
(ex: Project Site Communications Module extended with Chat/Forum/Workspace)
ADF Mobile
Pervasiveness of our Applications (ex: allowing an approval anywhere on site)
ADF books
http://tinyurl.com/2e7y3zp