Domain Portal

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Saturday, 5 July 2008

Declarative Security in JDeveloper/ADF 11g

Posted on 02:02 by Unknown
In JDeveloper 11g, with a help of Oracle ADF framework you can in easy and straightforward way add security to your application. And this way is based on declarative approach, no coding is needed. Main goal of this post is not to describe about how to configure security, but more about how it can be applied in your applications.

Let's take a case when there is a requirement to open the same form in different modes (editable/read-only) for users with different sets of roles assigned. With JDeveloper 11g you can implement this requirement in 3 quick steps. I will describe those steps here, also you can download developed sample application - DeclarativeSecurity.zip. In order to run this sample, you need to have standard HR schema in your database. Additionally, you need to use this system-jazn-data.xml file, where two users are defined - john (managers) and scott (clerks). For both users password - welcome is defined.

Three steps you need to use in order to implement declarative security:

1. Entity Object level security

This step will allow to secure row data. In Entity Object wizard, define Security Operation Mapping. I have secured two standard Actions - Update and Delete for Jobs Entity:


When security options are defined, specify authorization for Jobs Entity. In my sample, I allowed Update and Delete actions only for users with managers role:


2. Page Definition level security

In this step we will secure Actions defined in Page Definition:


Example of Security definition for Delete action:


In Authorization settings, I have specified Delete action availability only for managers role:


3. Expression Language

And last step is to specify using EL, disabled property for button component. This will allow to have button in disabled state, when user is not authorized to perform associated action. EL expression is pointing to Action security in Page Definition:


All 3 steps are explained, now will show how it works. At first, let's login as scott user, this user have clerks role assigned:


Security definition in Entity Object makes row data read-only, since clerks are not allowed to modify it. Delete button also appears disabled:


But, what is nice, when Search Find button is pressed, Oracle ADF automatically puts form into Find mode:


And finally, when entering using john account:


Since john is granted with permission to update and delete existing rows, form appears in edit mode with Save and Delete buttons enabled:

Email ThisBlogThis!Share to XShare to Facebook
Posted in ADF, JDeveloper 11g | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • Groovy - Multiple LOV's per Attribute in JDeveloper 11g
    I was blogging previously about multiple LOV's per attribute functionality. I was using RowImpl class for View object in order to calcu...
  • External Transaction Service in Oracle TopLink
    I have developed sample application, in order to demonstrate how to use External Transaction Service (ETS), when Oracle TopLink is used in M...
  • Workaround for Null Value Bug in ADF List Of Values 11g
    Those of you, who are using List Of Values (LOV) component in ADF 11g, most probably already have noticed bug related to Null value. Simple ...
  • Trip to US
    I'm in US this week, Connecticut. Here is the same weather as in Lithuania, it's winter with about -5 degrees in Celsius.
  • Oracle ADF - between 4GL and J2EE is only one step
    According to ADF architecture described in Oracle JDeveloper 10g (10.1.3) Developer's Guide Section 1.1.1 - Framework Architecture and S...
  • Creating new row using CreateInsert operation
    Sample application - CreateInsert.zip , demonstrates how to create editable table with 'create new row' functionality in ADF BC. We ...
  • Show Buttons based on Disclosed Tab
    In 11g it becomes quite common use case to structure application page with tabbed panels. If you develop your pages based on templates, most...
  • Multilanguage in fixed af:selectOneChoice ADF Faces component
    If someone will face a problem how to enable multilanguage support in fixed af:selectOneChoice component, or simply how to bind fixed af:sel...
  • JDeveloper 11g on Mac OS X Leopard
    I'm using Apple Mac Book Pro for about half of a year, but shame for me all this time I was running Windows OS using Apple Boot Camp so...
  • Why I'm here?
    Oracle for me is more then technology, it is a way how I think. So, I'm creating this blog in order to express my knowledge in Oracle Fu...

Categories

  • ADF
  • Apex
  • Apple
  • BPEL
  • Events
  • Forms
  • Groovy
  • JDeveloper 11g
  • Nomination
  • ODTUG Kaleidoscope
  • OFUG
  • Oracle Magazine
  • Oracle OpenWorld
  • Security
  • SOA
  • Spatial
  • TopLink
  • Traveling
  • Uncategorized
  • Vgo Software
  • Web Services
  • WebCenter
  • WebLogic
  • Workarounds

Blog Archive

  • ▼  2008 (72)
    • ►  December (2)
    • ►  November (3)
    • ►  October (9)
    • ►  September (4)
    • ►  August (9)
    • ▼  July (6)
      • UKOUG 2008 Conference
      • BGOUG Autumn' 2008 Conference
      • ODTUG 2008 Gallery from Frans Thamura
      • Import Functionality in Oracle ADF BC
      • Customizing Applications with MDS - Practical Over...
      • Declarative Security in JDeveloper/ADF 11g
    • ►  June (10)
    • ►  May (4)
    • ►  April (5)
    • ►  March (7)
    • ►  February (5)
    • ►  January (8)
  • ►  2007 (65)
    • ►  December (6)
    • ►  November (7)
    • ►  October (6)
    • ►  September (4)
    • ►  August (3)
    • ►  July (4)
    • ►  June (6)
    • ►  May (5)
    • ►  April (6)
    • ►  March (4)
    • ►  February (5)
    • ►  January (9)
  • ►  2006 (9)
    • ►  December (9)
Powered by Blogger.

About Me

Unknown
View my complete profile