Databases Reference
In-Depth Information
web.xml
This file can be found in the
public_html/WEB-INF
folder.
web.xml
is the deployment
descriptor for the enire applicaion. The changes that are made as part of enabling
security are:
The iniializaion parameter
remove.anonymous.role
is set to
false
for the
JpsFilter
filter as this filter is the first filter defined in the file.
Filter mapping for
adfBindings
along with
adfAuthentication
is added.
This is added for the authenicaion servlet.
The servlet and the servlet mapping are added for
adfAuthentication
.
The security constraint is added for the authenicaion servlet so that when
the framework invokes it, authenicaion gets triggered.
weblogic.xml
This ile is used as the deployment descriptor for the web applicaion deployed in
the WebLogic server. The security role is assigned in the
weblogic.xml
file, which
is located in the same folder as that of the
web.xml
file, using the following code:
<security-role-assignment>
<role-name>valid-users</role-name>
<principal-name>users</principal-name>
</security-role-assignment>
adf-config.xml.
The runime coniguraions for the ADF web applicaion are added to this ile. The metadata
for the UI page is configured using
adf-config.xml
. The
JaasSecurityContext
element
is added for the file located in the
.adf/META-INF
folder. The
authorizationEnforce
and
authenticationRequire
opions will be set to
true
for the property using the
following code:
<sec:JaasSecurityContext initialContextFactoryClass="
oracle.adf.share.security.JAASInitialContextFactory"
jaasProviderClass="oracle.adf.share.security.providers.jps.JpsSecurity
Context"authorizationEnforce="true" authenticationRequire="true"/>
jps-config.xml
This file is located in the
src/META-INF
folder. The security service is provided and
the service instances are defined in this file.
Oracle Plaform Security Services
(
OPSS
)
are defined for different security stores.
Credential Store Service Provider
,
Login Module Service Provider
,
XML-based IdStore Provider
,
XML-based
PolicyStore Provider
, and
Anonymous Service Provider
are the service providers
added to the file. Different login modules are added. The equivalent file in the WebLogic
server is used for security.
Search WWH ::
Custom Search