Sunday, 30 August 2015

Enabling ADF Security in a Fusion Web Application

Requirement: The requirement is to enable ADF Security in a Fusion Web Application. Consider I have three pages: loginPage.jsf, homePage.jsf, and errorPage.jsf. On loginPage.jsf, we have two af:inputText to enter Username and Password, and an af:button on click of which it will call login method. If the Username and Password are correct then it will redirect to the homePage.jsf page, else it will redirect to the errorPage.jsf page. On homePage.jsf page we will display the text "Welcome to the homePage". On errorPage.jsf we will display the text "Wrong Username or Password".

Solution: We will use ADF Security to solve the above requirement. For solution of the above requirement follow the below steps:

Step 1: Create an Oracle ADF Fusion Web Application.

Step 2: Create three jsf pages: loginPage.jsf, homePage.jsf, and errorPage.jsf in the ViewController project of our application.

Complete source code for loginPage.jsf page


Complete source code for homePage.jsf page


Complete source code for errorPage.jsf page


Step 3: Write the login method code as shown below:



Step 4: Now we will configure ADF Security to our application.
Click Application --> Secure --> Configure ADF Security as shown below:



On click of Configure ADF Security we will get the "Configure ADF Security - Step 1 of 5" popup as shown below:



Select Security Model as "ADF Authentication and Authorization". Click Next. Thus we will get the below popup.



Select Authentication Type as Form-Based Authentication. Browse and set the Login Page as /faces/loginPage.jsf and Error page as /faces/errorPage.jsf. as shown below:



Click Next. Thus we will get the below popup.



Select Enable automatic policy grants as  No Automatic Grants. Click Next. Thus we will get the below popup.


Check Redirect Upon Successful Authentication. Browser the Welcome Page as  /faces/homePage.jsf as shown below and click Next.


Click the Finish button of the below popup.


Step 5: Now Click on Application --> Secure --> Test Users & Roles. Create new Users called Admin as shown below:


Step 5: Create Enterprise Roles as AdminRole and add the Members as Admin as shown below:


Step 6: Now Click on Application Roles. Create New Application Role as AdminApplicationRole. Add Enterprise Roles as AdminRole in the Mappings tab as shown below:



Step 7: Go to the Resources  Grant tab of the jazn-data.xml file and select the Resource Type as Web Page. Source Project as ViewController.
Now, click the green (+) icon of the Granted To and click Add Application Role. Thus AdminApplicationRole is granted access. Check only view under action as shown below. Please note before that we have to create a page definition file (homePagePageDef.xml) for the homePage.jsf.


Step 8: Save all and run the application. Thus the ran application is shown below:


Step 9: Give Username a Admin and Password as welcome1 and click on Login button as shown below:


Step 10: Thus, on successful login we are directed to homePage.jsf as shown below:


Thus, the solution to our requirement.



Thanks & Regards,
Susanto Paul