Skip to main content

Cloud

Securing Oracle ADF Application with Oracle EBS Authentication and Authorization

Prerequisites :

  1. Download Oracle E-Business Software Development kit for Java Release 11i and 12 pdf and I have downloaded the patch p13882058_R12_GENERIC
  2. Follow the steps given for configuring Apps Data Source on Oracle Web Logic Server (WLS), and creating security realms
  3. Once the Step 2 is completed data source and the security realm is completed. Let us proceed with the ADF Application to implement EBS Security

Fusion Web Application:

  1. Create ADF Fusion web Application with ADF Security with Login.jspx , Success.jspx, and Error.jspx.  Login.jspx will now look like this

2. Next step is to set up Authorization to each page. To setup an Authorization to a page, Page definition should be created first.  For that right click on the page choose Go to Page Definition, a popup will be shown click on Yes. Repeat the same for Success.jspx and Error.jspx

3. The PageDef file will be like this

4. Right click on Login.jspx and choose Edit Authorization

5. Jazn-data.xml file will be opened. Click on Enterprise Role from the left pane and Click on + icon to add new Role. Give the role of the user who should be able to access the ADF Application. Here the user who are mapped to UMX|CDR_DEFINER (you can use the role which are mapped in EBS) will be able to access the application

6. Enter the Role Name , Display Name and Description as shown below

7. Now add the enterprise role we created to the application role. Select Application Role from the left pane, click on + icon to add new Application Role, give the same name as enterprise role. Enter the Role Name, Display Name and Description.

8. In the mappings select + icon and a popup will be opened check the Enterprise role we created in the step 6 and click on Ok.

9. Save your changes

10.Select Resource Grants from the left pane, choose webpage from Resource Type drop down. Now you will be able to see all the three pages we created. You should notice we have Lock symbol in front of all the pages. The Lock symbol indicates that no user has been granted to access the page. To make the user access the page we should add the grants.

11. The Success.jspx should be accessed only if the login is success, in other words, only the user with the Application role mentioned above are granted to access the page. Select Success, Click on + icon in the Granted to section from the popup check the Application role we created and click on ok. Now you notice the key symbol in front of success page, meaning that grants has been given to the page.

12. But the Login page should be accessed by all irrespective of the roles. In the same way click on Add Application role from the popup check anonymous – role and click Ok.

13. Repeat the previous step for Error Page also. We are done! Now right click on Login.jspx and Run

 

14. Below is the doLogin method on click of Login Button

15. Once the incorrect user name and password is given the below error message will be shown

16. On click of Login button after entering a valid user name and password of the user will allow the user to access Success page. The user must be mapped to the role in Oracle EBS to the role mentioned in the Enterprise Role of the ADF Application

17. The user is now granted to access Success Page

Download the sample Application EbsSecurityApp

 

Thoughts on “Securing Oracle ADF Application with Oracle EBS Authentication and Authorization”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Ruckmani Ravichandran

More from this Author

Categories
Follow Us
TwitterLinkedinFacebookYoutubeInstagram