About Entitlement Grants in ADF Security of JDeveloper 11.1.1.4

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by frank.nimphius on Oracle Blogs See other posts from Oracle Blogs or by frank.nimphius
Published on Sun, 16 Jan 2011 01:56:21 +0000 Indexed on 2011/01/16 2:56 UTC
Read the original article Hit count: 390

Filed under:

Oracle JDeveloper 11.1.1.4 comes with a new ADF Security feature called "entitlement grants". This has nothing to do with Oracle Entitlement Server (OES) but is the ability to group resources into permission sets so they can be granted with a single grant statement. For example, as good practices when organizing your projects, you may have grouped your bounded task flows by functionality and responsibility in sub folders under the WEB-INF directory. If one of the folders holds bounded task flows that are accessible to all authenticated users, you may create an entitlement grant allAuthUserBTF and select all bounded task flows that are accessible for authenticated users as resources. You can then grant allAuthUserBTF to the authenticated-role so that with only a single grant statement all selected bounded task flows are protected.

<permission-sets>
        <permission-set>
            <name>PublicBoundedTaskFlows</name>
            <member-resources>
              <member-resource>
                <resource-name>
                     /WEB-INF/public/home-btf.xml#home-btf
                </resource-name>
                <type-name-ref>TaskFlowResourceType</type-name-ref>
                <display-name> ... </display-name>
                <actions>view</actions>
              </member-resource>
              <member-resource>
                <resource-name>
                        /WEB-INF/public/preferences-btf.xml#preferences-btf
               </resource-name>
                <type-name-ref>TaskFlowResourceType</type-name-ref>

                <display-name>...</display-name>
                <actions>view</actions>
              </member-resource>
            </member-resources>
          </permission-set>
  </permission-sets>

The grant statement for this permission set is added as shown below

<grant>
  <grantee>
    <principals>
       <principal>
            <name>authenticated-role</name>
            <class>oracle.security.jps.internal.core.principals.JpsAuthenticatedRoleImpl</class>
        </principal>
      </principals>
    </grantee>
    <permission-set-refs>
        <permission-set-ref>
           <name>PublicBoundedTaskFlows</name>
        </permission-set-ref>
     </permission-set-refs>
</grant>

© Oracle Blogs or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about ADF Security

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle