The Oracle ADF Security framework, which is is built on top of the Oracle Platform Security Services (OPSS) architecture, is the preferred technology to provide authentication and authorization services to a Fusion web application. ADF Security implements a Java Authentication and Authorization Service (JAAS) security model. The JAAS model is policy-based since JAAS is built on the existing Java security model and integrates with any JAAS implementation. When you enable ADF Security on a Fusion web application, the application requires an explicit call to the ADF Security framework to authorize access to resources based on user-defined policies.
Before you can persist user customizations across sessions using MDS as the repository, you must configure ADF Security and create users for the application.
To begin, you will launch the Configure ADF Security wizard by choosing Application Secure Configure ADF Security from the main menu.
After using the wizard to select an ADF security model and authentication type, you will define an application role in the application security policy.
Then you will create a user and assign it to the application role you created.
Lastly you will grant the application's bounded task flow access to the application role you created, thereby allowing authorized users of the application to access all web pages defined in the task flow.
Copyright © 1997, 2009, Oracle. All rights reserved.