About Entitlement Grants in ADF Security of JDeveloper 11.1.1.4
Posted
by frank.nimphius
on Oracle Blogs
See other posts from Oracle Blogs
or by frank.nimphius
Published on Sun, 16 Jan 2011 01:56:21 +0000
Indexed on
2011/01/16
2:56 UTC
Read the original article
Hit count: 420
ADF Security
Oracle JDeveloper 11.1.1.4 comes with a new ADF Security feature called "entitlement grants". This has nothing to do with Oracle Entitlement Server (OES) but is the ability to group resources into permission sets so they can be granted with a single grant statement. For example, as good practices when organizing your projects, you may have grouped your bounded task flows by functionality and responsibility in sub folders under the WEB-INF directory. If one of the folders holds bounded task flows that are accessible to all authenticated users, you may create an entitlement grant allAuthUserBTF and select all bounded task flows that are accessible for authenticated users as resources. You can then grant allAuthUserBTF to the authenticated-role so that with only a single grant statement all selected bounded task flows are protected.
<permission-sets>
<permission-set>
<name>PublicBoundedTaskFlows</name>
<member-resources>
<member-resource>
<resource-name>
/WEB-INF/public/home-btf.xml#home-btf
</resource-name>
<type-name-ref>TaskFlowResourceType</type-name-ref>
<display-name> ... </display-name>
<actions>view</actions>
</member-resource>
<member-resource>
<resource-name>
/WEB-INF/public/preferences-btf.xml#preferences-btf
</resource-name>
<type-name-ref>TaskFlowResourceType</type-name-ref>
<display-name>...</display-name>
<actions>view</actions>
</member-resource>
</member-resources>
</permission-set>
</permission-sets>
The grant statement for this permission set is added as shown below
<grant>
<grantee>
<principals>
<principal>
<name>authenticated-role</name>
<class>oracle.security.jps.internal.core.principals.JpsAuthenticatedRoleImpl</class>
</principal>
</principals>
</grantee>
<permission-set-refs>
<permission-set-ref>
<name>PublicBoundedTaskFlows</name>
</permission-set-ref>
</permission-set-refs>
</grant>
© Oracle Blogs or respective owner