Wednesday 24 September 2014

Consume Secured web service using proxy client in ADF

In last post i have discussed about how to expose Business component as Secured service ADF BC as secured service.It is very common requirement to consume secured web service in ADF applications.In this post i am going to cover the same use case. Now i am going to consume the same service URL as Web Service proxy client in ADF.

Create fusion web application

Right click on model and go to the web service and select Web Service Proxy.




provide the web service URL




 Click on next and select the oracle/wss_username_token_client_policy


Finally Click on next and finish.

This will generate client java class to test the service method. Provide the credentials to service as shown below.

Thanks :) Happy Learning :)

Tuesday 23 September 2014

Expose ADF BC as secured web service

Hello everybody, Today in this post i am going to explain you how to expose ADF Business components as Secured web service (Authentication and authorization).
Create fusion web application and create business components for Employee Table i.e, Entity Object, View Object and Application module.


Next create view criteria based on departmentid as shown below


Now go to application module and create service interface and make sure you select the view criteria as shown below


Next we need to add OWSM policies.

1. oracle/wss_username_token_service_policy (For authentication)
2. oracle/binding_permission_authorization_policy (For authorization)




Open the ApplicationModuleServiceImple.java select "AppModuleServiceImpl" from the structure window and go to property inspector and add the security policies on security attribute.


add the below given security policies.


Now enable security on adf application, Authentication and authorization. In jazn-data.xml, Create user and application role "Managers" and assign the resource to the manager as shown below



You can manually add in jazn-data.xml file as given below
  <jazn-realm default="jazn.com">
    <realm>
      <name>jazn.com</name>
      <users>
        <user>
          <name>user12</name>
          <display-name>user12</display-name>
          <credentials>{903}eQYtnsldQBALw0emi+VoIMG/WFBrGG48</credentials>
        </user>
      </users>
    </realm>
  </jazn-realm>
  <policy-store>
    <applications>
      <application>
        <name>CustomerHistory</name>
        <app-roles>
          <app-role>
            <name>managers</name>
            <class>oracle.security.jps.service.policystore.ApplicationRole</class>
            <members>
              <member>
                <name>user12</name>
                <class>oracle.security.jps.internal.core.principals.JpsXmlUserImpl</class>
              </member>
            </members>
          </app-role>
        </app-roles>
        <resource-types>
          <resource-type>
            <name>WSFunctionPermissionabc</name>
            <display-name>WSFunctionPermissionaa</display-name>
            <matcher-class>oracle.wsm.security.WSFunctionPermissionaaa</matcher-class>
            <actions-delimiter>,</actions-delimiter>
            <actions>invokeaa</actions>
          </resource-type>
        </resource-types>
        <jazn-policy>
          <grant>
            <grantee>
              <principals>
                <principal>
                  <name>managers</name>
                  <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                </principal>
              </principals>
            </grantee>
            <permissions>
              <permission>
                <class>oracle.wsm.security.WSFunctionPermission</class>
                <name>/model/common/AppModuleService#findEmployeesView1EmployeesViewCriteria</name>
                <actions>invoke</actions>
              </permission>
            </permissions>
          </grant>
        </jazn-policy>
      </application>
    </applications>
  </policy-store>
</jazn-data>



Only users whose role is managers can access the view Criteria method. For other users it throws authorization exception.
Deploy and then test the service in Webservice tester.

Thanks :) Happy Learning :)  NK