First page Back Continue Last page Graphics

Configure ADF Security Wizard: Enabling ADF Authorization


Notes:

Enabling ADF Authorization

To use the Configure ADF Security Wizard to configure authorization (in addition to authentication) you can select the ADF Authentication and Authorization option on the first page. Then you are presented with an additional wizard page where you specify whether to automatically grant view access on bounded task flows and pages to a special test-all role. This enables you to test your application before creating ADF policy grants because the built-in role anonymous-role is a member of this role. No login is required to access pages that are granted to the test-all role. You can choose one of the following options for automatic grants:

No automatic grants: You must explicitly grant access to bounded task flows and pages.

Existing objects only: View access is granted to the test-all role for existing bounded task flows and pages, but not to new ones.

All objects: View access is granted to the test-all role for both new and existing bounded task flows and pages.

You can rerun the Configure ADF Security Wizard during different stages of application development to enable or disable automatic grants to the test-all application role as desired. If you decide to disable automatic grants, you need to remove the ADF security policies using the overview editor for ADF security policies that you display by double-clicking the jazn-data.xml file in the Application Resources window. The editor displays a check box "Show task flows/web pages with test-all grants only" to enable you to easily locate the test-all application role grants. Click Remove Role (red X) to remove the grants made for testing purposes.