Implementing ADF Security
By default the in an ADF application the security is not enabled. For people who have worked on Webcenter Application Template would actually notice a difference. As in Webcenter portal application it is enabled by default. But in ADF application you can enable ADF security by following the below screen shots easily. When you enable ADF security in an ADF application a jazn-data.xml file gets created. This file stores all the security related configuration done by the user at the design time. You can create users, groups, roles in this file and then grant permission for the resources such as taskflows, pages etc. When the application is deployed on the weblogic server then the users are created at the server level. Using the ADF security configuration wizard you can also generate the login.html and error.html files as well as configure the welcome/home page after user successfully logins.
All the security related information of the authenticated user can be retrieved from the ADF security context object. This object can be accessed in the managed beans as well as the web pages. To access the object in the web page you would need to use the expression language.
I would also like to share an article on ADF Security from Frank Nimphus. Below is the link for the same:
