8 Replies Latest reply: Aug 28, 2013 7:11 AM by Michael Shapira RSS

    ADF Security against external source

    Michael Shapira

      HI. I want to manage my users and roles in the custom table in Oracle DB, but still use all security features of ADF. I mean I will not define user and roles in  ADF, but ADF will be able to authenticate against my table and populate all security attributes (e.g #{securityContext.userName}) . Can it be done?

        • 1. Re: ADF Security against external source
          kdario

          You will need to configure authentication provider(probably ReadOnlySQLAuthenticator) in Weblogic server.

          Check Configuring Authentication Providers

          Example: Java / Oracle SOA blog: Using database tables as authentication provider in WebLogic</title><link type='text/cs…

           

          Dario

          • 2. Re: ADF Security against external source
            Michael Shapira

            HI. Thank you for your reply.

            I followed the link and here are the results.

            I created SQLAuthenticator.

            I created a group "EnterpriseAdmin" in WL and also in Enterprise Role in JDev and put it as a memeber of Application Role "AppRole1". Also I defined "test" user in WL

            I asked from wizard to generate HTTP form authentication and generate default login, error and welcome pages.

             

            I was able to do the login to the "test" user and was redirected to the welcome page. Till now, prefrect.

            But when I generated page definition for my "welcome" page (which is jspx page) , after login I get "Error 401--Unauthorized" error.

            I know that my login is OK , because I also tried to implement it programatically following this Oracle doc

            http://docs.oracle.com/cd/E24382_01/web.1112/e16182/adding_security.htm#BABDEICH

            and after I execute

             

            Subject mySubject = Authentication.login(handler);

            System.out.println("I am loged in");

            ServletAuthentication.runAs(mySubject, request);

            ServletAuthentication.generateNewSessionID(request);

            String loginUrl = "/adfAuthentication?success_url=/faces/welcome.jspx";

             

            I do see in the console I am loged in  message.

            I also tried to grant in the jazn.xml the permision to "welcome" page to "AppRole1" , but it didn't help.

            Still "Error 401--Unauthorized" error

             

            Please advice....

             

            P.S. I am on Jdev 11g R2 (11.1.2.3)

            • 3. Re: ADF Security against external source
              kdario

              I created a group "EnterpriseAdmin" in WL and also in Enterprise Role in JDev and put it as a memeber of Application Role "AppRole1". Also I defined "test" user in WL

              Did you assigned "EnterpriseAdmin" group to "test" user in WL?

               

              I also tried to grant in the jazn.xml the permision to "welcome" page to "AppRole1" , but it didn't help.

              What happens when you add "authenticated-role" instead of "AppRole1" ?

              If this works, then you need to check assigned roles, for example you can create new page(without pageDef) and in some button action print assigned roles with:

               

              for(String s: ADFContext.getCurrent().getSecurityContext().getUserRoles()){

                 System.out.println("role: " + s);

              }

               

              Also read this: Oracle ADF: Security for Everyone

               

              Dario

              • 4. Re: ADF Security against external source
                Michael Shapira

                I was able to solve the issue by running the wizard again and choosing "Adf AUthentication" only and not "Adf Authentication and Authrization" and it was defined before.

                SO do I understand correctly and Authrization is not suported by "SQL Authenticator"?

                • 5. Re: ADF Security against external source
                  kdario

                  SO do I understand correctly and Authrization is not suported by "SQL Authenticator"?

                  wrong.

                   

                  WL server authenticator will retrieve users and groups(roles) from some source(ldap, dbms, ...) and authenticate/authorize user against this data.

                  So, first thing to check when you define Authenticator is if your authenticator works correctly.

                  In WL admin console open: security->myrealm->Users and Groups and see if you have users and groups from data source used by authenticator(in your case, db tables).

                  After that, you can use programmatic approach from my previous post to see if roles are correctly mapped to user.

                   

                  If everything is ok, try to skip enterprise roles in jazn-data.xml, just define application role with the same name as group in WL Server and assign this role to your page/taskflow.

                   

                  Dario

                  • 6. Re: ADF Security against external source
                    Michael Shapira

                    I think I found  the problem not the solution.

                    First of all I do see in WL the user "test" and group "EnterpriseAdmin".

                    And of course  "EnterpriseAdmin". assigned to  "test" user.

                    But after I run the login page I go back to WL I  see that "EnterpriseAdmin" group was unassigned from "test" user!!!!!

                    If I assign in again (after the application is loaded , but before I click the login button) I can use the application as I designed it (access the page which is protected by EnterpriseAdmin)

                    But at some point the following error message appears in the Jdeveloper console

                     

                    [Another instance of application Sec3 is running on the server.  JDeveloper will redeploy the application.]

                    [Running application Sec3 on Server Instance IntegratedWebLogicServer...]

                    [07:09:59 AM] Web Module ViewControllerWebApp.war recognized in project ViewController.jpr

                    [07:09:59 AM] ----  Deployment started.  ----

                    [07:09:59 AM] Target platform is  (Weblogic 10.3).

                    [07:09:59 AM] Retrieving existing application information

                    [07:09:59 AM] Running dependency analysis...

                    [07:09:59 AM] Deploying 2 profiles...

                    [07:10:00 AM] Wrote Web Application Module to C:\Users\mshapira04\AppData\Roaming\JDeveloper\system11.1.2.3.39.62.76.1\o.j2ee\drs\Sec3\ViewControllerWebApp.war

                    [07:10:00 AM] Wrote Enterprise Application Module to C:\Users\mshapira04\AppData\Roaming\JDeveloper\system11.1.2.3.39.62.76.1\o.j2ee\drs\Sec3

                    [07:10:00 AM] Redeploying Application...

                    <FeatureUtils> <_resolveFeatures> Ignoring feature-dependency on feature "AdfDvtCommon".  No such feature exists.

                    <FeatureUtils> <_resolveFeatures> Ignoring feature-dependency on feature "AdfDvtCommon".  No such feature exists.

                    <FeatureUtils> <_resolveFeatures> Ignoring feature-dependency on feature "DvtDiagram".  No such feature exists.

                    [07:10:09 AM] Application Redeployed Successfully.

                    [07:10:09 AM] The following URL context root(s) were defined and can be used as a starting point to test your application:

                    [07:10:09 AM] http://10.15.8.180:7501/Sec3-ViewController-context-root

                    [07:10:09 AM] Uploading jazn-data roles.

                    [07:10:09 AM] Removing existing group "EnterpriseAdmin".

                    [07:10:09 AM] Creating group for role "EnterpriseAdmin".

                    [07:10:09 AM] Elapsed time for deployment:  10 seconds

                    [07:10:09 AM] ----  Deployment finished.  ----

                    Run startup time: 9784 ms.

                    [Application Sec3 deployed to Server Instance IntegratedWebLogicServer]

                     

                     

                    Target URL -- http://127.0.0.1:7501/Sec3-ViewController-context-root/login.html

                    <Aug 28, 2013 7:10:16 AM EDT> <Warning> <Socket> <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:65,365 during the configured idle timeout of 5 secs>

                    <Aug 28, 2013 7:10:16 AM EDT> <Warning> <Socket> <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:65,362 during the configured idle timeout of 5 secs>

                    <Aug 28, 2013 7:10:16 AM EDT> <Warning> <Socket> <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:65,361 during the configured idle timeout of 5 secs>

                    <Aug 28, 2013 7:10:16 AM EDT> <Warning> <Socket> <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:65,366 during the configured idle timeout of 5 secs>

                    <Aug 28, 2013 7:10:16 AM EDT> <Warning> <Socket> <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:65,363 during the configured idle timeout of 5 secs>

                    <Aug 28, 2013 7:10:16 AM EDT> <Warning> <Socket> <BEA-000449> <Closing socket as no data read from it on 127.0.0.1:65,364 during the configured idle timeout of 5 secs>

                    <Aug 28, 2013 7:11:09 AM EDT> <Error> <Console> <BEA-240003> <Console encountered the following error weblogic.security.providers.authentication.DBMSSQLAuthenticatorDelegateException: [Security:090279]Error listing users *

                      at weblogic.security.providers.authentication.DBMSSQLReadOnlyAuthenticatorDelegateImpl.listUsers(DBMSSQLReadOnlyAuthenticatorDelegateImpl.java:368)

                      at weblogic.security.providers.authentication.ReadOnlySQLAuthenticatorImpl.listUsers(ReadOnlySQLAuthenticatorImpl.java:117)

                      at weblogic.security.providers.authentication.SQLAuthenticatorMBeanImpl.listUsers(SQLAuthenticatorMBeanImpl.java:281)

                      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

                      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

                      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

                      at java.lang.reflect.Method.invoke(Method.java:597)

                      at weblogic.management.jmx.modelmbean.WLSModelMBean.invoke(WLSModelMBean.java:437)

                      at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:836)

                      at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:761)

                      at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)

                      at java.security.AccessController.doPrivileged(Native Method)

                      at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)

                      at weblogic.management.mbeanservers.internal.JMXContextInterceptor.invoke(JMXContextInterceptor.java:263)

                      at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase$16.run(WLSMBeanServerInterceptorBase.java:449)

                      at java.security.AccessController.doPrivileged(Native Method)

                      at weblogic.management.jmx.mbeanserver.WLSMBeanServerInterceptorBase.invoke(WLSMBeanServerInterceptorBase.java:447)

                      at weblogic.management.mbeanservers.internal.SecurityInterceptor.invoke(SecurityInterceptor.java:444)

                      at weblogic.management.jmx.mbeanserver.WLSMBeanServer.invoke(WLSMBeanServer.java:323)

                      at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11$1.run(JMXConnectorSubjectForwarder.java:663)

                      at java.security.AccessController.doPrivileged(Native Method)

                      at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder$11.run(JMXConnectorSubjectForwarder.java:661)

                      at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)

                      at weblogic.management.mbeanservers.internal.JMXConnectorSubjectForwarder.invoke(JMXConnectorSubjectForwarder.java:654)

                      at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1427)

                      at javax.management.remote.rmi.RMIConnectionImpl.access$200(RMIConnectionImpl.java:72)

                      at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1265)

                      at java.security.AccessController.doPrivileged(Native Method)

                      at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1367)

                      at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:788)

                      at javax.management.remote.rmi.RMIConnectionImpl_WLSkel.invoke(Unknown Source)

                      at weblogic.rmi.internal.ServerRequest.sendReceive(ServerRequest.java:174)

                      at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:222)

                      at javax.management.remote.rmi.RMIConnectionImpl_1035_WLStub.invoke(Unknown Source)

                      at javax.management.remote.rmi.RMIConnector$RemoteMBeanServerConnection.invoke(RMIConnector.java:993)

                      at weblogic.management.jmx.MBeanServerInvocationHandler.doInvoke(MBeanServerInvocationHandler.java:544)

                      at weblogic.management.jmx.MBeanServerInvocationHandler.invoke(MBeanServerInvocationHandler.java:380)

                      at $Proxy168.listUsers(Unknown Source)

                      at com.bea.console.utils.security.UserUtils.getUsers(UserUtils.java:78)

                      at com.bea.console.actions.security.users.UserTableAction.getCollection(UserTableAction.java:100)

                      at com.bea.console.actions.security.ManagementBaseTableAction.execute(ManagementBaseTableAction.java:82)

                      at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)

                      at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.access$201(PageFlowRequestProcessor.java:97)

                      at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor$ActionRunner.execute(PageFlowRequestProcessor.java:2044)

                      at org.apache.beehive.netui.pageflow.interceptor.action.internal.ActionInterceptors.wrapAction(ActionInterceptors.java:91)

                      at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processActionPerform(PageFlowRequestProcessor.java:2116)

                      at com.bea.console.internal.ConsolePageFlowRequestProcessor.processActionPerform(ConsolePageFlowRequestProcessor.java:261)

                      at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)

                      at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.processInternal(PageFlowRequestProcessor.java:556)

                      at org.apache.beehive.netui.pageflow.PageFlowRequestProcessor.process(PageFlowRequestProcessor.java:853)

                      at org.apache.beehive.netui.pageflow.AutoRegisterActionServlet.process(AutoRegisterActionServlet.java:631)

                      at org.apache.beehive.netui.pageflow.PageFlowActionServlet.process(PageFlowActionServlet.java:158)

                      at com.bea.console.internal.ConsoleActionServlet.process(ConsoleActionServlet.java:262)

                      at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)

                      at com.bea.console.internal.ConsoleActionServlet.doGet(ConsoleActionServlet.java:134)

                      at org.apache.beehive.netui.pageflow.PageFlowUtils.strutsLookup(PageFlowUtils.java:1199)

                      at com.bea.portlet.adapter.scopedcontent.ScopedContentCommonSupport.executeAction(ScopedContentCommonSupport.java:686)

                      at com.bea.portlet.adapter.scopedcontent.ScopedContentCommonSupport.renderInternal(ScopedContentCommonSupport.java:266)

                      at com.bea.portlet.adapter.scopedcontent.StrutsStubImpl.render(StrutsStubImpl.java:107)

                      at com.bea.netuix.servlets.controls.content.NetuiContent.preRender(NetuiContent.java:292)

                      at com.bea.netuix.nf.ControlLifecycle$6.visit(ControlLifecycle.java:428)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:727)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walkRecursivePreRender(ControlTreeWalker.java:739)

                      at com.bea.netuix.nf.ControlTreeWalker.walk(ControlTreeWalker.java:146)

                      at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:395)

                      at com.bea.netuix.nf.Lifecycle.processLifecycles(Lifecycle.java:361)

                      at com.bea.netuix.nf.Lifecycle.runOutbound(Lifecycle.java:208)

                      at com.bea.netuix.nf.Lifecycle.run(Lifecycle.java:162)

                      at com.bea.netuix.servlets.manager.UIServlet.runLifecycle(UIServlet.java:388)

                      at com.bea.netuix.servlets.manager.UIServlet.doPost(UIServlet.java:258)

                      at com.bea.netuix.servlets.manager.UIServlet.doGet(UIServlet.java:211)

                      at com.bea.netuix.servlets.manager.UIServlet.service(UIServlet.java:196)

                      at com.bea.netuix.servlets.manager.SingleFileServlet.service(SingleFileServlet.java:251)

                      at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)

                      at com.bea.console.utils.MBeanUtilsInitSingleFileServlet.service(MBeanUtilsInitSingleFileServlet.java:47)

                      at weblogic.servlet.AsyncInitServlet.service(AsyncInitServlet.java:130)

                      at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)

                      at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)

                      at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)

                      at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)

                      at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)

                      at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)

                      at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)

                      at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)

                      at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)

                      at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

                      at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)

                      at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)

                      at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)

                      at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)

                      at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)

                      at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)

                    Caused by: java.sql.SQLException: TBDI18N: Connection was not found for null

                      at weblogic.security.providers.authentication.DBMSDatabaseConnectionPoolImpl.getRawConnection(DBMSDatabaseConnectionPoolImpl.java:136)

                      at weblogic.security.providers.authentication.DBMSSQLDatabaseConnectionPoolImpl.checkoutConnection(DBMSSQLDatabaseConnectionPoolImpl.java:25)

                      at weblogic.security.providers.authentication.DBMSSQLReadOnlyAuthenticatorDelegateImpl.getReadOnlyConnection(DBMSSQLReadOnlyAuthenticatorDelegateImpl.java:570)

                      at weblogic.security.providers.authentication.DBMSSQLReadOnlyAuthenticatorDelegateImpl.listUsers(DBMSSQLReadOnlyAuthenticatorDelegateImpl.java:346)

                      ... 119 more

                    >

                     

                     

                    It says something about listing the users, so I checked my "SQL List Users:" statement and it should be just fine:

                    SELECT username FROM jhs_users WHERE username LIKE ?

                    If fact I double checked all SQL statement that list something in the provider and they are all fine

                    I have to remind that my application is empty and all pages (login , error , welcome) are autogenerated

                     

                    Thank you for you help. Can you see the problem?

                    • 7. Re: ADF Security against external source
                      kdario

                      [07:10:09 AM] Uploading jazn-data roles.

                      [07:10:09 AM] Removing existing group "EnterpriseAdmin".

                      [07:10:09 AM] Creating group for role "EnterpriseAdmin".

                      See section 14.7.1 in Developing Secure Applications

                      So user and role which you see in WL doesn't come from authentication provider, but from jazn-data.xml

                       

                      <Aug 28, 2013 7:11:09 AM EDT> <Error> <Console> <BEA-240003> <Console encountered the following error weblogic.security.providers.authentication.DBMSSQLAuthenticatorDelegateException: [Security:090279]Error listing users *

                        at weblogic.security.providers.authentication.DBMSSQLReadOnlyAuthenticatorDelegateImpl.listUsers(DBMSSQLReadOnlyAuthenticatorDelegateImpl.java:368)

                      Caused by: java.sql.SQLException: TBDI18N: Connection was not found for null

                      .

                      .

                      .

                       

                      It says something about listing the users, so I checked my "SQL List Users:" statement and it should be just fine:

                      SELECT username FROM jhs_users WHERE username LIKE ?

                      If fact I double checked all SQL statement that list something in the provider and they are all fine

                      Obviously, your authentication provider doesn't work so you don't get any user/role from your db tables.

                      Check Data Source Name in authentication provider - this is probably case sensitive.

                      Also check connection in data source(you can test data source in WL admin console)

                       

                      Dario

                      • 8. Re: ADF Security against external source
                        Michael Shapira

                        Modifying deployment settings solved the problem. About SQL exception I will ignore it for now , since it doesn't do any harm to application