Oracle® Application Development Framework Developer's Guide
10g Release 3 (10.1.3) B25386-01 |
|
![]() Previous |
![]() Next |
If you wish to use the JAZN realm from either the lightweight XML resource provider (system-jazn-data.xml
) or through the Oracle Internet Directory, you need to edit the jazn.xml
file to select one of those providers.
Note: If you are working with another JAAS-compliant security provider, see your security provider's documentation. Yvonne: We need to describe how to configure 3rd party JAAS Login Module. See the JAZN doc has info on registering module as an example.
To use the JAZN realm from either the lightweight XML resource provider (system-jazn-data.xml
) or through the Oracle Internet Directory (LDAP provider), you need to specify which provider you want your application to work with.
To specify the resource provider, you edit the provider environment descriptor in jazn.xml
, located in the following directories.
For JDeveloper's embedded OC4J:
<JDEV_HOME>
/jdev/system/oracle.j2ee.10.1.3
directory
For JDeveloper's standalone OC4J:
<JDEV_HOME>
/j2ee/home/config
directory
For Oracle Application Server:
<OC4J_HOME>
/j2ee/
<instance_name>
/config
directory
To work with the XML-based provider, comment out the environment descriptor for LDAP:
<jazn xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation= "http://xmlns.oracle.com/oracleas/schema/jazn-10_0.xsd" schema-major-version="10" schema-minor-version="0" provider="XML" location="./system-jazn-data.xml" default-realm="jazn.com" /> <!-- <jazn xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation= "http://xmlns.oracle.com/oracleas/schema/jazn-10_0.xsd" schema-major-version="10" schema-minor-version="0" provider="LDAP" location="ldap://myoid.us.oracle.com:389" /> -->
To work with the LDAP provider, comment out the environment descriptor for XML:
<!-- <jazn xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation= "http://xmlns.oracle.com/oracleas/schema/jazn-10_0.xsd" schema-major-version="10" schema-minor-version="0" provider="XML" location="./system-jazn-data.xml" default-realm="jazn.com" /> --> <jazn xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation= "http://xmlns.oracle.com/oracleas/schema/jazn-10_0.xsd" schema-major-version="10" schema-minor-version="0" provider="LDAP" location="ldap://myoid.us.oracle.com:389" />
Because Oracle ADF Security uses OracleAS JAAS, it relies on the LoginContext to provide the basic methods for authentication. LoginContext uses Login Modules, which are pluggable bits of code that handle the actual authentication. Oracle ADF Security also uses OracleAS JAAS Provider RealmLoginModule
login module to perform standard user name/password type of authentication.
Oracle ADF Security can authenticate users against a given resource provider. The resource provider, such as a database or LDAP directory, contains the data against which the login and passwords are authenticated.
Specifically, Oracle ADF Security supports the use of Oracle Single Sign-On and Oracle Internet Directory (OID) to provide authentication. You should use OID (the LDAP-based provider) to provide identity management in production environments where scalability and manageability are important. In this case, you will need to administer the users through the LDAP administration tools provided with Oracle Containers for J2EE.
For more information on using OID, see the Oracle Identify Management Guide to Delegated Administration from the Oracle Application Server documentation library.
In addition, JDeveloper provides an XML-based resource provider (system-jazn-data.xml
) that can be used for small scale applications or for development and testing purposes. This provider contains user, role, grant, and login module configurations.