1. Oracle Visual Builder Page Model Reference
  2. Understand the Page Model
  3. Security
  4. Security Configuration

Security Configuration

The security configuration is managed in several resources.

The configuration for security resides in the model for each of these resources: app-flow.jsonname-flow.jsonname-page.json. If requiresAuthentication is false, specifying roles or permissions results in an error. By default an artifact inherits the requiresAuthentication property from its parent. If this is not present in the application configuration, it defaults to true. This means that if no security section is defined in any of the artifacts, the application will require authentication when starting.

The configuration follows the format seen in this example:

"security": {
  "access": {
    "requiresAuthentication": true/false,
    "roles": ["role1", "role2"],
    "permissions": ["perm1", "perm2"]
  }
}

When an anonymous user navigates to an artifact (page, flow or application) and the artifact is secure, the user is prompted to login, and is then redirected to the artifact. This functionality is provided by the default implementation of the Security Provider.