Hands-on Practice: Set Up Security in the Sample Application

As Chapter 10 explains, security within the TUHRA application is based around several logical roles—user, admin, and manager. It is important to understand that these roles are private to the application and do not directly represent roles in the database or any user repository, such as OID. The reason for this approach is that it provides us with a security abstraction. We can hook up a security-provider implementation that has its own concept of roles, which may or may not match those within the TUHRA application. If the roles do not match directly, then a mapping can be made between the security-provider role name and the application role name once the application is installed into ...

Get Oracle JDeveloper 10g for Forms & PL/SQL Developers: A Guide to Web Development with Oracle ADF now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.