Expose ADF BC as secured web service

Hello everybody, Today in this post i am going to explain you how to expose ADF Business components as Secured web service (Authentication and authorization).
Create fusion web application and create business components for Employee Table i.e, Entity Object, View Object and Application module.

Next create view criteria based on departmentid as shown below

Now go to application module and create service interface and make sure you select the view criteria as shown below

Next we need to add OWSM policies.

1. oracle/wss_username_token_service_policy (For authentication)
2. oracle/binding_permission_authorization_policy (For authorization)

Open the ApplicationModuleServiceImple.java select "AppModuleServiceImpl" from the structure window and go to property inspector and add the security policies on security attribute.

add the below given security policies.

Now enable security on adf application, Authentication and authorization. In jazn-data.xml, Create user and application role "Managers" and assign the resource to the manager as shown below

You can manually add in jazn-data.xml file as given below

  <jazn-realm default="jazn.com">

    <realm>

      <name>jazn.com</name>

      <users>

        <user>

          <name>user12</name>

          <display-name>user12</display-name>

          <credentials>{903}eQYtnsldQBALw0emi+VoIMG/WFBrGG48</credentials>

        </user>

      </users>

    </realm>

  </jazn-realm>

  <policy-store>

    <applications>

      <application>

        <name>CustomerHistory</name>

        <app-roles>

          <app-role>

            <name>managers</name>

            <class>oracle.security.jps.service.policystore.ApplicationRole</class>

            <members>

              <member>

                <name>user12</name>

                <class>oracle.security.jps.internal.core.principals.JpsXmlUserImpl</class>

              </member>

            </members>

          </app-role>

        </app-roles>

        <resource-types>

          <resource-type>

            <name>WSFunctionPermissionabc</name>

            <display-name>WSFunctionPermissionaa</display-name>

            <matcher-class>oracle.wsm.security.WSFunctionPermissionaaa</matcher-class>

            <actions-delimiter>,</actions-delimiter>

            <actions>invokeaa</actions>

          </resource-type>

        </resource-types>

        <jazn-policy>

          <grant>

            <grantee>

              <principals>

                <principal>

                  <name>managers</name>

                  <class>oracle.security.jps.service.policystore.ApplicationRole</class>

                </principal>

              </principals>

            </grantee>

            <permissions>

              <permission>

                <class>oracle.wsm.security.WSFunctionPermission</class>

                <name>/model/common/AppModuleService#findEmployeesView1EmployeesViewCriteria</name>

                <actions>invoke</actions>

              </permission>

            </permissions>

          </grant>

        </jazn-policy>

      </application>

    </applications>

  </policy-store>

</jazn-data>

Only users whose role is managers can access the view Criteria method. For other users it throws authorization exception.
Deploy and then test the service in Webservice tester.

Thanks :) Happy Learning :)  NK