-3

I have two different pages(edit.jsf and upload.jsf) . I want to reach this two pages with different users. For example: -user1 can reach upload.jsf -user2 can reach edit.jsf

When I tried to assign this two users to two different application role and granted to edit and upload page to this two application role, I reach upload page. But I didn't reach edit page with user2

This my jazn-data.xml file

<jazn-realm default="jazn.com">
    <realm>
        <name>jazn.com</name>
        <users>
            <user>
                <name>user1</name>
                <credentials>{903}I8hy/xEW1elDCG8QWE7n2C6WAT6MF22v2jpkMSVdHUk=</credentials>
                <display-name>user1</display-name>
            </user>
            <user>
                <name>user2</name>
                <credentials>{903}obu0YOPXqe0RuRqhRhJjBjx3zLIb1bdMQQypod5RGJc=</credentials>
                <display-name>user2</display-name>
            </user>
        </users>
    </realm>
</jazn-realm>
<policy-store>
    <applications>
        <application>
            <name>AdminPnel</name>
            <app-roles>
                <app-role>
                    <name>AdminRole</name>
                    <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                    <display-name>AdminRole</display-name>
                    <members>
                        <member>
                            <class>oracle.security.jps.internal.core.principals.JpsXmlUserImpl</class>
                            <name>user1</name>
                        </member>
                    </members>
                </app-role>
                <app-role>
                    <name>EditRole</name>
                    <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                    <display-name>EditRole</display-name>
                    <members>
                        <member>
                            <class>oracle.security.jps.internal.core.principals.JpsXmlUserImpl</class>
                            <name>user2</name>
                        </member>
                    </members>
                </app-role>
            </app-roles>
            <jazn-policy>
                <grant>
                    <grantee>
                        <principals>
                            <principal>
                                <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                                <name>AdminRole</name>
                            </principal>
                        </principals>
                    </grantee>
                    <permissions>
                        <permission>
                            <class>oracle.adf.share.security.authorization.RegionPermission</class>
                            <name>view.pageDefs.uploadPageDef</name>
                            <actions>view</actions>
                        </permission>
                        <permission>
                            <class>oracle.adf.share.security.authorization.RegionPermission</class>
                            <name>view.pageDefs.editPageDef</name>
                            <actions>view</actions>
                        </permission>
                    </permissions>
                </grant>
                <grant>
                    <grantee>
                        <principals>
                            <principal>
                                <class>oracle.security.jps.service.policystore.ApplicationRole</class>
                                <name>EditRole</name>
                            </principal>
                        </principals>
                    </grantee>
                    <permissions>
                        <permission>
                            <class>oracle.adf.share.security.authorization.RegionPermission</class>
                            <name>view.pageDefs.editPageDef</name>
                            <actions>view</actions>
                        </permission>
                    </permissions>
                </grant>
            </jazn-policy>
        </application>
    </applications>
</policy-store>
user5268703
  • 1
  • 1
  • Please paste your code and explain it more. This is a very vague and lazy way of asking. – Misgevolution Aug 26 '15 at 13:23
  • 1
    use a task flow with a router component in which you check the user names and send them to each individual page based on the comparison with their login – MihaiC Sep 01 '15 at 12:08

1 Answers1

0

From the looks of the permissions. User2 should be able to access only edit page and user 1 can access both upload and edit page. Is this not the scenario ?

AdminRole has been granted region permission to both the pages and user1 is part of it.

EditRole has only been granted edit region permission and user2 is part of it. So user2 should only be able to edit and not access the upload page.

Ramandeep Nanda
  • 519
  • 3
  • 9