Last updated on NOVEMBER 02, 2017
Applies to:Oracle JDeveloper - Version 126.96.36.199.0 and later
Information in this document applies to any platform.
***Checked for relevance on 08-Jul-2014***
In a web application built with basic authentication, some roles and users have been defined using JDeveloper security tool.
In the WebLogic server, equivalent roles are defined to match the application roles defined in JDeveloper.
Application is compiled and deployed into this server with no problems.
If deployment is done directly using JDeveloper, the following message appears in WLS console screen:
When the application is executed, user credentials are requested. After that, a forbidden access error is issued:
The URL displayed points to an ADF servlet: /adfAuthentication, and operation is stopped.
Nevertheless, if the URL is manually modified in the browser after authentication, replacing it with what is configured in the application (web.xml file, <welcome-page-list> tag), the execution continues normally.
In the web.xml file a <security-constraint> tag gets created that references a "valid-users" role, associated to resource "adfAuthentication". It seems like the server does not include the user in the valid-users role. If the tag is removed, an error gets produced in the deployment:
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms