My Oracle Support Banner

How To Secure a Java Cloud Service Web Application: Authenticating / Restricting Access / Logout (Doc ID 1531715.1)

Last updated on FEBRUARY 22, 2024

Applies to:

Oracle Java Cloud Service - S2
Oracle Java Cloud Service - S4
Oracle Java Cloud Service - SaaS Extension
Information in this document applies to any platform.


You want to deploy an application onto the Oracle Java Cloud Service (JCS), and wonder how to leverage the security infrastructure part of JCS. Here are recommended ways on how to achieve this.

Reference: (since JCS 14.1, please refer to )


This reference document is intended for developers aiming at developing a secure application onto Oracle Java Cloud Service.

It also aims at people seeking to understand the behavior of an application leveraging the Oracle Cloud security infrastructure.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Default configuration
 Fully public application
 Restricting certain web pages to any user authenticated in the IdM domain
 Restricting certain web pages to a subset of the users authenticated in the IdM domain
 Restricting web page access to any user authenticated on a particular IdM domain while imposing additional restrictions on some parts of the application
 How to mix, in the same application, fully public web pages with access restrictions to some other pages?
 What is happening there? How to solve this?
 How to reroute a user from a page secured with an auth-constraint to a page secured with a simple security-constraint for the user to flow seamlessly in your application?
 How to logout?

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.