7/22/2019 Oracle ADF Security
1/30
Lgigkhts nk Ugeurhif Vgl @ppahe`thnis
Vgl `ppahe`thnis nktgi eniiget whtd ` shifag j`t`l`sg
usgr `eenuit) Zdgrgknrg! sgp`r`tg `ppahe`thni usgrs
`eenuits cust lg usgj)
Hjgithty e`i lg usgj tn=
Gisurg td`t niay `utdgithe`tgj usgrs e`i `eegss tdg
`ppahe`thni
\gstrhet `eegss tn p`rts nk tdg `ppahe`thni
Eustnchzg tdg WH $sued `s pheb ahsts(
_rnvhjg tdg usgri`cg knr `ujhthif
Ugt up ` [hrtu`a _rhv`tg J`t`l`sg $[_J(
Enpyrhfdt
7/22/2019 Oracle ADF Security
2/30
Gx`chihif Ugeurhty @spgets
@utdgithe`thni= Hs tdhs usgr `aanwgj tn
`eegss tdhs `ppahe`thni>
@ppahe`thni
\gsnureg 0 \gsnureg
\gsnureg : \gsnureg 7 \gsnureg ;
Enpyrhfdt
7/22/2019 Oracle ADF Security
3/30
@JK Ugeurhty Kr`cgwnrb= Nvgrvhgw
Zdg @JK sgeurhty kr`cgwnrb prnvhjgs=
Ut`ij`rj kg`turgs rgquhrgj tn sgeurg @JK `ppahe`thnis
Cnrg fr`iua`r jgea`r`thvg sgeurhty
Dhgr`redhe`a rnags whtd pgrchsshni hidgrht`ieg
Wthahty cgtdnjs knr usg hi GA gxprgsshnis
Jhkkgrgit `eegss jgkhigj knr jhkkgrgit rnags `t tdg s`cg W\A
Ht usgs M@@U giknregj ly tdg @JK lhijhif sgrvagt khatgr)
Ht e`i `utdgithe`tg usgrs `f`hist ` rgsnureg prnvhjgr=
AJ@_
NHJ
TCA#l`sgj
Enpyrhfdt
7/22/2019 Oracle ADF Security
4/30
Enikhfurg @JK Ugeurhty Vhz`rj=
Enikhfurhif @JK Ugeurhty @utdgithe`thni
@ppahe`thni 9 Ugeurg 9 Enikhfurg @JK Ugeurhty
Enpyrhfdt
7/22/2019 Oracle ADF Security
5/30
Enikhfurg @JK Ugeurhty Vhz`rj=
Ednnshif tdg @utdgithe`thni Zypg
Cnst enccniay usgj=
DZZ_ l`she `utdgithe`thni=
Ht usgs tdg lrnwsgr anfhi jh`anf lnx)
E`edgj ergjgith`as prgvgit anfnut)
Knrc#l`sgj `utdgithe`thni= Jgvganpgr#jgshfigj anfhi
p`fg
Enpyrhfdt
7/22/2019 Oracle ADF Security
6/30
Wshif Knrc#L`sgj @utdgithe`thni
Xnu hcpagcgit `utdgithe`thni hi tdg WH ly=
Enikhfurhif tdg anfhi hi wgl)xca $jnig ly Enikhfurg @JK
Ugeurhty Vhz`rj(
Ugtthif up ` anfhi p`fg tn `eegpt usgr ergjgith`as whtd tdg
knaanwhif gagcgits=
@ knrc `ttrhlutg= `ethni3,msgeurhty^edgeb,
@i hiput tgxt htgc= i`cg3,m^usgri`cg,
@i hiput p`sswnrj= i`cg3,m^p`sswnrj,
_rgsgithif tdg anfhi p`fg hi DZZ_U cnjg
Enpyrhfdt
7/22/2019 Oracle ADF Security
7/30
Enikhfurg @JK Ugeurhty Vhz`rj=
Ednnshif tdg Vgaencg _`fg
Upgehky p`fg wdgrg usgr sdnuaj fn upni
`utdgithe`thni
Hfinrgj hk p`fg spgehkhgj ni W\A
Hk in p`fg spgehkhgj! usgr rgturis tn tdg anfhi p`fg
Enpyrhfdt
7/22/2019 Oracle ADF Security
8/30
Enikhfurg @JK Ugeurhty Vhz`rj=
Gi`lahif @JK @utdnrhz`thni
Ednnsg tdg @JK
@utdgithe`thni `ij
@utdnrhz`thni npthni)
Ugaget `i npthni knr tgsthif)
Zn ed`ifg gxhsthif
`utdnrhz`thnis!
usg tdg nvgrvhgw
gjhtnr knrm`zi#j`t`)xca)
Enpyrhfdt
7/22/2019 Oracle ADF Security
9/30
Khags Cnjhkhgj ly Enikhfurg @JK Ugeurhty Vhz`rj=wgl)xca
wgl)xcacnjhkhe`thnis=
@JK `utdgithe`thni sgrvagt
jgkhihthni `ij c`pphif
Ugeurhty enistr`hit
Anfhi enikhfur`thni
Enpyrhfdt
7/22/2019 Oracle ADF Security
10/30
e`thni\gquhrg3,trug,.9
enc,9
Khag Ane`thni Enikhfur`thni _grknrcgj
`jk#
enikhf)xca.`jk.CGZ@#HIK
rga`thvg tn Vgl
`ppahe`thni
Ergjgith`a stnrg enitgxt
M@@U sgeurhty enitgxt
mps#
enikhf)xca$M_U st`ijs knr
M`v` _a`tknrc
Ugeurhty)(
.sre.CGZ@#HIK
rga`thvg tn Vgl`ppahe`thni
Nr`eag _a`tknrc Ugeurhty enitgxt knr npthni`a
ergjgith`a stnrg Nr`eag _a`tknrc Ugeurhty enitgxt knr npthni`a
pnahey stnrg
Nr`eag _a`tknrc Ugeurhty enitgxt knr npthni`a
`iniycnus usgr
m`zi#
j`t`)xca.sre.CGZ@#HIK
rga`thvg tn Vgl
`ppahe`thni
Jgk`uat rg`ac i`cg knr npthni`a ahfdtwghfdt
TCA ppahe`thnispgehkhe hjgithty stnrg
_nahey stnrg
Ntdgr Khags Cnjhkhgj nr Erg`tgjly Enikhfurg @JK Ugeurhty Vhz`rj
`jk#enikhf)xca
mps#enikhf)xca
L`sgj @uuttddggiitthhee`tthhnnii
1Ergjgith`aUtnrgEnitgxt ergjgith`aUtnrgEa`ss3
,nr`eag)`jk)sd`rg)sgeurhty)prnvhjgrs)m`zi)M@]IErgjgith`aUtnrg,
ergjgith`aUtnrgJgk`uatWsgr3,`iniycnus,
ergjgith`aUtnrgAne`thni3,).ergjgith`a#m`zi#j`t`)xca,.91sge=M``sUgeurhtyEnitgxt hihth`aEnitgxtK`etnryEa`ss3
,nr`eag)`jk)sd`rg)sgeurhty)M@@UHihth`aEnitgxtK`etnry,
m``s_rnvhjgrEa`ss3
,nr`eag)`jk)sd`rg)sgeurhty)prnvhjgrs)mps)MpsUgeurhtyEnitgxt,
`utdnrhz`thniGiknreg3,trug,
`utdgith 1sgrvheg_rnvhjgrs91sgrvheg_rnvhjgr
ea`ss3,nr`eag)sgeurhty)mps)hitgri`a))),
)))
1.sgrvheg_rnvhjgr9
)))
1sgrvhegHist`iegs9
m`zi#j`t`)xca
Cnjhkhgj
Erg`tgj
1m`zi#rg`ac jgk`uat3,m`zi)
1rg`ac9
1i`cg9m`zi)enc1.i`cg91.rg`ac9
1.m`zi#rg`ac9
1pnahey#stnrg9
)))
)))
1.pnahey#stnrg9
1sgrvhegHist`ieg
prnvhjgr3,ergjstnrg)prnvhjgr,
)))1.sgrvhegHist`ieg9
)))
1mpsEnitgxts jgk`uat3,Utnrgkrnit#0
7/22/2019 Oracle ADF Security
11/30
Gi`lahif Wsgrs tn @eegss \gsnuregs
Zn fhvg usgrs `eegss=
Jgkhig ` sgeurhty rg`ac hi tdg hjgithty stnrg=
Erg`tg usgrs)
Erg`tg rnags)
@sshfi usgrs tn rnags)
Jgkhig `i `ppahe`thni pnahey hi tdg pnahey stnrg=
Erg`tg `ppahe`thni rnags)
C`p tdg hjgithty rnags tn tdg `ppahe`thni rnags)
Fr`it tdg `ppahe`thni rnags `eegss tn rgsnuregs)
Enpyrhfdt
7/22/2019 Oracle ADF Security
12/30
rg`thif` usgr
Jgkhihif Wsgrs `ij \nags hi tdg Hjgithty Utnrg
Jgkhihif ` \g`acNpgihif tdg m`zi#j`t` gjhtnr
E
Erg`thifGitgrprhsg rnags
Enpyrhfdt
7/22/2019 Oracle ADF Security
13/30
Jgkhihif Ugeurhty _nahehgs
@ sgeurhty pnahey hs ` sgt nk fr`its c`jg tn rnags)
Zn jgkhig ` sgeurhty pnahey=
Erg`tg `ppahe`thni rnags)
@sshfi hjgithty stnrg rnags tn `ppahe`thni rnags)
Fr`it pgrchsshnis tn rnags)
Enpyrhfdt
7/22/2019 Oracle ADF Security
14/30
Jgkhihif @ppahe`thni \nags hi tdg _nahey Utnrg
_nahey stnrg hs hi
m`zi#j`t`)xca)
Enpyrhfdt
7/22/2019 Oracle ADF Security
15/30
@sshfihif Hjgithty Utnrg \nags
tn @ppahe`thni \nags
Wsgrs
eagrb\nags
c`i`fgr
`pp^eagrb `pp^c`i`fgrC`pphif `i hjgithty rnag
tn i ppahe`thni rnag
Enpyrhfdt
7/22/2019 Oracle ADF Security
16/30
Fr`ithif _grchsshnis tn \nags
Xnu e`i `ssneh`tg rnags tn fr`its ni rgsnuregs=
@utdnrhz`thni _nhit Fr`its Hssugj Ni= Jgkhigj Hi=
Frnups nk p`fgs Lnuijgj t`sb kanws m`zi#j`t`)xcagjhtnr
Hijhvhju`a p`fgs _`fg jgkhihthnis - m`zi#j`t`)xcagjhtnr
\nws Githty nlmgets nr
`ttrhlutgs
GN sgeurhty ij `utdnrhz`thni
gjhtnrs
- Zn sgeurg p`fg whtd inj`t`! erg`tg i gcptyp`fg jgkhihthni khag)
Enpyrhfdt
7/22/2019 Oracle ADF Security
17/30
Ugeurhif Frnups nk _`fgs
$Lnuijgj Z`sb Kanws(
_rgvgit ui`utdnrhzgj `eegss tn sgeurgj t`sb kanws) _rnvhjg jgvganpgrs whtd tdg `lhahty tn=
Ugeurg ` lnuijgj t`sb kanw `s ` anfhe`a githty
Vrhtg sgeurhty#`w`rg lnuijgj t`sb kanws `ij p`fgs
Enpyrhfdt
7/22/2019 Oracle ADF Security
18/30
Ugeurhif Hijhvhju`a _`fgs
$_`fg Jgkhihthnis(
Jgtgrchigs wdgtdgr tdg usgr hs `aanwgj tn i`vhf`tg tn
$vhgw( ` p`fg
Int iggjgj ni p`fgs hi sgeurgj t`sb kanws
Enpyrhfdt
7/22/2019 Oracle ADF Security
19/30
@JK LE Cnjga @utdnrhz`thni
Zdg purpnsg hs tn=
_rgvgit ui`utdnrhzgj `eegss tn githty nlmgets nr `ttrhlutgs
Gi`lag jgvganpgrs tn=
Ugeurg `eegss tn `i githrg githty nlmget nr niay egrt`hi
`ttrhlutgs
Upgehky tdg `ethnis td`t cgclgrs nk ` rnag e`i pgrknrc ni
githty nlmgets nr `ttrhlutgs
Enpyrhfdt
7/22/2019 Oracle ADF Security
20/30
Ugeurhif \nw J`t`
$Githty Nlmgets nr @ttrhlutgs(
Xnu e`i gi`lag sgeurhty ni= Githrg
githty
nlmgets=
Hijhvhju`a
`ttrhlutgs=
@JK Lushigss
Encpnigit
Ugeur`lag
Npgr`thni
Gxpgetgj
C`ppgj @ethni Hcpagcgit`thni
Githty nlmget rg`j \g`j [hgw rnws nk rgsuat sgt)
rgcnvgEurrgit\nw Jgagtg Jgagtg ` rnw krnc tdglnuij enaagethni)
upj`tg Wpj`tg Wpj`tg iy ttrhlutg)
@ttrhlutg nk GN upj`tg Wpj`tg Wpj`tg spgehkhe`ttrhlutg)
Enpyrhfdt
7/22/2019 Oracle ADF Security
21/30
Fr`ithif _rhvhagfgs ni Githty Nlmgets nr
@ttrhlutgs
Hi tdg Utrueturg whijnw! rhfdt#
eaheb tdg githty nlmget nr `ttrhlutg
`ij sgaget Gjht @utdnrhz`thni)
Ugaget prhvhagfgs tn fr`it tn
`ppahe`thni rnags)
Enpyrhfdt
7/22/2019 Oracle ADF Security
22/30
@ppahe`thni @utdgithe`thni `t \ui Zhcg
Zwn typgs=
Hcpaheht= L`sgj ni M@@U pgrchsshnis knr`iniycnus#
rnag rnag
Gxpaheht= L`sgj ni sgeurhty enistr`hit ni `utdgithe`thni
sgrvagt td`t ynu e`i jgkhig ly ushif tdg Enikhfurg @JK
Ugeurhty Vhz`rj
Enpyrhfdt
7/22/2019 Oracle ADF Security
23/30
@JK Ugeurhty= Hcpaheht @utdgithe`thniM sueegss^ura3.`pp.Cy_`fg)mspx
7/22/2019 Oracle ADF Security
24/30
@JK Ugeurhty= Hcpaheht @utdgithe`thni $enithiugj(
5) Lge`usg tdg `jk@utdgithe`thni sgrvagt d`s ` M`v` GG sgeurhty enistr`hit ni ht! e`aahif tdg
`jk@utdgithe`thni Ugrvagt rgsuats hi tdg M`v` GG enit`higr hivnbhif tdg enikhfurgj anfhicged`ihsc)
:) L`sgj ni tdg enit`higrs anfhi enikhfur`thni! tdg usgr hs prncptgj tn `utdgithe`tg) Zdg gx`cpag
sdnwi hi tdg sahjg usgs ` knrc#l`sgj anfhi! sn tdg `pprnprh`tg anfhi knrc hs jhspa`ygj) Zdg usgr
gitgrs ergjgith`as `ij pnsts tdg knrc l`eb tn tdg enit`higrs m^sgeurhty^edgeb$(cgtdnj! sn td`t tdg M`v` GG enit`higr e`i `utdgithe`tg tdg usgr)
7) Wpni sueegsskua `utdgithe`thni! tdg enit`higr rgjhrgets tdg usgr l`eb tn tdg
`jk@utdgithe`thni sgrvagt)
;) Zdg `jk@utdgithe`thni sgrvagt knrw`rjs tdg usgr tn tdg rgqugstgj p`fg) Hk @JK Ugeurhtyhs giknregj! td`t rgsnureg `ppg`rs hk tdg usgr d`s `eegss prhvhagfgs)
7/22/2019 Oracle ADF Security
25/30
:
@JK Ugeurhty= Gxpaheht @utdgithe`thni
Gxpaheht @utdgithe`thni
.`pp._ulahe)mspx
Anfhi Ahib ni tdg
_ulahe _`fg
0.`jk@utdgithe`thni>sueegss^ura3.`pp._ulahe)mspx
M`v` GG Enit`higr
Wsgr= LnlM`v` GG Ugeurhty
Enistr`hit
7/22/2019 Oracle ADF Security
26/30
M@@U @utd]rgqugst
@JK Ugeurhty= @utdnrhz`thni `t \ui ZhcgM`v` GG Enit`higr
Wsgr= Lnl
.`pp.Uge_`fg)msp
.`pp.Cy_`fg)mspx
.`pp._ulahe)msp
_`fgJgks
@JK Ugeurhty pgrknrcs
`utdnrhz`thni edgeb
@JK
Ugeurhty
Khatgr
-)msp
-)mspx
M@@U @utd]rgqugst
Lnl d`s In
[hgw_rhvhagfg Jgkhigj
ni tdg _`fg)
Uge_`fg)mspx
[hgw_rhvhagfg hs
fr`itgj tn ` \nag
nk wdhed Lnl hs `
Cy_`fg)mspx cgclgr)
[hgw_rhvhagfg
fr`itgj tn tdg_`fgJgks usgj `s nrUgeurhty Jgk gij
pnhits _ulahe)msp
`iynig\nag)
Lnlhs ` cgclgr nk tdgUt`kk rnag hi tdg pnahey
1fr`it91prhiehp`a9
_nahey Utnrg @jchihstr`tnr
D\
stnrg)
Wiahbg M`v` GG
Enit`higr Ugeurhty!
`utdnrhz`thni hs int
p`td l`sgj)
1typg9rnag1.typg91i`cg9Ut`kk1.i`cg9
1.prhiehp`a9
1pgrchsshni9
1i`cg9Cy_`fg1.i`cg9
1`ethnis9vhgw1.`ethnis91.pgrchsshni9
1.fr`it9
Jgv
Ut`kk
U`ags
Eagrbs
Enpyrhfdt
7/22/2019 Oracle ADF Security
27/30
_rnfr`cc`the`aay @eegsshif
@JK Ugeurhty Enitgxt
Hs @JK sgeurhty turigj ni>
hk $@JKEnitgxt)fgtEurrgit$()fgtUgeurhtyEnitgxt$()hs@utdnrhz`thniGi`lagj$((
{ }
Hs tdg usgr anffgj ni>pulahe lnnag`i hs@utdgithe tgj$( {
rgturi@JKEnitgxt)fgtEurrgit$()fgtUgeurhtyEnitgxt$()hs@utdgithe`tgj$(2 }
Vdn hs tdg usgr>pulahe Utrhif fgtEurrgitWsgr$( {
rgturi@JKEnitgxt)fgtEurrgit$()fgtUgeurhtyEnitgxt$()fgtWsgrI`cg$(2 }
Hs tdg usgr hi ` spgehkhgj rnag>pulahe lnnag`i hsWsgrHi\nag$Utrhif rnag( {
rgturi@JKEnitgxt)fgtEurrgit$()fgtUgeurhtyEnitgxt$()hsWsgrHi\nag$rnag(2 }
Enpyrhfdt
7/22/2019 Oracle ADF Security
28/30
1`k=encc`ijAhib `ethni3,`eenuitsrgijgrgj3,%{usgrHikn)`jchi},tgxt3,C`i`fg @eenuits,.9
,
Wshif Gxprgsshni A`ifu`fg
tn Gxtgij Ugeurhty E`p`lhahthgs
Xnu e`i hitgfr`tg Gxprgsshni A`ifu`fg hi twn w`ys=
Wshif luhat#hi fanl`a sgeurhty gxprgsshnis=
1`k=encc`ijAhib `ethni3,`eenuits,rgijgrgj3,%{sgeurhtyEnitgxt)usgrHi\nagR&`jchi&S},tgxt3,C`i`fg @eenuits,.9
Wshif ` sgeurhty prnxy lg`i=
Ugg igxt sahjg knr snureg
nk tdhs gxprgsshni)
Enpyrhfdt
7/22/2019 Oracle ADF Security
29/30
Wshif Fanl`a Ugeurhty Gxprgsshnis
Gxprgsshni _urpnsg
%{sgeurhtyEnitgxt)usgrI`cg} Wsgri`cg nk tdg `utdgithe`tgjusgr
%{sgeurhtyEnitgxt)usgrHi\nag
R&rnag ahst&S}
Hs tdg usgr hi iy nk tdgsg
rnags>
%{sgeurhtyEnitgxt)usgrHi@aa\nags
R&rnag ahst&S}
Hs tdg usgr hi aa nk tdgsg
rnags>
%{sgeurhtyEnitgxt)
usgrFr`itgj_grchsshni
R&pgrchsshni&S}
Jngs tdg usgr d`vg tdhs
pgrchsshni fr`itgj>
%{sgeurhtyEnitgxt)t`sbkanw[hgw`lagR&t`rfgt&S}
Jngs tdg usgr d`vg vhgwpgrchsshni ni tdg t`rfgt t`sb
kanw>
%{sgeurhtyEnitgxt)rgfhni[hgw`lag
R&t`rfgt&S}
Jngs tdg usgr d`vg vhgw
pgrchsshni ni tdg t`rfgt
rgfhni>
Enpyrhfdt
7/22/2019 Oracle ADF Security
30/30
Wshif ` Ugeurhty _rnxy Lg`i
@ c`i`fgj lg`i e`i gxpnsg ` Lnnag`i prnpgrty td`t tdg WH
gxprgsshnis e`i enisucg)
Gx`cpag= WsgrHikn lg`i=
pulahe lnnag`i hs@jchi$( {rgturi $@JKEnitgxt)fgtEurrgit$()
fgtUgeurhtyEnitgxt$()hsWsgrHi\nag$,`jchi,((2
}
Gx`cpag= WH gxprgsshni=%{usgrHikn)`jchi}
Edgebhif knr cuathpag rnags hs ` prnlagc2 ynu enuaj gij up
wrhthif c`iy enivgihgieg cgtdnjs)
Enpyrhfdt