Configuring ADF Security Authentication
The Configure ADF Security Wizard enables you to configure ADF Authentication and Authorization, or to configure only ADF Authentication. A third option enables you to remove all ADF security.
To invoke the wizard, select in the Application Navigator the user interface project that contains the pages you want to protect, and then select Tools > Configure ADF Security from the menu.
The first page of the wizard enables you to choose which type of security to configure. When you choose only ADF Authentication, you enable the ADF authentication servlet to support dynamic authentication, but you are not implementing the fine-grained authorization of resources available with ADF authorization.
When you select only ADF Authentication, the servlet requires the user to log in the first time a page in the application is accessed. The servlet also redirects the user to the requested page when the user has sufficient access rights as defined by security constraints. In this case, the developer is responsible for defining security constraints for Web pages; otherwise, all pages are accessible by the authenticated user.