Which three steps would you perform to enable security for an ADF application? (Choose three.)
A.
Define authentication and authorization by using the configure ADF Security wizard.
B.
Define which HTML pages must be secured.
C.
Grant roles access rights to bounded task flows.
D.
Grant roles access rights to unbounded task flows.
E.
Deploy the application to a Java EE Security-enabled server to test the user roles.
F.
Grant roles access rights to pagedefs for views in unbounded task flows.
Explanation:
A: The Configure ADF Security wizard allows you to choose to enable authentication and authorization
separately.
C: ADF bounded task flow protects the entry point to the task flow, which in turn controls the user’s access to
the pages contained by the flow.
B: To grant public access to ADF security-aware resources:
1. From the Application menu, choose Secure > Resource Grants.
2. In the Resource Grants page of the jazn-data.xml file overview editor, select one of the following resources
from the Resource Types dropdown list:
Task Flow when you want to make a bounded task flow public. The application displays the web pages
under the permission you define for the task flow itself. Thus, all constituent web pages of the bounded taskflow will become public.
Web Page when you want to make individual web pages public. Typically, these pages are defined by an
unbounded task flow and are top-level pages in the application, such as a home page.
Incorrect Answers:
D, F: The unbounded task flow is not an ADF security-aware component and allows no grants.
https://docs.oracle.com/cd/E21764_01/web.1111/b31974/adding_security.htm#ADFFD19895