Oracle ADF provides the oracle.adf.view.rich.security.FRAME_BUSTING context parameter to implement the Framebusting in the web application.
When a malicious site tries to retrieve the content of a page from another domain into a frame and allows hyperlinks or buttons (partial content of the original page) and performs action, it is known as clickjacking. Framebusting helps the web application to prevent from clickjacking
If you want to consume your ADF application in a frame, set the below given configuration in the web.xml of the web application.
<context-param>
<param-name>oracle.adf.view.rich.security.FRAME_BUSTING</param-name>
<param-value>never</param-value>
</context-param>
The apache server might require the commenting of the X-Frame-Options: sameorigin. The current apache server will show the below settings
HTTP/1.1 200 OK
Server: Apache
Cache-Control: no-cache
Pragma: no-cache
X-Powered-By: JSF/1.2
X-Frame-Options: sameorigin
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: Keep-Alive