A single application of APEX 2 authentication schemes

Similar Questions

• Share the authentication scheme between different applications

  Hi all:
  
  I use APEX3.1.2 in Oracle 10g XE.
  
  I created a new authentication scheme called 'APEX_EBS' in the application "A". I have several other applications 'B', 'C' etc. I want also to application 'B' and 'C' using the same authentication scheme 'APEX_EBS', I created for application 'A'. However, I have connection select application 'B' (or 'C'), then the shared components = > authentication schemes, I do not see the pattern "APEX_EBS".
  
  How to make my "APEX_EBS" available for application 'B' and 'C' custom authentication scheme. It seems easy to do, but I can't find an answer.
  
  
  Thank you!
  
  
  Kevin

  Kevin,

  First, all applications must exist in the same workspace. Go to application B, create an authentication scheme (note, Plan, no schema) of the Gallery (choice of the scheme of Application Express) and name it EBS_COPY, for example. Then modify this scheme and under subscription, use the popup LOV labeled 'Reference Master Authentication Scheme From' and select the application APEX_EBS schema a. apply changes and which copy the APEX_EBS authentication scheme in application B.

  This publish/subscribe feature is also available for other types of shared components. At any time, the developer of a subscribing application can use "Refresh" to "pull" the latest version of the component from the main application, or editing. Alternatively, the publishing application developer can use the "publish" feature to 'push' the most recent copy of the component to all subscribers.

  Note that for shared in this way authentication schemes, you must decide if you want to use a page of common connection or page within each application. If your APEX_EBS authentication scheme uses a login page in one or more of your apex applications, let me know how it should work and I will be able to guide you further.

  Scott

• menus and authentication schemes

  I'm new to application Express but one old hand to Oracle databases. Geriatric, actually. But certainly a 'newbie', like the Usanians APEX would say.
  
  I am writing a menus system standard authentication of AP. However when I link to programs call (using a column binding) of the invoked program re - running authentication. I would like that the program called only require authentication only if the session menu itself was not authenticated.
  
  I'm assuing this issue is as old as the world and I wonder if someone could give me the right way on this and the General guidelines on the menu in general - systems as mechanisms to return to the menu to start with little effort for me.

  Hello

  To get this to work, you must do two things:
  1. make each application with the same name of cookie
  2 pass the session ID in the URL to the destination application

  The name of the cookie are:
  Home > Application Builder > Application XXX > shared components > authentication schemes > change the authentication scheme > name of the Cookie

  Kind regards
  Dan

  http://danielmcghan.us
  http://sourceforge.NET/projects/tapigen

• Change the administrator account inaccessible apex because of the authentication scheme

  
  Dear all,

  "By mistake I changed the Admin of my Oracle Apex application account authentication scheme to ' Oracle Application Server Single Sign-On. The application is hosted on a Linux server. Now, I'm not able to access the application and get this message"

  WWSEC_SSO_ENABLER_PRIVATE package does not exist or is not valid.

  Please ask your administrator to Application Express to configure the engine to Oracle Application Server Single Sign-On. »

  Someone could please help me out here and let me know how can I change this back to demand Express accounts? If there is no script that can reset to default, or whatever it is?

  Thank you

  Hi najet-Oracle,.

  Christophe-Oracle wrote:

  "By mistake I changed the Admin of my Oracle Apex application account authentication scheme to ' Oracle Application Server Single Sign-On. The application is hosted on a Linux server. Now, I'm not able to access the application and get this message"

  WWSEC_SSO_ENABLER_PRIVATE package does not exist or is not valid.

  Please ask your administrator to Application Express to configure the engine to Oracle Application Server Single Sign-On. »

  Someone could please help me out here and let me know how can I change this back to demand Express accounts? If there is no script that can reset to default, or whatever it is?

  Connect to the SYS user with SYSDBA privilege and to do this:

  ALTER SESSION SET CURRENT_SCHEMA = APEX_050000;
  
  BEGIN
      APEX_INSTANCE_ADMIN.SET_PARAMETER('APEX_BUILDER_AUTHENTICATION', 'APEX');
      COMMIT;
  END;
  /
  

  Reference:

  • http://docs.Oracle.com/CD/E59726_01/doc.50/e39149/apex_instance.htm#AEAPI246
  • http://docs.Oracle.com/CD/E59726_01/doc.50/e39149/apex_instance.htm#AEAPI248

  I hope this helps!

  Kind regards

  Kiran

• Apex 4.1 - Websheets with the custom authentication scheme

  Apex v4.1 (as seen on the hosted apex.oracle.com) - Websheets do not always seem to work with a custom authentication scheme. Database applications work very well with a function of sentry page, but when the same page sentry function is used for a websheet, running, it gives an error the requested page was not found
  
  One of the Apex team can consult? Thank you

  Hi Vikas,

  Websheet Sentinels have slight differences of sentinels of the application.
  I created a sentinel websheet for you which should operate (see below).

  Christian

  create or replace function sample_page_sentry return boolean
  is
      l_username   varchar2(512);
      l_session_id number;
      l_ws_app_id  number;
  begin
      -- check to ensure that we are running as the correct database user.
      if user != 'APEX_PUBLIC_USER' then
          return false;
      end if;
      -- get sessionid in cookie
      l_session_id := wwv_flow_custom_auth_std.get_session_id_from_cookie;
      if wwv_flow_custom_auth_std.is_session_valid then
          -- the session still exists. we configure the APEX engine to use
          -- this session id and the session's username.
          --
          -- NOTE: it is more secure to also check if this is the session id from
          --       the URL!
          --
          apex_application.g_instance := l_session_id;
          l_username                  := wwv_flow_custom_auth_std.get_username;
          if nvl(l_username,'nobody') != 'nobody' then
              wwv_flow_custom_auth.define_user_session(
                  p_user       => l_username,
                  p_session_id => l_session_id);
              return true;
          end if;
      else
          -- session can not be reused, create a new one
          l_session_id := apex_custom_auth.get_next_session_id;
      end if;                                                                                 
  
      -- the current session is unauthenticated. we have to determine the user
      -- and log in.                                                                          
  
      -- get the username from somewhere, e.g. a cgi variable. it is hard-coded
      -- here for simplification.
      l_username := 'VANJ';
      -- configure the engine to use this username and session.
      apex_custom_auth.define_user_session(
           p_user       => l_username,
           p_session_id => l_session_id );
      -- build a deep link to the websheet start page
      l_ws_app_id  := apex_util.get_session_state ('WS_APP_ID');
      wwv_flow_custom_auth.remember_deep_link (
           p_url=>'ws?p='||l_ws_app_id||'::'||l_session_id );
      -- register the session in apex sessions table, set cookie, redirect back.
      apex_authentication.login(
           p_username => l_username,
           p_password => null );
      return true;
  end sample_page_sentry;
  /                                                                                           
  

  Published by: Christian Neumueller November 15, 2011 07:07 (a wiki format error corrected)

• Apex authentication scheme 4.02 Apex Bug

  Hello
  
  I have recently install 4.0.2 oracle apex in Oracle database XE, I created an application with the Apex authentication scheme. The problem I encountered is that Apex is always show the logout button, if I close the browser and open it again and enter my public page of application for the first time that the apex is showing the logout button. When I click on the logout button, the session id changes but Apex continues to show the logout button.
  
  Is there a solution for this situation?

  Hello

  Go to edit this entry of logout navigation bar.
  The value entered conditionally "user is Authenticated (not public)"

  Kind regards
  Jari

• Apex 3.2 authentication scheme

  I am trying to create authentication using "Oracle Application Express account Credentials". After installation, I am able to see the login page, but connection works regardless of what username and password I give? I want it to work only for admin/adminpassword say user data.
  
  How can I change/update repository of user Application Express so that only the user when given passwords are allowed to connect to my application?

  Hi AEK.

  go to the components shared-> authentication schemes

  There, you will see a list of all your authentication schemes set up and which of them is the "current" assets

  brgds,
  Peter

  -----
  Blog: http://www.oracle-and-apex.com
  ApexLib: http://apexlib.oracleapex.info
  Work: http://www.click-click.at

• Apex authentication scheme

  Hi all
  
  -First of all, I created two individual applications with the shceme of authentication
  -then I want to create the account authentication shceme database in the first request, which must take place at the second asking too much (I mean a single sign on for both applications).
  
  Please someone help me

  Hello
  Create an authentication scheme in your 2nd application, modify the plan that you create and use "Reference Master Authentication Scheme From" the authentication scheme developed 2nd application you plan 'Master' in the application 1.

  HTH,

  Mike

• List of the authentication schemes current for Applications in a workspace

  Hello
  
  I have a request by our verification service to give them a list of applications and that the authorisation schemes they currently use. I had a quick glance at the sight APEX_APPLICATION_AUTH and from this point of view only gives me the authorisation schemes available for each application, but I can't see a column that allows me to filter on the current. Does anyone know how to get there?
  
  We use the Apex version: 3.2.0.00.27.
  
  See you soon,.
  Paul.

  Hello

  Can you do this?

  select workspace, authentication_scheme from apex_applications;
  

  Yes?

• authentication scheme (SSO)

  friends,
  
  anyone can put light on what is the difference between
  Oracle Application Server Single Sign-On (Application Express engine like partner App) and authentication schemes Oracle Application Server Single Sign-On (my app as partner App)
  
  future prospects for the kind attention
  
  Concerning
  ADI

  Application Express engine partner App - applications in all workspaces can be partners applications and they all use the same configuration of SSO (SSO SDK is installed in the scheme of the APEX FLOWSxxxxx Setup requires access to the schema)

  My request as partner App - each APEX application is configured as an application partners individually (SSO SDK is installed in the scheme of the analysis of the application)

  see this [HOWTO | http://www.oracle.com/technology/products/database/application_express/howtos/sso_partner_app.html] for more details.

  HTH,

  Chris

• Condition based on the authentication scheme

  Hello

  How can we determine the current active authentication scheme in a PL/SQL in Apex 4.2 application?

  Thank you!

  1033559 wrote:

  Update your forum profile with a recognizable username instead of "1033559": Video tutorial how to change username available

  How can we determine the current active authentication scheme in a PL/SQL in Apex 4.2 application?

  Use the IS_CURRENT_AUTHENTICATION column in the APEX_APPLICATION_AUTH view.

  For example:

  select
      workspace_display_name
    , application_id
    , application_name
    , is_current_authentication
    , scheme_type
    , scheme_type_code
    , authentication_scheme_name
    , is_subscribed
  from
      apex_application_auth
  where
      application_id = 1948
  

• LDAP authentication scheme has stopped working

  I have two servers, each with its own DB and APEX applications. To simplity, let's call them A and b. authentication is handled through a LDAP schema - and this regime is the same on both servers. After a few patches on A (I have yet to find out what that this application of fixes) I am no longer able to connect to one of the applications. However, using the same user/pass I can connect fine on server b (not talking dev backend for APEX, just the connection of the ordinary user in an application). Also, I changed absolutely nothing about the applications or the authentication scheme. So for now, I'm running with the idea that something happened during the patch.

  Here are the APEX vs on both servers:

  A: APEX 3.2

  B: APEX 4.0

  Looking at the authentication scheme, trying to detect the differences, the only thing I could find is that B also has a "Use SSL" option. But it is set to N, in any case. Yet once, these worked very well they were until now.

  I decided to test and run the following code on both servers:

  BEGIN
  IF APEX_LDAP.AUTHENTICATE(
      p_username =>     'user.name',
      p_password =>     'ultrasecretpassword',
      p_search_base =>  'cn=users dc=my, dc=domain, dc=com',
      p_host =>         'host.my.domain.com',
      p_port => 389) THEN
      dbms_output.put_line('authenticated');
  ELSE
      dbms_output.put_line('authentication failed');
  END IF;
  
  
  END;
  

  Not surprisingly, that said "authenticated" on B, and 'authentication failed' in a.. So, I decided to go a little further and run the following:

  -- Code by Scott Spadofore
  -- OTN: https://forums.oracle.com/forums/thread.jspa?threadID=954602
  DECLARE
    l_retval PLS_INTEGER;
    l_retval2 PLS_INTEGER;
    l_session dbms_ldap.session;
    l_ldap_host VARCHAR2(256);
    l_ldap_port VARCHAR2(256);
    l_ldap_user VARCHAR2(256);
    l_ldap_passwd VARCHAR2(256);
    l_ldap_base VARCHAR2(256);
  BEGIN
  
    l_retval := -1;
    dbms_ldap.use_exception := TRUE;
    l_ldap_host := 'host.my.domain.com';
    l_ldap_port := '389';
    l_ldap_user := 'cn=user.name,cn=users, dc=my,dc=domain,dc=com';
    l_ldap_passwd := 'ultrasecretpassword';
  
    l_session := dbms_ldap.init(l_ldap_host, l_ldap_port);
    l_retval := dbms_ldap.simple_bind_s(l_session,
    l_ldap_user,
    l_ldap_passwd);
    dbms_output.put_line('Return value: ' || l_retval);
    l_retval2 := dbms_ldap.unbind_s(l_session);
  
  EXCEPTION
    WHEN OTHERS THEN
      dbms_output.put_line(rpad('ldap session ', 25, ' ') || ': ' ||
      rawtohex(substr(l_session, 1, 8)) || '(returned from init)');
      dbms_output.put_line('error: ' || SQLERRM || ' ' || SQLCODE);
      dbms_output.put_line('user: ' || l_ldap_user);
      dbms_output.put_line('host: ' || l_ldap_host);
      dbms_output.put_line('port: ' || l_ldap_port);
  
      l_retval := dbms_ldap.unbind_s(l_session);
  END;
  

  VERY surprisingly (or unfortunately), it displays the same thing on both A and B: "return value: 0.

  Go to B and APEX LDAP test, I found that if I enable SSL, auth begins without too much. Clearly, it should be turned off to make it work. I'm picking on it because it's the only difference I could find between the two: A, being an older version does not have any what specifications on whether or not to use SSL (and I guess it's not, because I can't find anything in the docs).

  In the APEX, the DN is:

  cn=%LDAP_USER%,cn=users, dc=my,dc=domain,dc=com
  

  ... and uses no edit function, or anything like that. It's as simple as the host name, port, DN

  I am at a loss here, so any help would be appreciated! Thanks in advance!

  Finally two thoughts.

  During the ACL test - make sure this isn't a privileged account.   Users like SYS will bypass the ACL and give false positives.

  Second - the script you have above is designed for the APEX 4.1 (APEX_040100).  Make sure you adjust respectively for APEX 3.2 or 4.2.

  Also, if you want a few quick scripts to test / display the ACL settings, there are examples all over the internet.  I've added a few to the pile here: Oracle ACL configuration Scripts. W.P. Hill Tech

  Maybe they will help.

  Good luck.

  -Tim St.

• Directory LDAP authentication scheme does not

  I did some research on how to use active directory for authentication and it seems pretty obvious, but it does not for me in the APEX, while trying to authenticate the Works database.

  I created a new authentication system

  System type: LDAP Directory Service

  Host: < < Directory Server Active > >

  Port: 389

  DN: < < FIELD > > \%LDAP_USER%

  Use the distinguished name exactly: Yes

  I made sure that the new authentication scheme is underway.

  What application is running and I'm trying to connect, debug displays:

  ... Authentication failed: Invalid Login Credentials < div id = "apex_login_throttle_div" > please wait < span id = "apex_login_throttle_sec" > seconds 30 </span > to log in again. < / div

  But, I ran a test database using this code below that I found on the web and it runs without exception, so I don't know my settings, domain, host, port, user and password are correct.  Y at - it a step that I forget?

  DECLARE

  l_retval PLS_INTEGER;

  l_retval2 PLS_INTEGER;

  l_session dbms_ldap.session;

  l_ldap_host VARCHAR2 (256);

  l_ldap_port VARCHAR2 (256);

  l_ldap_user VARCHAR2 (256);

  l_ldap_passwd VARCHAR2 (256);

  l_ldap_base VARCHAR2 (256);

  BEGIN

  l_retval: = - 1;

  dbms_ldap.use_exception: = TRUE;

  l_ldap_host: = '< < ad server > > ';

  l_ldap_port: = '389';

  l_ldap_user: = ' < < MY AREA > >-< < my user > > ';

  l_ldap_passwd: = '< < password > > ';

  l_session: = dbms_ldap.init (l_ldap_host, l_ldap_port);

  l_retval: = dbms_ldap.simple_bind_s(l_session,l_ldap_user,l_ldap_passwd);

  dbms_output.put_line (' return value: ' | l_retval);

  l_retval2: = dbms_ldap.unbind_s (l_session);

  EXCEPTION

  WHILE OTHERS THEN

  dbms_output.put_line (rpad ('ldap session', 25, ' ') |) ': ' ||

  RAWTOHEX (substr (l_session, 1, 8)).

  '(retourné depuis init)");

  dbms_output.put_line (' error: ' |) SQLERRM | ' ' || SQLCODE);

  dbms_output.put_line (' user: ' | l_ldap_user);

  dbms_output.put_line (' host: ' | l_ldap_host);

  dbms_output.put_line ('port: ' | l_ldap_port);

  l_retval: = dbms_ldap.unbind_s (l_session);

  END;

  Hello

  If it works in the database, perhaps it is a typing error in your frame at the APEX?

  Create PL/SQL processes "on the charge before the header' on connection and as a PL/SQL block page for this entry process:

  begin
    APEX_DEBUG.ENABLE(apex_debug.c_log_level_engine_trace);
  end;
  

  Then run application, try to login and check the debug information. Maybe you'll find some clues to solve your problem.

• Mixed (LDAP + APEX accounts) authentication in Apex 4.2.3

  Hi all

  I've built and the application in version 4.2.3 against 11g R2 in Windows 2008 Server. Current authentication is HTML DB (authentication of the Apex). My customer wants to be able to authenticate users based on their Active Directory connections. Is it possible to have a mixed authentication method in this version of the Apex? Could you guide me to some documents, samples, etc.?

  Thank you

  Sinan

  Hey, Sinan.

  It turns out that I recently needed to implement these features even.  I created an application (version 4.2.1 on Oracle 11 g 3 and mod_plsql) Apex in which some users authenticate LDAP Windows while other users authenticate on a table of database containing usernames and encrypted passwords.  I created a package called app_security_pkg which is called from a PLSQL PLSQL submit after region on the login page (page 101) of my application.  This package, distinguishes a type of user of the connection on the other in turn, according to certain criteria.  In my case, the login page was a drop down in which users will have to choose the "user type" they connect as long as.  Then, if a user intends using my application, say, they would be an 'administrator', so select the option 'Administrator' in the menu drop-down.  If a user is using the application as an "experimenter", he would choose the "Experimenter" in the menu drop-down option down.

  They then have to type their user name and password on the login page, click on the 'Login' button and my package code.  The selected user type is sent with the entry of username and password.  According to the selected user type will determine what authentication scheme is used to verify the credentials passed in connection.  In my example, if the type of user 'Administrator' is adopted, the LDAP protocol is used; Otherwise, the connection user name and password are checked against the database table (the transmitted password is checked against passwords in encrypted stored in the table).

  If the type of the selected user is 'Administrator' and credentials have been verified with success against LDAP, the user is presented with a certain 'landing page' in the application.  If the selected user type is 'Experimenter' and the connection credentials have been verified successfully against the database table, then the user is presented with an another 'landing page' in the application.

  In a nutshell, this is how my multiple authentication scheme works.  And I would add, it works very well.

  I would like to include a link to my application but you would not be able to check it out since, obviously, you're not in our LDAP directory.

  I hope that helps you.

  Elijah

• Error after implementing the custom authentication scheme

  I have reproduced this time a workspace (GOGGINSCRATCH to apex.oracle.com) running 4.2.1.00.08 and a workspace 4.1.1.00.23 running
  
  Error: ORA-06550: line 4, column 23: PLS-00306: wrong number or types of arguments in the call to "AUTHENTICATOR" ORA-06550: line 4, column 1: PL/SQL: statement ignored
  
  PL/SQL in my workspace
  
  create or replace PACKAGE REPORTINGAUT AS
  
  function authenticator (user_name in VARCHAR2, pwd in VARCHAR2)
  return a Boolean value;
  
  END REPORTINGAUT;
  
  create or replace PACKAGE BODY REPORTINGAUT AS
  
  function authenticator (user_name in VARCHAR2, pwd in VARCHAR2)
  return a Boolean value AS
  BEGIN
  / * Implementation of necessary TODO * /.
  RETURN TRUE;
  END authenticator;
  
  END REPORTINGAUT;
  
  ------------------------------------
  APEX Builder Application steps
  (1) the shared components
  (2) the authentication schemes
  (3) create
  4.a) based on a system preconfigured Gallery
  4.b) name fred
  4.c) Type == custom
  Name of the function of authentication 4.d) = ReportingAut.authenticator
  4.e) activate the legacy of authentication attributes == Yes + (I've tried it both ways).
  
  So... this plan is underway, but when I try to connect, I get the above error... Driving me crazy... Thanks for any help...

  The parameter name is important. This should work:

  CREATE OR REPLACE PACKAGE reportingaut
  AS
     FUNCTION authenticator (p_username IN VARCHAR2, p_password IN VARCHAR2)
        RETURN BOOLEAN;
  END reportingaut;
  
  CREATE OR REPLACE PACKAGE BODY reportingaut
  AS
     FUNCTION authenticator (p_username IN VARCHAR2, p_password IN VARCHAR2)
        RETURN BOOLEAN
     AS
     BEGIN
        RETURN TRUE;
     END authenticator;
  END reportingaut;
  

  Denes Kubicek
  -------------------------------------------------------------------
  http://deneskubicek.blogspot.com/
  http://www.Apress.com/9781430235125
  http://Apex.Oracle.com/pls/Apex/f?p=31517:1
  http://www.Amazon.de/Oracle-Apex-XE-Praxis/DP/3826655494
  -------------------------------------------------------------------