Apex 3.2 authentication scheme
I am trying to create authentication using "Oracle Application Express account Credentials". After installation, I am able to see the login page, but connection works regardless of what username and password I give? I want it to work only for admin/adminpassword say user data.How can I change/update repository of user Application Express so that only the user when given passwords are allowed to connect to my application?
Hi AEK.
go to the components shared-> authentication schemes
There, you will see a list of all your authentication schemes set up and which of them is the "current" assets
brgds,
Peter
-----
Blog: http://www.oracle-and-apex.com
ApexLib: http://apexlib.oracleapex.info
Work: http://www.click-click.at
Tags: Database
Similar Questions
-
Change the administrator account inaccessible apex because of the authentication scheme
Dear all,"By mistake I changed the Admin of my Oracle Apex application account authentication scheme to ' Oracle Application Server Single Sign-On. The application is hosted on a Linux server. Now, I'm not able to access the application and get this message"
WWSEC_SSO_ENABLER_PRIVATE package does not exist or is not valid.
Please ask your administrator to Application Express to configure the engine to Oracle Application Server Single Sign-On. »
Someone could please help me out here and let me know how can I change this back to demand Express accounts? If there is no script that can reset to default, or whatever it is?
Thank you
Hi najet-Oracle,.
Christophe-Oracle wrote:
"By mistake I changed the Admin of my Oracle Apex application account authentication scheme to ' Oracle Application Server Single Sign-On. The application is hosted on a Linux server. Now, I'm not able to access the application and get this message"
WWSEC_SSO_ENABLER_PRIVATE package does not exist or is not valid.
Please ask your administrator to Application Express to configure the engine to Oracle Application Server Single Sign-On. »
Someone could please help me out here and let me know how can I change this back to demand Express accounts? If there is no script that can reset to default, or whatever it is?
Connect to the SYS user with SYSDBA privilege and to do this:
ALTER SESSION SET CURRENT_SCHEMA = APEX_050000; BEGIN APEX_INSTANCE_ADMIN.SET_PARAMETER('APEX_BUILDER_AUTHENTICATION', 'APEX'); COMMIT; END; /
Reference:
- http://docs.Oracle.com/CD/E59726_01/doc.50/e39149/apex_instance.htm#AEAPI246
- http://docs.Oracle.com/CD/E59726_01/doc.50/e39149/apex_instance.htm#AEAPI248
I hope this helps!
Kind regards
Kiran
-
A single application of APEX 2 authentication schemes
Hi all
as far as I know, it is not possible to use a single application APEX 2 authentication schemes, am I right?
My problem is this: I have a request to the APEX, and I would like to allow the readonly default users to access the data. If the user wishes to change the Scriptures, he or she must sign in with the user name and password (with the APEX default authentication scheme).
Is it possible, or do I me 2 applications - one with APEX-Login, and the other with "no authentication"?
Thank you
S Max wrote:
as far as I know, it is not possible to use a single application APEX 2 authentication schemes, am I right?
Yes.
My problem is this: I have a request to the APEX, and I would like to allow the readonly default users to access the data. If the user wishes to change the Scriptures, he or she must sign in with the user name and password (with the APEX default authentication scheme).
Is it possible, or do I me 2 applications - one with APEX-Login, and the other with "no authentication"?
May depend on how the data is presented, but it would be perfectly possible to do in one application. Apply the permission scheme of must not be Public user joined to create/modify/delete controls and settings for read-only on form pages/items.
-
Apex 4.1 - Websheets with the custom authentication scheme
Apex v4.1 (as seen on the hosted apex.oracle.com) - Websheets do not always seem to work with a custom authentication scheme. Database applications work very well with a function of sentry page, but when the same page sentry function is used for a websheet, running, it gives an error the requested page was not found
One of the Apex team can consult? Thank youHi Vikas,
Websheet Sentinels have slight differences of sentinels of the application.
I created a sentinel websheet for you which should operate (see below).Christian
create or replace function sample_page_sentry return boolean is l_username varchar2(512); l_session_id number; l_ws_app_id number; begin -- check to ensure that we are running as the correct database user. if user != 'APEX_PUBLIC_USER' then return false; end if; -- get sessionid in cookie l_session_id := wwv_flow_custom_auth_std.get_session_id_from_cookie; if wwv_flow_custom_auth_std.is_session_valid then -- the session still exists. we configure the APEX engine to use -- this session id and the session's username. -- -- NOTE: it is more secure to also check if this is the session id from -- the URL! -- apex_application.g_instance := l_session_id; l_username := wwv_flow_custom_auth_std.get_username; if nvl(l_username,'nobody') != 'nobody' then wwv_flow_custom_auth.define_user_session( p_user => l_username, p_session_id => l_session_id); return true; end if; else -- session can not be reused, create a new one l_session_id := apex_custom_auth.get_next_session_id; end if; -- the current session is unauthenticated. we have to determine the user -- and log in. -- get the username from somewhere, e.g. a cgi variable. it is hard-coded -- here for simplification. l_username := 'VANJ'; -- configure the engine to use this username and session. apex_custom_auth.define_user_session( p_user => l_username, p_session_id => l_session_id ); -- build a deep link to the websheet start page l_ws_app_id := apex_util.get_session_state ('WS_APP_ID'); wwv_flow_custom_auth.remember_deep_link ( p_url=>'ws?p='||l_ws_app_id||'::'||l_session_id ); -- register the session in apex sessions table, set cookie, redirect back. apex_authentication.login( p_username => l_username, p_password => null ); return true; end sample_page_sentry; /
Published by: Christian Neumueller November 15, 2011 07:07 (a wiki format error corrected)
-
Apex authentication scheme 4.02 Apex Bug
Hello
I have recently install 4.0.2 oracle apex in Oracle database XE, I created an application with the Apex authentication scheme. The problem I encountered is that Apex is always show the logout button, if I close the browser and open it again and enter my public page of application for the first time that the apex is showing the logout button. When I click on the logout button, the session id changes but Apex continues to show the logout button.
Is there a solution for this situation?Hello
Go to edit this entry of logout navigation bar.
The value entered conditionally "user is Authenticated (not public)"Kind regards
Jari -
Hi all
-First of all, I created two individual applications with the shceme of authentication
-then I want to create the account authentication shceme database in the first request, which must take place at the second asking too much (I mean a single sign on for both applications).
Please someone help meHello
Create an authentication scheme in your 2nd application, modify the plan that you create and use "Reference Master Authentication Scheme From" the authentication scheme developed 2nd application you plan 'Master' in the application 1.HTH,
Mike
-
Condition based on the authentication scheme
Hello
How can we determine the current active authentication scheme in a PL/SQL in Apex 4.2 application?
Thank you!
1033559 wrote:
Update your forum profile with a recognizable username instead of "1033559": Video tutorial how to change username available
How can we determine the current active authentication scheme in a PL/SQL in Apex 4.2 application?
Use the IS_CURRENT_AUTHENTICATION column in the APEX_APPLICATION_AUTH view.
For example:
select workspace_display_name , application_id , application_name , is_current_authentication , scheme_type , scheme_type_code , authentication_scheme_name , is_subscribed from apex_application_auth where application_id = 1948
-
LDAP authentication scheme has stopped working
I have two servers, each with its own DB and APEX applications. To simplity, let's call them A and b. authentication is handled through a LDAP schema - and this regime is the same on both servers. After a few patches on A (I have yet to find out what that this application of fixes) I am no longer able to connect to one of the applications. However, using the same user/pass I can connect fine on server b (not talking dev backend for APEX, just the connection of the ordinary user in an application). Also, I changed absolutely nothing about the applications or the authentication scheme. So for now, I'm running with the idea that something happened during the patch.
Here are the APEX vs on both servers:
A: APEX 3.2
B: APEX 4.0
Looking at the authentication scheme, trying to detect the differences, the only thing I could find is that B also has a "Use SSL" option. But it is set to N, in any case. Yet once, these worked very well they were until now.
I decided to test and run the following code on both servers:
BEGIN IF APEX_LDAP.AUTHENTICATE( p_username => 'user.name', p_password => 'ultrasecretpassword', p_search_base => 'cn=users dc=my, dc=domain, dc=com', p_host => 'host.my.domain.com', p_port => 389) THEN dbms_output.put_line('authenticated'); ELSE dbms_output.put_line('authentication failed'); END IF; END;
Not surprisingly, that said "authenticated" on B, and 'authentication failed' in a.. So, I decided to go a little further and run the following:
-- Code by Scott Spadofore -- OTN: https://forums.oracle.com/forums/thread.jspa?threadID=954602 DECLARE l_retval PLS_INTEGER; l_retval2 PLS_INTEGER; l_session dbms_ldap.session; l_ldap_host VARCHAR2(256); l_ldap_port VARCHAR2(256); l_ldap_user VARCHAR2(256); l_ldap_passwd VARCHAR2(256); l_ldap_base VARCHAR2(256); BEGIN l_retval := -1; dbms_ldap.use_exception := TRUE; l_ldap_host := 'host.my.domain.com'; l_ldap_port := '389'; l_ldap_user := 'cn=user.name,cn=users, dc=my,dc=domain,dc=com'; l_ldap_passwd := 'ultrasecretpassword'; l_session := dbms_ldap.init(l_ldap_host, l_ldap_port); l_retval := dbms_ldap.simple_bind_s(l_session, l_ldap_user, l_ldap_passwd); dbms_output.put_line('Return value: ' || l_retval); l_retval2 := dbms_ldap.unbind_s(l_session); EXCEPTION WHEN OTHERS THEN dbms_output.put_line(rpad('ldap session ', 25, ' ') || ': ' || rawtohex(substr(l_session, 1, 8)) || '(returned from init)'); dbms_output.put_line('error: ' || SQLERRM || ' ' || SQLCODE); dbms_output.put_line('user: ' || l_ldap_user); dbms_output.put_line('host: ' || l_ldap_host); dbms_output.put_line('port: ' || l_ldap_port); l_retval := dbms_ldap.unbind_s(l_session); END;
VERY surprisingly (or unfortunately), it displays the same thing on both A and B: "return value: 0.
Go to B and APEX LDAP test, I found that if I enable SSL, auth begins without too much. Clearly, it should be turned off to make it work. I'm picking on it because it's the only difference I could find between the two: A, being an older version does not have any what specifications on whether or not to use SSL (and I guess it's not, because I can't find anything in the docs).
In the APEX, the DN is:
cn=%LDAP_USER%,cn=users, dc=my,dc=domain,dc=com
... and uses no edit function, or anything like that. It's as simple as the host name, port, DN
I am at a loss here, so any help would be appreciated! Thanks in advance!
Finally two thoughts.
During the ACL test - make sure this isn't a privileged account. Users like SYS will bypass the ACL and give false positives.
Second - the script you have above is designed for the APEX 4.1 (APEX_040100). Make sure you adjust respectively for APEX 3.2 or 4.2.
Also, if you want a few quick scripts to test / display the ACL settings, there are examples all over the internet. I've added a few to the pile here: Oracle ACL configuration Scripts. W.P. Hill Tech
Maybe they will help.
Good luck.
-Tim St.
-
Directory LDAP authentication scheme does not
I did some research on how to use active directory for authentication and it seems pretty obvious, but it does not for me in the APEX, while trying to authenticate the Works database.
I created a new authentication system
System type: LDAP Directory Service
Host: < < Directory Server Active > >
Port: 389
DN: < < FIELD > > \%LDAP_USER%
Use the distinguished name exactly: Yes
I made sure that the new authentication scheme is underway.
What application is running and I'm trying to connect, debug displays:
... Authentication failed: Invalid Login Credentials < div id = "apex_login_throttle_div" > please wait < span id = "apex_login_throttle_sec" > seconds 30 </span > to log in again. < / div
But, I ran a test database using this code below that I found on the web and it runs without exception, so I don't know my settings, domain, host, port, user and password are correct. Y at - it a step that I forget?
DECLARE
l_retval PLS_INTEGER;
l_retval2 PLS_INTEGER;
l_session dbms_ldap.session;
l_ldap_host VARCHAR2 (256);
l_ldap_port VARCHAR2 (256);
l_ldap_user VARCHAR2 (256);
l_ldap_passwd VARCHAR2 (256);
l_ldap_base VARCHAR2 (256);
BEGIN
l_retval: = - 1;
dbms_ldap.use_exception: = TRUE;
l_ldap_host: = '< < ad server > > ';
l_ldap_port: = '389';
l_ldap_user: = ' < < MY AREA > >-< < my user > > ';
l_ldap_passwd: = '< < password > > ';
l_session: = dbms_ldap.init (l_ldap_host, l_ldap_port);
l_retval: = dbms_ldap.simple_bind_s(l_session,l_ldap_user,l_ldap_passwd);
dbms_output.put_line (' return value: ' | l_retval);
l_retval2: = dbms_ldap.unbind_s (l_session);
EXCEPTION
WHILE OTHERS THEN
dbms_output.put_line (rpad ('ldap session', 25, ' ') |) ': ' ||
RAWTOHEX (substr (l_session, 1, 8)).
'(retourné depuis init)");
dbms_output.put_line (' error: ' |) SQLERRM | ' ' || SQLCODE);
dbms_output.put_line (' user: ' | l_ldap_user);
dbms_output.put_line (' host: ' | l_ldap_host);
dbms_output.put_line ('port: ' | l_ldap_port);
l_retval: = dbms_ldap.unbind_s (l_session);
END;
Hello
If it works in the database, perhaps it is a typing error in your frame at the APEX?
Create PL/SQL processes "on the charge before the header' on connection and as a PL/SQL block page for this entry process:
begin APEX_DEBUG.ENABLE(apex_debug.c_log_level_engine_trace); end;
Then run application, try to login and check the debug information. Maybe you'll find some clues to solve your problem.
-
Error after implementing the custom authentication scheme
I have reproduced this time a workspace (GOGGINSCRATCH to apex.oracle.com) running 4.2.1.00.08 and a workspace 4.1.1.00.23 running
Error: ORA-06550: line 4, column 23: PLS-00306: wrong number or types of arguments in the call to "AUTHENTICATOR" ORA-06550: line 4, column 1: PL/SQL: statement ignored
PL/SQL in my workspace
create or replace PACKAGE REPORTINGAUT AS
function authenticator (user_name in VARCHAR2, pwd in VARCHAR2)
return a Boolean value;
END REPORTINGAUT;
create or replace PACKAGE BODY REPORTINGAUT AS
function authenticator (user_name in VARCHAR2, pwd in VARCHAR2)
return a Boolean value AS
BEGIN
/ * Implementation of necessary TODO * /.
RETURN TRUE;
END authenticator;
END REPORTINGAUT;
------------------------------------
APEX Builder Application steps
(1) the shared components
(2) the authentication schemes
(3) create
4.a) based on a system preconfigured Gallery
4.b) name fred
4.c) Type == custom
Name of the function of authentication 4.d) = ReportingAut.authenticator
4.e) activate the legacy of authentication attributes == Yes + (I've tried it both ways).
So... this plan is underway, but when I try to connect, I get the above error... Driving me crazy... Thanks for any help...The parameter name is important. This should work:
CREATE OR REPLACE PACKAGE reportingaut AS FUNCTION authenticator (p_username IN VARCHAR2, p_password IN VARCHAR2) RETURN BOOLEAN; END reportingaut; CREATE OR REPLACE PACKAGE BODY reportingaut AS FUNCTION authenticator (p_username IN VARCHAR2, p_password IN VARCHAR2) RETURN BOOLEAN AS BEGIN RETURN TRUE; END authenticator; END reportingaut;
Denes Kubicek
-------------------------------------------------------------------
http://deneskubicek.blogspot.com/
http://www.Apress.com/9781430235125
http://Apex.Oracle.com/pls/Apex/f?p=31517:1
http://www.Amazon.de/Oracle-Apex-XE-Praxis/DP/3826655494
------------------------------------------------------------------- -
Custom authentication scheme, problem with LOGOUT_URL
Hi all
I use a custom database of authentication scheme in a 4.1 application. I have a problem when I logout, I use jQuery mobile because it is a tablet based application, and the navigation bar entry "Logout" is rendered using the following: -.
a href = "& LOGOUT_URL." data-icon = "Logout" class = "interface user-btn-right" > logout ' "
The application appears disconnected OK, I turned around to my 101 login page, but when I try to reconnect the page refreshes just, if I try again to connect, I'm connected to OK (so basically users will have to try twice to reconnect after disconnection, while the connection when the application is started first works OK).
When I logout and I return on page 101, the URL is: -.
< my host > /pls/apex/apex_authentication.logout?p_app_id=1000 & p_session_id = 882879595907101
After the first attempt to connect to the URL is (so the session ID has been updated);
< my host > / pls/apex/f? p = 1000:LOGIN:1610821365546101
Any ideas what I'm missing here?
Thank you
Mike
Published by: Mike, UK 21 June 2012 08:36Hi Mike,.
I replied the same day. In case you have not received my mail, I'll paste it below:
What I've discovered, is that submit it on the login page seems to use the old session id:
1. User enters http://mike/pls/apex/f?p=1150:1 -> Apex creates a new session and redirects to f?p=1150:LOGIN:168921246845801 2. User enters credentials and presses Login -> wwv_flow.accept with p_instance=168921246845801 -> Apex authenticates user and redirects to page 1 f?p=1150:1:168921246845801::::: 3. User clicks Logout -> apex_authentication.logout?p_app_id=1150&p_session_id=168921246845801 -> Apex removes session -> Apex redirects to home page f?p=1150:1 -> Apex creates new session and redirects to login f?p=1150:LOGIN:1175456815657401 4. User enters credentials and presses Login -> wwv_flow.accept with p_instance=168921246845801 -- WRONG SESSION ID! -> Apex sees that the session id and the session cookie value do not match -> Apex creates a new session and redirects to login f?p=1150:LOGIN:652507970485801
My solution to this problem was to change the page to page 1 model to
have onedata-ajax = "false".
attribute on the logout url. This seems to have done the trick, but I'm
a backend guy and certainly not an expert in the user interface. Seehttp://jquerymobile.com/test/docs/pages/page-links.html
for help online JQM.
See you soon,.
Christian -
Create the custom for more than one table, and then another user authentication scheme
Hello
I already test to create an courable authentication scheme. It works very well!
My problem is that I designed a database on the data requirements. So the results are two different user tables - one record data of the company and the other to consist of data from dealers. Both can register on my web application with e-mail address (Unique).
The authentication scheme in APEX checks the table right on a data user!
A possible solution is to call the company with the dealer table table. But in the picture of society isn't some attributes wich find no need in the dealer table and vice versa.
Further, that it is not possible that the concessionaire may register that they self as a company with the same which e-mail they use for registration as a reseller.
Can you give me some more ideas how slove/manage this problem...
I am using APEX 4.0.2 on an Oracle 10 g database.
NEDO
Edited by: Mr.Nedo the 12.05.2011 02:16>
The authentication scheme in APEX checks the table right on a data user!A possible solution is to call the company with the dealer table table. But in the picture of society isn't some attributes wich find no need in the dealer table and vice versa.
Further, that it is not possible that the concessionaire may register that they self as a company with the same which e-mail they use for registration as a reseller.
>Create a view which combines common elements of the user of the 2 tables and the authentication scheme based checks on the view.
-
I use a custom authentication scheme to validate my users, but I always use groups and standard users from APEX. One of the controls that I do is the APEX_UTIL. GET_ACCOUNT_LOCKED_STATUS. I want to display a message "Locked user" If this is true instead of the message "Invalid Login Credentials" that is currently. Is anyway to do this?
BEGIN
-User must exist in the table SIS_USER
FOR x in get_authenticate_info LOOP
sis_user_exists: = true;
l_allow_sis_authenticate: = x.allow_sis_authenticate;
END LOOP;
If sis_user_exists = false then
GoTo end_of_trigger;
elsif APEX_UTIL. GET_ACCOUNT_LOCKED_STATUS (p_user_name = > p_username) then
GoTo end_of_trigger;
end if;
END;Ah ok, my bad.
Why don't you just create a validation of the page for the location of the user account is locked. That way if the account is locked (i.e. validation fails), the connection process is never triggered.
-
authentication scheme (SSO)
friends,
anyone can put light on what is the difference between
Oracle Application Server Single Sign-On (Application Express engine like partner App) and authentication schemes Oracle Application Server Single Sign-On (my app as partner App)
future prospects for the kind attention
Concerning
ADIApplication Express engine partner App - applications in all workspaces can be partners applications and they all use the same configuration of SSO (SSO SDK is installed in the scheme of the APEX FLOWSxxxxx Setup requires access to the schema)
My request as partner App - each APEX application is configured as an application partners individually (SSO SDK is installed in the scheme of the analysis of the application)
see this [HOWTO | http://www.oracle.com/technology/products/database/application_express/howtos/sso_partner_app.html] for more details.
HTH,
Chris
-
Authentication scheme adding custom plans available
Hello
I have my custom authentication scheme LDAP now works with an application, but is it possible to add this game to the list of available authentication schemes? When I build a new application I have begin with authentication of the Apex, then when you are ready to publish the application to users to change the authentication scheme. But as the plans available only appearing when I go to the components shared-> authentication schemes are default ones, I end up having to recreate my custom authentication scheme. Is it possible to have my custom scheme appears in the list of available custom schemas? I know that I can copy from an existing application too, but it's a gene also.
Thank you
PatI don't think that there is a way to do this currently. Copying from one other application is not a problem for me. Other than that sound you like you would be to produce new applications on a belt conveyor :) In this case, I would create a kind of application of model with a minimum of a preset used in all of your applications - including the authentication scheme. If already seen your authentication custom y at - it a particular reason to use built in authentication for your applications?
Denes Kubicek
------------------------------------------------------------------------------
http://deneskubicek.blogspot.com/
http://www.Opal-consulting.de/training
http://Apex.Oracle.com/pls/OTN/f?p=31517:1
------------------------------------------------------------------------------
Maybe you are looking for
-
What is the current version of firefox?
I know how to check the latest version that I use, but I would like to know what Mozilla just came out for the release of the current version of Firefox. I used the on Firefox to get what version I use and Mozilla wrote his Version 36.0.4. which Stat
-
Portege M200: Need recovery due to the SD card CD
Hello I have a M200, I got it again. However, I can't find my restore cd! Everything I need from the Image of SD card provided in this regard, is there anywhere I can get it? I have the XP Pro full windows cd, I work in an IT Department! But with the
-
I send a ' * IDN?' command of the instrument. and he says...
Hello. I am student in physics at the University of Seoul. I want to use the power of 224 Keithley with Labview Source. I send a ' * IDN? "command to Keithley224, then I get the strange message." CO-HOST + 0.0000E + 0, V + W + 5.0000E + 0 3.0000E - 2
-
My Laserjet 2300 allow XP and Windows 8 - 2 computers connected to it?
Assuming that I can download a driver from Windows 8 for my Laserjet 2300, I always will be able to print from my old XP computer, also hanging on to her?
-
My computer turn itself on automatically.
My computer turn itself on automatically. Does anyone know what I need to do to prevent this?