Apex 4.2.2 NTLM authentication

Hi all

I have Apex 4.2.2 running on the Oracle 11.2.0.4.0 database. We use SST for web server.

I'm trying to set up NTLM authentication and the use of the article by Jason Straub.

http://jastraub.blogspot.com/2008/03/NTLM-HTTP-authentication-and.html

I created the function using this code and it compiled without any errors. I've granted execute permissions to APEX_PUBLIC_USER on this feature as well. I added the line "PlsqlCGIEnvironmentList AUTHORIZATION" in the file dads.conf SST.

I created the authentication scheme as described in the article and made current.

Now, when I run the application, I get the following error.

Function of Sentinel of treatment of the error session.

ORA-44004: invalid qualified SQL name


Screenshot of my authentication scheme

Screenshot of my mistake.

Is that what I'm doing wrong? Any help is greatly appreciated.

Thank you

He may be the owner of the schema as a qualification?

Some readings

Custom authentication does not work after upgrade to 4.1

Tags: Database

Similar Questions

  • NTLM authentication does not work well with Firefox and WebTier (11 GR 2)

    Hello
    We use authentication NTLM with Jason Straubs NTLM - Sentry feature (http://jastraub.blogspot.com/2008/03/ntlm-http-authentication-and.html) Page.

    With the old configuration of Apex 3.2 with HTTP-Server Oracle 10 g 2-companion-album, it works fine.

    Now install us a Web server with Oracle 11 GR 2 (Oracle Web Tier). I have set up the DADS. CONF in the same way as the old HTTP server. With IE, it works, but with Firefox, I get a HTTP 401 "authorization required". If I press the F5 key to reload the page in Firefox, it works.

    Any suggestions?

    Kind regards
    Mark

    Hi Mark,

    I'm sorry that I have not seen that you stayed with APEX 3.2. Therefore, it is fair to ESO who changed...

    First new idea:
    Debug information are useful as we see where Firefox gets to. The flow seems to be the same for both browsers. Perhaps the WebTier sends answers differently. I see another article that could be excluded for Firefox:

            -- See http://www.nabble.com/Empty-POST-requests-on-IE-td15332680.html
            -- We have to trick IE that he thinks the authentication fails, otherwise
            -- he doesn't send any data when issueing a POST because he wants to
            -- do the NTLM stuff again
            owa_util.status_line
              ( nstatus => 401,
                creason => 'Unauthorized',
                bclose_header => FALSE
              );
    

    The commentary says that the part is required for IE. The result for owa_util.status_line is perhaps send too early for Firefox or closed, that the 'old' OSH handled diffrently. If indeed this should be left aside for Firefox, you can try to change the code as follows

    IF WWV_Flow.get_browser_version != 'NSCP'
            THEN
            -- See http://www.nabble.com/Empty-POST-requests-on-IE-td15332680.html
            -- We have to trick IE that he thinks the authentication fails, otherwise
            -- he doesn't send any data when issueing a POST because he wants to
            -- do the NTLM stuff again
            owa_util.status_line
              ( nstatus => 401,
                creason => 'Unauthorized',
                bclose_header => FALSE
              );
    END IF;
    

    This leads me to a second point:
    I remember of this manual, you may need to update the owa_util when using the APEX in combination with OHS 11 g.
    What version of owa_util do you currently use?

    select owa_util.get_version from dual;
    

    APEX 3.2.1 comes with owa_util 10.2.0.6 which is the minimum required version. If your database currently has a lower version, you can update it out of your installation package APEX by running owainst.sql located in the owa- directory as sysdba.

    -Udo

    Published by: Udo on 31.08.2010 14:16
    Comparison of fixed

  • NTLM authentication is supported style UPN (userPrincipalname) username?

    Is authentication NTLM supports style UPN (userPrincipalname) username (ex: * e-mail address is removed from the privacy *) to authenticate?

    This issue is beyond the scope of this site (for consumers) and to be sure, you get the best (and fastest) reply, we have to ask either on Technet (for IT Pro) or MSDN (for developers)

    If you give us a link to the new thread we can point to some resources it
  • Apex: Could you help about authentication?

    Hello

    I have a table of connection with username (P101_username) and the table password (P101_Password) and emp emp_id, emp_name and designation. Whenever I enter the connection information, I must show the name of the employee, of designation and its identifier.

    Currently, I use the custom as sql

    SELECT ' ID :'|| EMP_ID | » '|| DESIGNATION, EMP_NAME

    SAMPLE

    WHERE EMP_ID = 20

    UNION ALL

    SELECT ' ID :'|| EMP_ID | » ' || DESIGNATION, EMP_NAME

    SAMPLE

    WHERE EMP_ID = 5

    Suppose that, if emp_id '10' made his entrance with a successful authentication it must indicate its coordinates. Any help?

    --

    Thank you

    : APP_USER returns the currently logged in user, peut it be combined with the information in your table?

  • Web service - transmission of NTLM authentication user

    APEX 4.0.2

    All our defined applications APP_USER in header REMOTE_USER CGI which is defined by the OHS mod_ntlm module to the logged in Windows user. Is it possible to invoke web service references (REST) defined in the application to behave as if this user is calling the web service? As if the service request was made directly from the browser (IE).

    Hard code credentials into the definition of APEX app, pass them through a URL, the service accessible to anonymous users, etc., are unacceptable alternatives.

    Any ideas?

    Thank you

    Vikas:

    You can use the APEX_WEB_SERVICE API to set HTTP headers (in this case, you can set CGI_REMOTE_USER). The following documentation describes how to configure the request headers. Note that when you set the header via APEX_WEB_SERVICE, interactions of web service uses the headers, not just those invoked through APEX_WEB_SERVICE.

    http://docs.Oracle.com/CD/E23903_01/doc/doc.41/e21676/apex_web_service.htm#BABDFEJG

    Kind regards

    Jason

  • NTLM authentication

    Hello. How can I get ColdFusion 8 using an Active Directory server in the Server 2003/8 (NTLM) to authenticate users? I want users to connect to the site using their domain information. The server is running Apache... Do I need IIS?

    Thank you!

    I can't go much father and on me, or any other contractor, coming to your site and write your code for you after your correct data network administrator.  The success rate for this type of work is $100 US per hour plus the costs of travel and more.

    
    
        
    

    The ColdFusion documentation has examples of code very similar to what is provided here.

  • Apex 4.1.1 and get_session_id_from_cookie

    Hello!

    someone at - it tested "wwv_flow_custom_auth_std.get_session_id_from_cookie" with apex 4.1.1? (I use it for ntlm authentication - see jason straubs blog: http://jastraub.blogspot.com/2008/03/ntlm-http-authentication-and.html)
    After 4.1.0 upgrade function always returns null for the session_id authentication and therefore is not possible. any ideas? I have not found something related to this in the upgrade log...

    THX in advance,
    Christian

    Hello

    Please send your sentry duties. Jason put in place an ad server for us and I found the problem:

    The cookie values are longer in 4.1.1 this causes problems with a specific part of this authentication scheme (the lines dealing with ' Set-Cookie: %').

    We'll come with a newer version, but I also have a quick work around. In my test case, it was sufficient to explicitly set a cookie name in authentication, e.g. F102 for my application 102.

    Kind regards
    Christian

  • Video Jabber for telepresence iPAD - Support NTLM

    I intend to enable pass-through authentication AD on the RESUME for Jabber clients.

    VCS X7.2

    I want to know, will the jabber for iPAD support NTLM authentication. I see the deployment guide to only mention Movi 4.2 or later.

    -What Jabber account for iPAD versions 1.X aswell.

    Yes, we use Jabber for iPad, and they connect through NTLM authentication to our VCS.

    Thank you

    Guy

  • Issues of authentication VCS/AD/MOVI

    Hey all,.

    Got a customer with X6.1 on its VCS-E & VCS - C.  MOVI worked perfectly well.  Then, we have added the VCS - C to the domain and activated the NTLM authentication.  MOVI still works using the new AD credentials, but we have problems (2).

    (1) the customer used MOVI v4.2 and everything works fine.  Client Jabber v4.4 downloads and they can no longer connect.  Looks like she does not query even the SCV - C, seems to pass directly to the VCS-E.

    (2) when MOVI v4.2 or Jabber v4.4 try to connect to the VCS-E they are unable to authenticate.  What are the policies of auth area required for the VCS-E & VCS - C when you use NTML authentication?

    Thank you

    Justin

    Hi Justin,

    Check the other threads on CCS. To answer your questions:

    case 1: If the Jabber is not able to get a response in the final timeperiod, then it will change to the motorway.

    case 2: check the links below

    https://supportforums.Cisco.com/message/3425760#3425760

    https://supportforums.Cisco.com/message/3599742#3599742

    Thank you

    Alok

  • Other necessary permission for apex_util to APEX 5 vs 4.2

    Hello

    APEX 4.2 against APEX 5.0

    Using the EPG for the test.

    Accounts of the APEX

    I have a small procedure that retrieves the information of users with APEX_UTIL. FETCH_USER of a session not authenticated (the user did not connect to the app yet).

    APEX 4.2 I got it works by the granting of the APEX_ADMINISTRATOR_ROLE for the owner of the schema of the application.

    If I use the same configuration to the APEX 5 I get the below error:

    The nobody user requires ADMINISTRATOR privileges to perform this operation.

    Contact your administrator for the application.

    I also tried the grant execute rights on APEX_UTIL directly to the owner of the schema but no luck. In another installation with the ADR program I also tried to give the role and run rights to APEX_PUBLIC_USER, but it does not work.

    If I execute direct SQL procedure * more connected as the owner of the schema it works without problem so the change is probably the user executing the statement of APEX (in a configuration of ADR, it should be APEX_PUBLIC_USER).

    Can someone explain the difference of rights required between en 4.2, 5.0 or the user who is running the APEX session during the execution of APEX_UTIL procedures or point me in the direction of a solution?

    Kind regards

    Bottom

    Down de Klerk wrote:

    APEX 4.2 against APEX 5.0

    Using the EPG for the test.

    Accounts of the APEX

    I have a small procedure that retrieves the information of users with APEX_UTIL. FETCH_USER of a session not authenticated (the user did not connect to the app yet).

    APEX 4.2 I got it works by the granting of the APEX_ADMINISTRATOR_ROLE for the owner of the schema of the application.

    If I use the same configuration to the APEX 5 I get the below error:

    The nobody user requires ADMINISTRATOR privileges to perform this operation.

    Contact your administrator for the application.

    I also tried the grant execute rights on APEX_UTIL directly to the owner of the schema but no luck. In another installation with the ADR program I also tried to give the role and run rights to APEX_PUBLIC_USER, but it does not work.

    If I execute direct SQL procedure * more connected as the owner of the schema it works without problem so the change is probably the user executing the statement of APEX (in a configuration of ADR, it should be APEX_PUBLIC_USER).

    Can someone explain the difference of rights required between en 4.2, 5.0 or the user who is running the APEX session during the execution of APEX_UTIL procedures or point me in the direction of a solution?

    It is due to changes without papers to security restrictions in the APEX 5.0. See:

    It seems that the only way in which a 5.0 APEX session which is not authenticated as an administrator of the workspace can access user details using the apex_util.fetch_user is done by a convoluted workaround involving a scheduled job.

  • How to set authentication with domain name in PL/SQL WebService

    Dear Sir

    I could see the content of the Web service in a browser with the user name and password then I'v tested with soupUI and I had to enter the user name and password and domain but I couldn't

    No information in pl/sql. I think my problem is how to define area.

    Browser authentication: OK

    username = "TST\saeed".

    password = 'test '.

    soupUI of authentication: OK

    username = "Salam".

    password = 'test '.

    domain = "TST".

    PL/SQL: failure


    declare
    Utl_http.req req;
    resp utl_http.resp;
    RW varchar2 (32767).
    Start
    Utl_http.set_Proxy ('http://127.0.0.0:80');
    Req: = utl_http.begin_request ('http://test/sendDATA.ASMX');
    UTL_HTTP. SET_AUTHENTICATION (req, 'TST\saeed', 'test', 'Basic', TRUE);
    resp: = utl_http.get_response (req);
    loop
    Start
    RW: = null;
    Utl_http.read_line (RESP, rw, TRUE);
    SYS. DBMS_OUTPUT. Put_line (RW);
    exception when others then
    "exit";
    end;
    end loop;
    Utl_http.end_response (resp);
    end;

    Result:

    < ! DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict / / IN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd" > ""

    " < html xmlns =" http://www.w3.org/1999/xhtml ">

    < head >

    < meta http-equiv = "Content-Type" content = text/html"; charset = iso-8859-1 "/ >"

    < title > 401 - Unauthorized: access is denied due to credentials not valid. < /title >

    < / head >

    < body >

    < div id = "header" > < error Server h1 > < / h1 > < / div >

    < div id = "content" >

    < div class = "content-container" > < fieldset >

    < h2 > 401 - Unauthorized: access is denied due to credentials not valid. < / h2 >

    < h3 > you are not allowed to view this directory or page using the credentials you supplied. < / h3 >

    < / fieldset > < / div >

    < / div >

    < / body >

    < / html >

    Kind regards

    Saeed.

    Dear all,

    I found with the software "Fiddler Web Debugger" authentication type is notBasic"is"NTLM authentication"so it solved my problem.

    Unfortunately, the Oracle UTL_HTTP package does not support NTLM authentication (it only supports basic via the SET_AUTHENTICATION procedure).

    Reference: http://ora-00001.blogspot.co.uk/2011/08/ntlm-for-plsql.html by Morten Bråten

    Kind regards

    Saeed.

  • Authentication LDAP with P101_USERNAME, but we must define a different APP_USER

    We have Apex 4.2 using the authentication scheme 'Application Express accounts' with APP_USERS as 'BS1234 '.

    And our process of login()) P101 invoke:

    wwv_flow_custom_auth_std. Login (P_UNAME = >: P101_USERNAME, P_PASSWORD = >: P101_PASSWORD,)

    P_SESSION_ID = > v ('APP_SESSION'), P_FLOW_PAGE = >: APP_ID | » : 10') ;

    We want to start using LDAP/AD, such that we can

    (1) accept a user name LDAP as 'bob.smith' and to authenticate to Active Directory.

    (2) convert 'bob.smith' to 'BS1234' using a lookup table

    (3) to use "BS1234" as the APP_USER (for reasons of inheritance)

    We tested the APEX "LDAP authentication" system and it works fine, but it leaves us with "bob.smith" as the APP_USER.

    My current idea is to have serveral P101 processes. The first LDAP using P101_USERNAME/bob.smith authentication will occur.

    If this attempt is successful a second process will make the search and reset P101_USERNAME: = "BS1234."

    and if _that_ is successful we will call a custom authentication (always true) "minimal".

    The last stage of custom authentication is, in my view, necessary so P101_USERNAME is assigned to APP_USER.

    But could all three of these steps in a single custom authentication scheme?

    Custom authentication is new to us, and we are a bit confused with all the steps (Sentry, Proc of Session function not valid, authentication, post Logout Proc, Session not valid function check, proc and Proc preauthentication after authentication), so any ideas would be welcome.

    Hello

    You can do it with the help of LDAP "Authentication Type" himself. No need to create type "Custom authentication.

    You can use APEX_CUSTOM_AUTH. SET_USER APP_USER setting procedure

    1. Create procedure with output parameters for example set_apex_user.
    2. In this procedure, use v ('APP_USER') to get the LDAP username at the start. Get your username lookup table APEX and set APP_USER using APEX_CUSTOM_AUTH. Procedure SET_USER
    3. You must call this procedure in your "LDAP Authentication Scheme',"Login Processing"topic, like"name of the procedure after authentication.

    I hope this helps.

    Kind regards

    Hari

  • Include forms in Apex

    Hello

    We have an older application of Oracle Forms 10g (approximately 200 forms).
    We do a new Apex 3.2 on 10g application.

    We want users to familiarize themselves with the new interface, we include forms in the new Apex application. Then we gradually replace content of forms of content of the Apex.

    I tried to include the generated HTML code of a form in an area of the APEX, it works, but it ask for login and password for the application of forms, although I am already authenticate in the Apex. We use the authentication scheme that is personalized in the apex (a web service call), but forms application using database authentication.

    I've never worked with Oracle Forms, I have not to change too many things on it. So is it possible to pass a login/password to apex forms? As we do not use database authentication, and we need security, we are unable to send the url, as described in the present document.

    In blog Roels, he speaks of an APEX$ CALL_FORM procedure, but I can't find information that one, how to use, settings, etc... You have more information about it?

    Thank you.

    Yann.

    The (or a) to start normal forms is by typing a URL like: http://localhost:7778/forms/frmservlet? config = apex

    If you start a form like that and look in the generated HTML code, you will notice a HTML code (after ).

    One of the lines is:

    VALUE = "escapeParams = true module = your.fmx userid =...

    If you generate this HTML with a procedure that you can generated the userid/password@database at this place.

    Charge of IE or FF, you have to put the code or in the

  • APEX SSO blank Page

    Hello
    Our just improved DBA of apex 3.1 and 3.2. I had to reinstall the ssosdk and custom_auth_sso_902. Now after successful login, sso returns me to a blank page. I tried to delete the partner application and recreate, but still get the blank page. our Apex is in/pls/apps.
    https://server.com/pls/apps/wwv_flow_custom_auth_sso.process_success?urlc=v1.2 ~ D360F...

    Thanks for any help.



    restored to 3.1.2

    Published by: bahaugab on February 27, 2010 08:07

    Yes it can be funny like that.

    I lost count of the number of times I got to reregister APEX as a UNIQUE partner authentication app and then relaunch regapp when everything looks ok.

    Happy that you guessed it work.

    You may want to look at creating a schema called APEX_SSO and the ssosdk running in this scheme (that is to say he will be the owner of the table of $ wwsec_enabler_config_info). The advantage of this is that you shouldn't have to worry about anything whatsoever when you upgrade to a future version of APEX that is when the schema changes from FLOWS_030200 to APEX_040000 for example which means normally run the ssosdk in the new schema and run the regapp.

    Hope that helps.

    Duncs
    -----------------------------------------------------------------
    http://djmein.blogspot.com

    By courtesy, please remember to mark the useful or correct accordingly :) answers

  • Retrieve the name of the Windows user

    Hi, I want to do not proceed with the connection of Apex application (how to proceed is covered in docs), but rather looking for the connection of the users of the xp operating system. (ie the connection information that is displayed in xp, when you press Ctrl + alt + delete)

    This windows login name is then compared with a users table in the database to determine access to the application and the different functions thanks to the application.

    Someone knows how this connection name can be extracted from the BONES within the APEX?

    Thank you!

    Lorenzo,

    It's actually a little difficult at this stage. I suggest you that to start your learning with the following links:

    http://jastraub.blogspot.com/2008/03/NTLM-HTTP-authentication-and.html
    http://www.Oracle.com/technology/products/database/application_express/PDF/apex_ntlm_authentication_wp.PDF
    NTLM authentication

    Kind regards
    Dan

    http://danielmcghan.us
    http://sourceforge.NET/projects/tapigen
    http://sourceforge.NET/projects/plrecur

    You can reward this answer by marking as being useful or correct ;-)

Maybe you are looking for

  • How to enlarge text in Mail

    I have recently started using Mail on my iMac and regret its text size in the view.  I can not find a mechanism to enlarge the font for display on screen.  Is it possible to do?

  • my address bar does not allow me to enter information, how to access?

    before that I could go directly to the address bar. Now he has a magnifying glass at the beginning of the bar and does not allow me to type in it. What should I do to be able to search in the bar of monzilla?

  • Library iCloud Photo albums do not sync between Macs

    One of my friends has an iMac and a MacBook Air (MBA). He wanted the photo library to synchronize between the two devices, so I did the following: Allowed to iCloud photo library on iMac (it's the master of the photo library) Created an empty library

  • Pavilion t9y85av_1: t9y85av_1 pavilion computer hp 15.6 laptop

    I couldn't find the right category for what I want to ask, I want to buy the hp pavilion t9y85av_1. A that someone bought this laptop? could you please give me a review for this laptop, I search everywhere but I have not found any review. Y at - he n

  • Debug.log file to C:\ completely evacuate my memory after a few hours.

    Hi everyone, this is my first post here and I couldn't make another post here for a while, please excuse me if I don't correct format. I had this problem with my laptop Lenovo Windows 7 (build 7601) where everytime I turn on my laptop, this file call