Configure Tomcat 7 for custom authentication

Similar Questions

• Custom authentication tokens

  "Adobe Flash Access Overview on protected streaming" white paper States the following:

  Flash Access supports the business logic of the licensing stage decoupling based on the chips in use with Flash Media Server deployments. For example, when users visit a web portal for rental or to subscribe to the content, they may need to authenticate by providing a user ID and password to confirm their registration. They might also need a financial transaction. The web portal enters the results of these operations in an authentication token that is sent to the client application. The customer can then include the token in the licence application. The license server checks the authenticity of the token before issuance of the licence. Check token is stateless and was completed independently by each server without reference to a database or another shared state. Token is based on a secret or public key shared infrastructure (PKI).

  This raises the following questions:

  • How the web portal must generate the token?  This is a serialized AuthenicationToken or some other binary token?
  • If it's an AuthenicationToken, then how the web portal must generate a token such as this feature is part of the license server?
  • How the chips are based on a shared secret or PKI? What is incorporated into the class AuthenticationToken ?

  As I read, the paragraph refers to the regime "of custom authentication", not the authentication scheme name of user/password supported and as such, it is not to use serialized Flash Access AuthenticationTokens.  What is meant by "custom authentication" is quite honestly, not very clear in the documentation. I believe that the following scenerios should work, if I would be interested in your comments from anyone:

  In the first scenario, the "portal" should generate a custom binary token and pass this token to the client flash in response. How the token is passed is an exercise left to the reader. It could be loaded via a cookie, JavaScript or ActionScript. It doesn't really matter. Nevertheless, the token is eventually read by the Flash client and applied using the DRMManager.setAuthenticationToken (...) method. The license server must then retrieve the token by using RequestMessageBase.getRawAuthenticationToken (...).  In this case, the token format is completely defined by the developer or provider. The flash never access client issues a query for the authentication License Server Manager (/flashaccess/authentication/v1 / *).

  A second case, which I am not sure would work, would be the flash client requests a token for authorization as usual, using DRMManager.authenticate (...), but the license server authentication requests handler returns a token custom instead of a serialized AuthenticationToken. The workflow would then proceed as described in the first case.

  A third case, the Flash client is able to authenticate with the name of user and password standard schema, but the license server may ignore the username/password real name (data can be same passwords and usernames dummy). The license server would generate an AuthenticationToken, but would benefit from ApplicationProperies to store its information "custom token. The token would be then sent back to the customer and in turn transmitted to the same license server. The license server then inspect AuthenticationToken.getCustomProperties to determine the appropriate course of action.

  No matter what scenario is used, I have a few concerns with custom authentication tokens:

  First of all, this forum has several questions about custom authentication tokens. The documentation is not clear on what is intended and how exactly these tokens must be produced, transferred and consumed. It would be very useful for Adobe to provide an example with its reference implementation code.

  Second, as developers of server Flash Access License remain to design their own authentication scheme customized, there is a real concern that the invented approach can be precarious, allowing re-use of authentication tokens. A published set of best practices would help to ensure custom tokens are generated in a way that does not leak the information, allow attacks by replay or session hijacking.

  Finally, there seems to be some confusion about the use of tokens for authentication and authorization. The reference implementation clearly only use them for authentication, as the RefImplLicenseReqHandler makes additional checks the database for the authenticated user is allowed (subscriber) to access the content.  However, the paragraph quoted above suggests using these tokens for authentication and authorization. At least, that's what I understand by the notion that "audit token is stateless and was completed independently by each server without referring to a database or other shared state. I don't see how that's possible, unless the token contains authentication and authorization information. I'm wrong?

  I appreciate the thoughts of someone else on the custom authentication tokens. Thank you.

  -Aaron J

  The workflow for "custom authentication" is exactly what you described in your first scenario.  Namely, the client application gets a token through certain channels and calls DRMManager.setAuthenticationToken (...) to provide the token. When the client requests a license from the license server, this token is included in the request. The server application calls RequestMessageBase.getRawAuthenticationToken (...) for the access token and perform any validation is required for this type of token before issuing the permit. With a custom authentication, the SDK AuthenticationToken class is not used - this class is only used to represent the authentication tokens issued by using the name of user and password Flash Access authentication scheme.  A custom authentication token can be binary data - the Flash Access SDK is not involved in the generation or to consume these chips - it's your server implementation to manage the following steps.

  The motivation behind the 'custom authentication' scheme is not to force content providers to invent a new way to authenticate users, but to allow you to take advantage of all infrastructure you already have in place.  For example, if you are already running the SAML tokens to authenticated users, you can continue to do so, and you would just plug the SAML validation code in your license server. As a general rule, an authentication token is signed to prevent tampering. It would be possible to generate a signature using a symmetric key or with a private key. Then, checking on the server would involve checking the signature, either by using the same shared symmetric key or with the public key corresponding to the private key. (This is what is meant by 'token is based on a secret or public key shared infrastructure (PKI) ")

  Although the API reference to "authentication tokens", it would also be possible to take advantage of this authorization mechanism. For example, if you have a web portal to access the information on which a user is allowed to access the content, the Portal could issue an authorization token that says that the user X is allowed to play the content Y and Z. When the license server receives this token in a license application for content, simply, check the token is still valid and that the token States it is allowed to grant access to the content Y. This workflow, the license server doesn't have access to the database that contains authorization information, making it easier to deploy the server in a highly scalable way.

  Is this address your questions and concerns?

• Adding a custom authenticator: could not find sawobisauthenticatorproxy3r.dll

  Gentlemen.

  I need to integrate Oracle BI EE 10.1.3.4.1 with workspace 11.1.2. To offer the opportunity to work with some BI stuff in Hyperion Workspace to my users.

  Has studied two documents:

  (1) including Oracle BI EE 10.1.3.4.1 Workspace 11.1.2

  http://www.Oracle.com/WebFolder/technetwork/tutorials/OBE/Hyp/WS11.1.2_OBIEE/WS11.1.2_OBIEE.htm?cid=4675 & SSID = 0

  (2) oracle® Business Intelligence News Guide Release 10.1.3.4.2

  http://docs.Oracle.com/CD/E10415_01/doc/bi.1013/e10416/general_10134.htm

  There is a 'Configuration Repository to use a Custom Authenticator' step, and I am confused with it.

  It is said:

  ~~
  

  In the Oracle's administrator of BI tool, open the file appropriate to the RPD and follow these steps:

  ...

  In the custom authenticator dialog box, click Browse to specify the next value for the Authenticator plugin file:

  sawobisauthenticatorproxy3r.dll

  Note: This file is in the OracleBI\web\bin directory

  ~~

  My BI environment is installed on the server, RHEL. So I installed Oracle BI Administrator Tool on Windows laptop, copied the RHEL server on cell repository, will update the repository and copy it then. But there is no file sawobisauthenticatorproxy3r.dll under the C:\OracleBI\web\bin directory. How could it be? Where can I get this file? Well Google, no option to enter on the internet. I'm sure that this step cannot be ignored.

  Guys, please advice how to solve this problem. Or maybe someone might want to send me this file sawobisauthenticatorproxy3r.dll plugin (if it's can't apply an env).

  Kind regards

  Victor.

  Phew. I found the solution. Uninstalled Oracle BI laptop computer administrator tool and installed OBI EE. Now I see

  sawobisauthenticatorproxy3r.dll in C:\OracleBI\web\bin

  and can process my deposit.

• Custom authentication scheme

  Dear community,
  
  I tried to create a custom authentication scheme based on a tutorial. But seemed to fail since the tutorial works on version 4.0 and I'm working on 4.1.
  
  Step 1. create table user_repository)
  username varchar2 (8).
  VARCHAR2 (8) password,.
  primary key (username)
  );
  
  Step 2 insert into user_repository values ('John', '1234');
  
  Step 3.
  
  create or replace package pkg_auth as
  function authenticate (p_username in varchar2,
  p_password in varchar2) return Boolean;
  end;
  
  create or replace package body pkg_auth as
  function authenticate (p_username in varchar2,
  p_password in varchar2) return Boolean is
  v_result integer: = 0;
  Start
  Select 1
  in v_result
  of user_repository
  where username = lower (p_username)
  and password = p_password;
  Return (v_result = 1);
  exception
  When no_data_found then
  Returns false;
  end to authenticate;
  end;
  
  Step 4. They want to create an authentication scheme from scratch, which does not exist in 4.1 (so it fails pretty well by already). I created a (based on some configs by default) normal authentication scheme.
  
  Step 5 They want to fill me this service "customized to authenticate": return pkg_auth.authenticate;
  Unfortunenately this functionality is not there either.
  
  
  Theyre talking passhashing, who used to work since I don't even get the normal authentication scheme to work.
  If someone could help me to create a custom authentication scheme based on the table in * 4.1, that wouldve was awesome.

  Authentication and authorization have been cleaned up to 4.1

  Create a schema of authentication "based on a pre-configured gallery system", and then select the type of theme of "custom".
  You can place your pl/sql code in the source field, or keep it in your database.
  Set your pkg_auth.authenticate in the field "name of the function of authentication.

  Final note - you should not really store plaintext passwords - I hope that this example of coding has been for the demo only. Check the past of examples that use the custom_hash function, for example.

  Scott

• Apex 4.1 - Websheets with the custom authentication scheme

  Apex v4.1 (as seen on the hosted apex.oracle.com) - Websheets do not always seem to work with a custom authentication scheme. Database applications work very well with a function of sentry page, but when the same page sentry function is used for a websheet, running, it gives an error the requested page was not found
  
  One of the Apex team can consult? Thank you

  Hi Vikas,

  Websheet Sentinels have slight differences of sentinels of the application.
  I created a sentinel websheet for you which should operate (see below).

  Christian

  create or replace function sample_page_sentry return boolean
  is
      l_username   varchar2(512);
      l_session_id number;
      l_ws_app_id  number;
  begin
      -- check to ensure that we are running as the correct database user.
      if user != 'APEX_PUBLIC_USER' then
          return false;
      end if;
      -- get sessionid in cookie
      l_session_id := wwv_flow_custom_auth_std.get_session_id_from_cookie;
      if wwv_flow_custom_auth_std.is_session_valid then
          -- the session still exists. we configure the APEX engine to use
          -- this session id and the session's username.
          --
          -- NOTE: it is more secure to also check if this is the session id from
          --       the URL!
          --
          apex_application.g_instance := l_session_id;
          l_username                  := wwv_flow_custom_auth_std.get_username;
          if nvl(l_username,'nobody') != 'nobody' then
              wwv_flow_custom_auth.define_user_session(
                  p_user       => l_username,
                  p_session_id => l_session_id);
              return true;
          end if;
      else
          -- session can not be reused, create a new one
          l_session_id := apex_custom_auth.get_next_session_id;
      end if;                                                                                 
  
      -- the current session is unauthenticated. we have to determine the user
      -- and log in.                                                                          
  
      -- get the username from somewhere, e.g. a cgi variable. it is hard-coded
      -- here for simplification.
      l_username := 'VANJ';
      -- configure the engine to use this username and session.
      apex_custom_auth.define_user_session(
           p_user       => l_username,
           p_session_id => l_session_id );
      -- build a deep link to the websheet start page
      l_ws_app_id  := apex_util.get_session_state ('WS_APP_ID');
      wwv_flow_custom_auth.remember_deep_link (
           p_url=>'ws?p='||l_ws_app_id||'::'||l_session_id );
      -- register the session in apex sessions table, set cookie, redirect back.
      apex_authentication.login(
           p_username => l_username,
           p_password => null );
      return true;
  end sample_page_sentry;
  /                                                                                           
  

  Published by: Christian Neumueller November 15, 2011 07:07 (a wiki format error corrected)

• Please add support for channels DMA between RT/FPGA for custom types

  It is a request than a question at OR. Please find a way to provide support for custom types when data transfer between RT/FPGA. Even an ability to mount a type complex in a bit array and proceed with a redesign to the custom side type FPGA would be acceptable. Break my configuration in primitive data is completely unrealistic. So, I consume large amounts of FPGA resources passing data through the method of the façade. THX.

  There is an existing idea for this. Please Kudo it if you do not want to see this!

• A web service for windows authentication

  Hello
  I have a number of web services on a windows server.
  These web services are for a program client (in vb.net), access and retrieve data.
  This client program are launching for the PC of the individual user.
  The above configuration is in a windows domain.
  Currently, web services allow anonymous access. This means that anyone in the Organization, with the correct URL is able to trigger the web service.
  We are asked to remove anonymous access and all forms authentication configuration.
  Questions

  1. What is the best practice for configuration for a web service for windows authentication.

  2. We also have a couple of unix servers. They are required to access the web services (with the correct authentication). How can I get a cross-environment configuration?
  Thanks in advance.

  Hey Wee Hoe Chiang,

  The question you have posted is related to Windows Server and would be better suited to the TechNet community.

  Please visit the link below to find a community that will provide the support you want.
  http://social.technet.Microsoft.com/forums/en-us/category/WindowsServer

  I hope this helps.

• WLAN 4402 for Radius Authentication

  Hi guys,.

  Please help me on how I can install my WLAN 4402 controller for Radius Authentication, if you have links or procedures that you can share, which will be very appreciated. :-)

  Thanks in advance.

  It depends on if you are using Cisco ACS or Windows IAS. Controller configuration is the same but the side RADIUS is different.

  Also what you are trying to configure, systems users, PEAP etc. through RADIUS

  PEAP via ACS is here

  http://www.Cisco.com/en/us/partner/products/ps6366/products_configuration_example09186a00807917aa.shtml

  PEAP via IAS is here

  http://www.Cisco.com/en/us/partner/products/ps6366/products_configuration_example09186a0080921f67.shtml

  Hope that helps

• Recommendations for VPN authentication

  So, now that Cisco has helped me get the vpn works on my ASA 5525-X I need to use an active administrator for the authentication/grouping of customers for several profiles in anyconnect.

  My question is what is the simpler and more effective way of setting this up. I have a R2 2012 NAP server that is used to authenticate the AD users for access to the switches. But should I use that for ASA as well or can I use AD directly to the ASA?

  A reminder to those who have not seen my posts, I'm very new to the ASA and the need to get this up and running quickly... Any help/suggestions would be greatly appreciated.

  Thank you

  Stacey

  Hi Stacey,

  You can use the Windows Server direct to the ASA, it uses the LDAP protocol. You will need to implement the ASA like this:

  AAA-Server LDAP-SRV protocol ldap
  AAA-Server LDAP-SRV (inside) host XXXXXXXXX--> IP address of the server
  LDAP-base-dn DC = vpn, DC = also, DC = com--> where users are stored
  LDAP-connection-dn CN = ASA-LDAP-user, CN = Users, DC = vpn, DC = also, DC = com--> the entire AD tree.
  LDAP-login-password *--> the administrator password
  LDAP-naming-attribute sAMAccountName
  LDAP-scope subtree
  microsoft server type

  Now, you need to get the login DN: and the base dn. Now on the ad, you need to create several user groups and divide the users for different levels of authorization as: salespeople, employees...

  You can test the authentication by using this command:

  test the aaa server for authentication LDAP_SRV host XXXXXX username: password XXXXX: XXXX

  and then see if it fails, then you can solve the problem

  You can then configure the mapping of LDAP attributes to MAP a group of users on the server of advertising to a group policy on the SAA.

  http://www.Cisco.com/c/en/us/support/docs/security/ASA-5500-x-series-NEX...

  I would like to know how it works!

  Please don't forget to rate and score as correct the helpful post!

  David Castro,

  Kind regards

• Newbie configuration VPN 5505 for client Win7

  I have a client who has an installed 5505. They want VPN with their laptop Win7 but they don't want to shell out $1000 for customer VPN Cisco 10pcs.

  I have correctly set up the VPN without customer and through a browser, they can get to their files, but they would map network drives is just as if they were in the office.

  I tried to configure the IP Sec on 5505 and then using the built-in VPN Win7 network connection, but no go.

  I do also everything through the ASDM, but I know that certain things cannot be done. I prefer to use the ASDM!

  Anyone else get this set up? 99% of what I see here is how to connect the 5505 for VPN site to site.

  Thank you!

  Hello

  To my knowledge all ASA5505 should have the ability to have 2 VPN SSL connections with the Base license. To my knowledge, this also includes using the AnyConnect SSL VPN Client (which replaces the old VPN IPsec Client software) and the VPN without customer via the Web browser.

  The AnyConnect VPN Client should be available on the Flash of the ASA and is set when you configure the Client AnyConnect SSL VPN for the first time.

  On the ASDM, you should be able to configure the client AnyConnect SSL VPN with the "Wizard" as any other type of VPN configuration.

  The AnyConnect VPN Client is a better choice to use the old client IPsec, especially when it comes to new operating systems. The AnyConnect VPN Client can be installed in the ASA at the users computer when he or she first attempts to connect to the ASA via Web browser and connects with his credentials.

  -Jouni

• Issue in custom authentication

  Hi all
  
  I created a new custom authentication. The name of the function specified in the authentication scheme. My code seems to work very well (Boolean condition works) but authentication fails. Here's the package. Is there any other condition, I need the installation when you create to authenticate.
  
  can someone please suggest.
  
  
  

  create or replace package body app_login
  is
  Function get_hash(p_input IN varchar2)
  return varchar2
  is 
  begin
  
  RETURN UPPER(DBMS_OBFUSCATION_TOOLKIT.MD5 (
                   INPUT => UTL_I18N.STRING_TO_RAW(P_INPUT)));
                      -- return p_input;
  end get_hash;
  
  FUNCTION valid_user(p_username IN VARCHAR2 ,p_password IN VARCHAR2)
  return boolean
  is
  
  v_hash varchar2(200);
  V_RESULT number;
  v_pwd DEMO1_USER.PASSWORD%type;
  
  begin
  v_hash:=app_login.get_hash(P_USERNAME || P_PASSWORD);
  
  SELECT COUNT(*)
           INTO V_RESULT
            FROM DEMO1_USER
              WHERE UPPER(USERNAME) = UPPER(P_USERNAME)
                          AND UPPER(PASSWORD) = UPPER(V_HASH);
  
  
   IF V_RESULT > 0 THEN
         RETURN TRUE;
      ELSE
         RETURN FALSE;
      END IF;
  
  end valid_user;
  
  Procedure add_user(p_username IN VARCHAR2 ,p_password IN VARCHAR2)
  is 
  v_pwd_hash varchar2(200);
  begin
  v_pwd_hash:=app_login.get_hash(P_USERNAME || P_PASSWORD);
  insert into demo1_user values(APP_USER_SEQ.nextval,p_username,v_pwd_hash);
  commit;
  end add_user;
  
  
  
  end app_login;
   

  Thank you
  REDA

  Renon wrote:
  Hi Hari,

  Thank you very much for your time this issue. His works now.
  But the add_user function and the valid_user calls the function get_hash even without stem previously so why validation fails? Is required to be capitalized?

  Concerning
  REDA

  User name will always be in uppercase letters, regardless of how the user entered in the login screen. So in fact, UPPER (P_USERNAME) based on authentication valid_user is not necessary. However I have just kept it so that it returns the correct value when you run it go back. (for the objective test) etc.

  Value of variable binding that app_user will always be as HIGH of breakage.

  Kind regards
  Hari

• Essbase security Migration to native mode for external authentication

  Hello!!
  
  I want advice on security setting, all users are currently in usermode native and Aboriginal groups.
  Now we want to migrate in external mode, the current version of hyperion is 11.1.1.3, the steps in
  that direction would be really useful.
  
  
  What is the best way of migration of the huge user base of native implementation for external authentication directory,
  It is the first step for the time of the native code for the external authentication, if anyone who did this will be useful.
  
  the installation procedure, maxl based migration will be useful or utility based.
  
  Thank you

  For services sharerd mode conversion to have a read of - http://download.oracle.com/docs/cd/E12825_01/epm.111/eashelp/sec_mode.htm

  To configure shared services to use an external directory have a reading of - http://download.oracle.com/docs/cd/E12825_01/epm.111/epm_security/frameset.htm?ch05.html

  For mass provision that you could use LCM or the utility CSSImportExport to export the provisioning of native users, update the file exported to include provisioning of users ad, then import them.
  LCM - http://download.oracle.com/docs/cd/E12825_01/epm.111/epm_lifecycle_management/launch.htm
  CSSImportExport utility - http://download.oracle.com/docs/cd/E12825_01/epm.111/epm_security/ch09s08.html

  See you soon

  John
  http://John-Goodwin.blogspot.com/

• Custom authentication does not work after upgrade to 4.1

  Hi, are there problems with authentication in 4.1? I can't get my new authentication scheme to work for some reason any. I was wondering, is that there are problems with 4.1?
  
  Thank you
  
  Published by: Andyindo on Sep 17, 2011 14:57

  Hi Andyindo,

  Name your packagename.function in your custom authentication as the below and check.

  >return final_users_security.valid_user

  Brgds,
  Mini

  -----------------
  Mark responds promptly

• IRM 11 g and weblogic custom authentication provider

  Hello.
  
  I'm trying to get IRM11g to work with the custom with no luck authentication provider. When I connect MRI I still get the same error (with no logs in the console): "there is a conflict with your user name in the system, contact your administrator." Click Ok to close your session. »
  Is it still possible? Or is - this MRI only works with suppliers provided with Weblogic? Or maybe there is some advice on how to implement custom authentication provider for MRI?
  
  I uses a single vendor (my custom) and it is the first in the list of providers. Provider itself seems to work (I can see the users and groups in the weblogic console).
  
  Thanks in advance!
  
  Best regards, Alexander!

  I want to emphasize that Oracle only supports authentication 6 or 7 providers that have been certified with the product. These are listed in the documentation.

  Oracle provides OVD for multiple authenticator support. You can use that?

  Frank.

• Need help-> custom authentication scheme

  Hey,.
  
  I am working on a custom authentication scheme.
  
  First, I create a test table:
  

  CREATE TABLE TBL_USER
    (
      USR_EMAIL VARCHAR2(40 BYTE) NOT NULL ENABLE,
      USR_ID    NUMBER NOT NULL ENABLE,
      USR_PW    VARCHAR2(255 BYTE) NOT NULL ENABLE,
      USR_ROLLE VARCHAR2(20 BYTE),
  CONSTRAINT "TBL_USER_PK" PRIMARY KEY ("USR_ID")
  );

  Then a function to hash the email and pw:

  create or replace
  function app_hash_test (p_email in varchar2, p_passwort in varchar2)
  return varchar2
  is
    l_passwort varchar2(4000);
    l_salt varchar2(4000) := 'DFS2J3DF4S5HG666IO7S8DJGSDF8JH';
                              
  begin
    l_passwort := utl_raw.cast_to_raw(dbms_obfuscation_toolkit.md5
    (input_string => p_passwort || substr(l_salt,10,13) || p_email ||
      substr(l_salt, 4,10)));
    return l_passwort;
  end;

  Then, a function of authentication:

  create or replace
  function app_auth_test (p_email in VARCHAR2, p_passwort in VARCHAR2)
  return number
  is
    l_passwort varchar2(4000);
    l_stored_passwort varchar2(4000);
    l_expires_on date;
    l_count number;
  begin
    select count(*) 
      into l_count 
      from tbl_user 
     where upper(usr_email) = upper(p_email);
  
    if l_count > 0 
    then
      select usr_pw 
        into l_stored_passwort
        from tbl_user 
        where upper(usr_email) = upper(p_email);
  
      l_passwort := app_hash_test(p_email, p_passwort);
  
      if l_passwort = l_stored_passwort 
      then
        return 1;
      else
        return 0;
      end if;
    else
      return 0;
    end if;
  end;

  After this, I create a form on the table tbl_user to insert the users by e-mail, password and rol (drop-down).
  
  On this Page (3), I create a new process to generate the hash value.
  

  begin
  :P3_usr_email := upper(:P3_usr_email);
  :P3_usr_pw := app_hash_test(:P3_usr_email,:P3_usr_pw);
  :P3_usr_email := lower(:P3_usr_email);
  end;

  After completing my page reg., I insert some users to test it later.
  
  The next step was to create a new authentication scheme in the shared components.
  Share components
  1. create
  2 starting at zero
  3. name-> TBL_USER
  4 JUMP
  5 JUMP
  6. the Page of this Application-> Page 1
  7 JUMP
  8 use my custom function to authenticate. -> return app_auth_test
  9 JUMP
  10 JUMP
  11 LOGOUT URL-> wwv_flow_custom_auth_std.logout? p_this_flow = APP_ID. & amp; p_next_flow_page_sess = & APP_ID.:1
  12. create schema
  
  My next step is to set the new regime as current-> current change
  
  I'm trying to open a session to my existing page with an e-mail and password in the tbl_user table.
  
  But all I got, is an error message:
  
  ORA-06550: line 2, column 8: PLS-00306: wrong Anzahl oder Typen von illuminated by von call 'APP_AUTH_TEST' ORA-06550: 2 line, column 1: PL/SQL: statement ignored
  
  ERR Fehler - 10460 implement von Funktion zum Prufen der Authentifizierungs-ID-Daten nicht possible.
  
  Translattion:
  Wrong number or type of argument in the call to 'APP_AUTH_TEST' ORA-06550: 2 line, column 1: PL/SQL: statement ignored
  
  Error ERR-10460 perform the function of evidence authentication-ID data - is not possible.
  
  I have check the operation, but it seems ok!
  does anyone know, what I forgot? Perhaps some parameters in the Login Page?
  
  NEDO
  
  Edited by: Mr.Nedo the 12.04.2011 07:55

  Your authentication (app_auth_test) matching mist signature exactly as shown in the window help or documentation.

  function app_auth_test (p_email in VARCHAR2, p_passwort in VARCHAR2) RETURN NUMBER

  differs from the documentation

  (p_username in varchar2, p_password in varchar2) return a Boolean value

  Change function app_auth_test so that it matches with the signature expected (return type and the parameter names and types) or write a wrapper for him with this signature and use that work more like authentication.