Custom authentication scheme

Dear community,

I tried to create a custom authentication scheme based on a tutorial. But seemed to fail since the tutorial works on version 4.0 and I'm working on 4.1.

Step 1. create table user_repository)
username varchar2 (8).
VARCHAR2 (8) password,.
primary key (username)
);

Step 2 insert into user_repository values ('John', '1234');

Step 3.

create or replace package pkg_auth as
function authenticate (p_username in varchar2,
p_password in varchar2) return Boolean;
end;

create or replace package body pkg_auth as
function authenticate (p_username in varchar2,
p_password in varchar2) return Boolean is
v_result integer: = 0;
Start
Select 1
in v_result
of user_repository
where username = lower (p_username)
and password = p_password;
Return (v_result = 1);
exception
When no_data_found then
Returns false;
end to authenticate;
end;

Step 4. They want to create an authentication scheme from scratch, which does not exist in 4.1 (so it fails pretty well by already). I created a (based on some configs by default) normal authentication scheme.

Step 5 They want to fill me this service "customized to authenticate": return pkg_auth.authenticate;
Unfortunenately this functionality is not there either.

Theyre talking passhashing, who used to work since I don't even get the normal authentication scheme to work.
If someone could help me to create a custom authentication scheme based on the table in * 4.1, that wouldve was awesome.

Authentication and authorization have been cleaned up to 4.1

Create a schema of authentication "based on a pre-configured gallery system", and then select the type of theme of "custom".
You can place your pl/sql code in the source field, or keep it in your database.
Set your pkg_auth.authenticate in the field "name of the function of authentication.

Final note - you should not really store plaintext passwords - I hope that this example of coding has been for the demo only. Check the past of examples that use the custom_hash function, for example.

Scott

Tags: Database

Similar Questions

Apex 4.1 - Websheets with the custom authentication scheme

Apex v4.1 (as seen on the hosted apex.oracle.com) - Websheets do not always seem to work with a custom authentication scheme. Database applications work very well with a function of sentry page, but when the same page sentry function is used for a websheet, running, it gives an error the requested page was not found

One of the Apex team can consult? Thank you

Hi Vikas,

Websheet Sentinels have slight differences of sentinels of the application.
I created a sentinel websheet for you which should operate (see below).

Christian

create or replace function sample_page_sentry return boolean
is
    l_username   varchar2(512);
    l_session_id number;
    l_ws_app_id  number;
begin
    -- check to ensure that we are running as the correct database user.
    if user != 'APEX_PUBLIC_USER' then
        return false;
    end if;
    -- get sessionid in cookie
    l_session_id := wwv_flow_custom_auth_std.get_session_id_from_cookie;
    if wwv_flow_custom_auth_std.is_session_valid then
        -- the session still exists. we configure the APEX engine to use
        -- this session id and the session's username.
        --
        -- NOTE: it is more secure to also check if this is the session id from
        --       the URL!
        --
        apex_application.g_instance := l_session_id;
        l_username                  := wwv_flow_custom_auth_std.get_username;
        if nvl(l_username,'nobody') != 'nobody' then
            wwv_flow_custom_auth.define_user_session(
                p_user       => l_username,
                p_session_id => l_session_id);
            return true;
        end if;
    else
        -- session can not be reused, create a new one
        l_session_id := apex_custom_auth.get_next_session_id;
    end if;                                                                                 

    -- the current session is unauthenticated. we have to determine the user
    -- and log in.                                                                          

    -- get the username from somewhere, e.g. a cgi variable. it is hard-coded
    -- here for simplification.
    l_username := 'VANJ';
    -- configure the engine to use this username and session.
    apex_custom_auth.define_user_session(
         p_user       => l_username,
         p_session_id => l_session_id );
    -- build a deep link to the websheet start page
    l_ws_app_id  := apex_util.get_session_state ('WS_APP_ID');
    wwv_flow_custom_auth.remember_deep_link (
         p_url=>'ws?p='||l_ws_app_id||'::'||l_session_id );
    -- register the session in apex sessions table, set cookie, redirect back.
    apex_authentication.login(
         p_username => l_username,
         p_password => null );
    return true;
end sample_page_sentry;
/

Published by: Christian Neumueller November 15, 2011 07:07 (a wiki format error corrected)

Need help-> custom authentication scheme
Hey,.

I am working on a custom authentication scheme.

First, I create a test table:
```
CREATE TABLE TBL_USER
  (
    USR_EMAIL VARCHAR2(40 BYTE) NOT NULL ENABLE,
    USR_ID    NUMBER NOT NULL ENABLE,
    USR_PW    VARCHAR2(255 BYTE) NOT NULL ENABLE,
    USR_ROLLE VARCHAR2(20 BYTE),
CONSTRAINT "TBL_USER_PK" PRIMARY KEY ("USR_ID")
);
```
Then a function to hash the email and pw:
```
create or replace
function app_hash_test (p_email in varchar2, p_passwort in varchar2)
return varchar2
is
  l_passwort varchar2(4000);
  l_salt varchar2(4000) := 'DFS2J3DF4S5HG666IO7S8DJGSDF8JH';
                            
begin
  l_passwort := utl_raw.cast_to_raw(dbms_obfuscation_toolkit.md5
  (input_string => p_passwort || substr(l_salt,10,13) || p_email ||
    substr(l_salt, 4,10)));
  return l_passwort;
end;
```
Then, a function of authentication:
```
create or replace
function app_auth_test (p_email in VARCHAR2, p_passwort in VARCHAR2)
return number
is
  l_passwort varchar2(4000);
  l_stored_passwort varchar2(4000);
  l_expires_on date;
  l_count number;
begin
  select count(*) 
    into l_count 
    from tbl_user 
   where upper(usr_email) = upper(p_email);

  if l_count > 0 
  then
    select usr_pw 
      into l_stored_passwort
      from tbl_user 
      where upper(usr_email) = upper(p_email);

    l_passwort := app_hash_test(p_email, p_passwort);

    if l_passwort = l_stored_passwort 
    then
      return 1;
    else
      return 0;
    end if;
  else
    return 0;
  end if;
end;
```
After this, I create a form on the table tbl_user to insert the users by e-mail, password and rol (drop-down).

On this Page (3), I create a new process to generate the hash value.
```
begin
:P3_usr_email := upper(:P3_usr_email);
:P3_usr_pw := app_hash_test(:P3_usr_email,:P3_usr_pw);
:P3_usr_email := lower(:P3_usr_email);
end;
```
After completing my page reg., I insert some users to test it later.

The next step was to create a new authentication scheme in the shared components.
Share components
1. create
2 starting at zero
3. name-> TBL_USER
4 JUMP
5 JUMP
6. the Page of this Application-> Page 1
7 JUMP
8 use my custom function to authenticate. -> return app_auth_test
9 JUMP
10 JUMP
11 LOGOUT URL-> wwv_flow_custom_auth_std.logout? p_this_flow = APP_ID. & amp; p_next_flow_page_sess = & APP_ID.:1
12. create schema

My next step is to set the new regime as current-> current change

I'm trying to open a session to my existing page with an e-mail and password in the tbl_user table.

But all I got, is an error message:

ORA-06550: line 2, column 8: PLS-00306: wrong Anzahl oder Typen von illuminated by von call 'APP_AUTH_TEST' ORA-06550: 2 line, column 1: PL/SQL: statement ignored

ERR Fehler - 10460 implement von Funktion zum Prufen der Authentifizierungs-ID-Daten nicht possible.

Translattion:
Wrong number or type of argument in the call to 'APP_AUTH_TEST' ORA-06550: 2 line, column 1: PL/SQL: statement ignored

Error ERR-10460 perform the function of evidence authentication-ID data - is not possible.

I have check the operation, but it seems ok!
does anyone know, what I forgot? Perhaps some parameters in the Login Page?

NEDO

Edited by: Mr.Nedo the 12.04.2011 07:55
Your authentication (app_auth_test) matching mist signature exactly as shown in the window help or documentation.

function app_auth_test (p_email in VARCHAR2, p_passwort in VARCHAR2) RETURN NUMBER

differs from the documentation

(p_username in varchar2, p_password in varchar2) return a Boolean value

Change function app_auth_test so that it matches with the signature expected (return type and the parameter names and types) or write a wrapper for him with this signature and use that work more like authentication.

Error after implementing the custom authentication scheme
I have reproduced this time a workspace (GOGGINSCRATCH to apex.oracle.com) running 4.2.1.00.08 and a workspace 4.1.1.00.23 running

Error: ORA-06550: line 4, column 23: PLS-00306: wrong number or types of arguments in the call to "AUTHENTICATOR" ORA-06550: line 4, column 1: PL/SQL: statement ignored

PL/SQL in my workspace

create or replace PACKAGE REPORTINGAUT AS

function authenticator (user_name in VARCHAR2, pwd in VARCHAR2)
return a Boolean value;

END REPORTINGAUT;

create or replace PACKAGE BODY REPORTINGAUT AS

function authenticator (user_name in VARCHAR2, pwd in VARCHAR2)
return a Boolean value AS
BEGIN
/ * Implementation of necessary TODO * /.
RETURN TRUE;
END authenticator;

END REPORTINGAUT;

------------------------------------
APEX Builder Application steps
(1) the shared components
(2) the authentication schemes
(3) create
4.a) based on a system preconfigured Gallery
4.b) name fred
4.c) Type == custom
Name of the function of authentication 4.d) = ReportingAut.authenticator
4.e) activate the legacy of authentication attributes == Yes + (I've tried it both ways).

So... this plan is underway, but when I try to connect, I get the above error... Driving me crazy... Thanks for any help...
The parameter name is important. This should work:
```
CREATE OR REPLACE PACKAGE reportingaut
AS
   FUNCTION authenticator (p_username IN VARCHAR2, p_password IN VARCHAR2)
      RETURN BOOLEAN;
END reportingaut;

CREATE OR REPLACE PACKAGE BODY reportingaut
AS
   FUNCTION authenticator (p_username IN VARCHAR2, p_password IN VARCHAR2)
      RETURN BOOLEAN
   AS
   BEGIN
      RETURN TRUE;
   END authenticator;
END reportingaut;
```
Denes Kubicek
-------------------------------------------------------------------
http://deneskubicek.blogspot.com/
http://www.Apress.com/9781430235125
http://Apex.Oracle.com/pls/Apex/f?p=31517:1
http://www.Amazon.de/Oracle-Apex-XE-Praxis/DP/3826655494
-------------------------------------------------------------------

Custom authentication scheme, problem with LOGOUT_URL
Hi all
I use a custom database of authentication scheme in a 4.1 application. I have a problem when I logout, I use jQuery mobile because it is a tablet based application, and the navigation bar entry "Logout" is rendered using the following: -.

a href = "& LOGOUT_URL." data-icon = "Logout" class = "interface user-btn-right" > logout ' "

The application appears disconnected OK, I turned around to my 101 login page, but when I try to reconnect the page refreshes just, if I try again to connect, I'm connected to OK (so basically users will have to try twice to reconnect after disconnection, while the connection when the application is started first works OK).

When I logout and I return on page 101, the URL is: -.

< my host > /pls/apex/apex_authentication.logout?p_app_id=1000 & p_session_id = 882879595907101

After the first attempt to connect to the URL is (so the session ID has been updated);

< my host > / pls/apex/f? p = 1000:LOGIN:1610821365546101

Any ideas what I'm missing here?

Thank you

Mike

Published by: Mike, UK 21 June 2012 08:36
Hi Mike,.

I replied the same day. In case you have not received my mail, I'll paste it below:

What I've discovered, is that submit it on the login page seems to use the old session id:
```
  1. User enters http://mike/pls/apex/f?p=1150:1
     -> Apex creates a new session and redirects to
        f?p=1150:LOGIN:168921246845801
  2. User enters credentials and presses Login
     -> wwv_flow.accept with p_instance=168921246845801
     -> Apex authenticates user and redirects to page 1
        f?p=1150:1:168921246845801:::::
  3. User clicks Logout
     -> apex_authentication.logout?p_app_id=1150&p_session_id=168921246845801
     -> Apex removes session
     -> Apex redirects to home page f?p=1150:1
     -> Apex creates new session and redirects to login
        f?p=1150:LOGIN:1175456815657401
  4. User enters credentials and presses Login
     -> wwv_flow.accept with p_instance=168921246845801 -- WRONG SESSION ID!
     -> Apex sees that the session id and the session cookie value do
        not match
     -> Apex creates a new session and redirects to login
        f?p=1150:LOGIN:652507970485801
```
My solution to this problem was to change the page to page 1 model to
have one

data-ajax = "false".

attribute on the logout url. This seems to have done the trick, but I'm
a backend guy and certainly not an expert in the user interface. See

http://jquerymobile.com/test/docs/pages/page-links.html

for help online JQM.

See you soon,.
Christian

Authentication scheme adding custom plans available
Hello
I have my custom authentication scheme LDAP now works with an application, but is it possible to add this game to the list of available authentication schemes? When I build a new application I have begin with authentication of the Apex, then when you are ready to publish the application to users to change the authentication scheme. But as the plans available only appearing when I go to the components shared-> authentication schemes are default ones, I end up having to recreate my custom authentication scheme. Is it possible to have my custom scheme appears in the list of available custom schemas? I know that I can copy from an existing application too, but it's a gene also.

Thank you
Pat
I don't think that there is a way to do this currently. Copying from one other application is not a problem for me. Other than that sound you like you would be to produce new applications on a belt conveyor :) In this case, I would create a kind of application of model with a minimum of a preset used in all of your applications - including the authentication scheme. If already seen your authentication custom y at - it a particular reason to use built in authentication for your applications?

Denes Kubicek
------------------------------------------------------------------------------
http://deneskubicek.blogspot.com/
http://www.Opal-consulting.de/training
http://Apex.Oracle.com/pls/OTN/f?p=31517:1
------------------------------------------------------------------------------

Message authentication scheme
I use a custom authentication scheme to validate my users, but I always use groups and standard users from APEX. One of the controls that I do is the APEX_UTIL. GET_ACCOUNT_LOCKED_STATUS. I want to display a message "Locked user" If this is true instead of the message "Invalid Login Credentials" that is currently. Is anyway to do this?

BEGIN
-User must exist in the table SIS_USER
FOR x in get_authenticate_info LOOP
sis_user_exists: = true;
l_allow_sis_authenticate: = x.allow_sis_authenticate;
END LOOP;
If sis_user_exists = false then
GoTo end_of_trigger;
elsif APEX_UTIL. GET_ACCOUNT_LOCKED_STATUS (p_user_name = > p_username) then
GoTo end_of_trigger;
end if;
END;
Ah ok, my bad.

Why don't you just create a validation of the page for the location of the user account is locked. That way if the account is locked (i.e. validation fails), the connection process is never triggered.

Custom authentication tokens

"Adobe Flash Access Overview on protected streaming" white paper States the following:
Flash Access supports the business logic of the licensing stage decoupling based on the chips in use with Flash Media Server deployments. For example, when users visit a web portal for rental or to subscribe to the content, they may need to authenticate by providing a user ID and password to confirm their registration. They might also need a financial transaction. The web portal enters the results of these operations in an authentication token that is sent to the client application. The customer can then include the token in the licence application. The license server checks the authenticity of the token before issuance of the licence. Check token is stateless and was completed independently by each server without reference to a database or another shared state. Token is based on a secret or public key shared infrastructure (PKI).
This raises the following questions:
- How the web portal must generate the token? This is a serialized AuthenicationToken or some other binary token?
- If it's an AuthenicationToken, then how the web portal must generate a token such as this feature is part of the license server?
- How the chips are based on a shared secret or PKI? What is incorporated into the class AuthenticationToken ?
As I read, the paragraph refers to the regime "of custom authentication", not the authentication scheme name of user/password supported and as such, it is not to use serialized Flash Access AuthenticationTokens. What is meant by "custom authentication" is quite honestly, not very clear in the documentation. I believe that the following scenerios should work, if I would be interested in your comments from anyone:
In the first scenario, the "portal" should generate a custom binary token and pass this token to the client flash in response. How the token is passed is an exercise left to the reader. It could be loaded via a cookie, JavaScript or ActionScript. It doesn't really matter. Nevertheless, the token is eventually read by the Flash client and applied using the DRMManager.setAuthenticationToken (...) method. The license server must then retrieve the token by using RequestMessageBase.getRawAuthenticationToken (...). In this case, the token format is completely defined by the developer or provider. The flash never access client issues a query for the authentication License Server Manager (/flashaccess/authentication/v1 / *).
A second case, which I am not sure would work, would be the flash client requests a token for authorization as usual, using DRMManager.authenticate (...), but the license server authentication requests handler returns a token custom instead of a serialized AuthenticationToken. The workflow would then proceed as described in the first case.
A third case, the Flash client is able to authenticate with the name of user and password standard schema, but the license server may ignore the username/password real name (data can be same passwords and usernames dummy). The license server would generate an AuthenticationToken, but would benefit from ApplicationProperies to store its information "custom token. The token would be then sent back to the customer and in turn transmitted to the same license server. The license server then inspect AuthenticationToken.getCustomProperties to determine the appropriate course of action.
No matter what scenario is used, I have a few concerns with custom authentication tokens:
First of all, this forum has several questions about custom authentication tokens. The documentation is not clear on what is intended and how exactly these tokens must be produced, transferred and consumed. It would be very useful for Adobe to provide an example with its reference implementation code.
Second, as developers of server Flash Access License remain to design their own authentication scheme customized, there is a real concern that the invented approach can be precarious, allowing re-use of authentication tokens. A published set of best practices would help to ensure custom tokens are generated in a way that does not leak the information, allow attacks by replay or session hijacking.
Finally, there seems to be some confusion about the use of tokens for authentication and authorization. The reference implementation clearly only use them for authentication, as the RefImplLicenseReqHandler makes additional checks the database for the authenticated user is allowed (subscriber) to access the content. However, the paragraph quoted above suggests using these tokens for authentication and authorization. At least, that's what I understand by the notion that "audit token is stateless and was completed independently by each server without referring to a database or other shared state. I don't see how that's possible, unless the token contains authentication and authorization information. I'm wrong?
I appreciate the thoughts of someone else on the custom authentication tokens. Thank you.
-Aaron J

The workflow for "custom authentication" is exactly what you described in your first scenario. Namely, the client application gets a token through certain channels and calls DRMManager.setAuthenticationToken (...) to provide the token. When the client requests a license from the license server, this token is included in the request. The server application calls RequestMessageBase.getRawAuthenticationToken (...) for the access token and perform any validation is required for this type of token before issuing the permit. With a custom authentication, the SDK AuthenticationToken class is not used - this class is only used to represent the authentication tokens issued by using the name of user and password Flash Access authentication scheme. A custom authentication token can be binary data - the Flash Access SDK is not involved in the generation or to consume these chips - it's your server implementation to manage the following steps.

The motivation behind the 'custom authentication' scheme is not to force content providers to invent a new way to authenticate users, but to allow you to take advantage of all infrastructure you already have in place. For example, if you are already running the SAML tokens to authenticated users, you can continue to do so, and you would just plug the SAML validation code in your license server. As a general rule, an authentication token is signed to prevent tampering. It would be possible to generate a signature using a symmetric key or with a private key. Then, checking on the server would involve checking the signature, either by using the same shared symmetric key or with the public key corresponding to the private key. (This is what is meant by 'token is based on a secret or public key shared infrastructure (PKI) ")

Although the API reference to "authentication tokens", it would also be possible to take advantage of this authorization mechanism. For example, if you have a web portal to access the information on which a user is allowed to access the content, the Portal could issue an authorization token that says that the user X is allowed to play the content Y and Z. When the license server receives this token in a license application for content, simply, check the token is still valid and that the token States it is allowed to grant access to the content Y. This workflow, the license server doesn't have access to the database that contains authorization information, making it easier to deploy the server in a highly scalable way.

Is this address your questions and concerns?

4.0.1 custom authentication
Hello

I am trying to create a custom authentication scheme based on my own auth function.
The function already exists and works very well in APEX 3.2.1.

4.0.1 it seems that the function is not called at all.

If someone has recognized the same? Solved?

Is it still 'return my_authfunction' in the schema definition?

Thanks in advance.
Carsten
Hi Carsten,

I was not able to know the workspace CPESPACE the connection and user PATRICK with the password [email protected]
Can you reset again once, maybe someone else connected and changed the password.

Concerning
Patrick
-----------
My Blog: http://www.inside-oracle-apex.com
APEX 4.0 Plug-Ins: http://apex.oracle.com/plugins
Twitter: http://www.twitter.com/patrickwolf

Custom authentication fails with PLS-00306: wrong number or types of argume
Hello

I wrote a custom authentication scheme. I have a function that returns a BOOLEAN. Now, when I tried to test it, he throwed the following error.

< pre >
ORA-06550: line 2, column 8: PLS-00306: wrong number or types of arguments in the call to 'AUTH_ON_MY_USERS' ORA-06550: line 2, column 1: PL/SQL: statement ignored
ERR-10460 error cannot perform the function of verification of the authentication credentials.
Ok
< / pre >

The function is
< pre >
create or replace function auth_on_my_users (p_username_in in varchar2
p_password_in in varchar2)
return a Boolean value
is
Start
Returns true;
end;
< / pre >

I have an Oracle 10 g XE on windows. Apex 3.2.1. When I tried the same thing in apex.oracle.com, it worked. Is there something to do with XE and 3.2.1?

Any idea? Thanks in advance.

Concerning
Guru

Published by: guru Perrin on November 23, 2009 19:44 - Typo
Hello

Try
```
create or replace function auth_on_my_users( p_username in varchar2, p_password in varchar2)
return boolean is
begin
 return true;
end;
```
The engine requires Express provides this function to have the signature (p_username in varchar2, p_password in varchar2) return a Boolean value.
>

BR, Jari

Change password with a custom authentication
Hello

I use a custom authentication scheme, which is a combination of authentication, ldap and apex. I created a function that checks in a user table to see if authentication_type is 'LDAP' or ' APEX. Depending on the type, be it authenticate against ldap or apex. It works very well. No problem.

I also created a page for the password change functionality. This page has "new password" and "Confirm password" fields and a "submit" button. He also ' send' process that calls apex_util. CHANGE_CURRENT_USER_PW(:P43_NEWPASSWORD); to change the password for users of the apex.

To change the password, the page gives the message that the password was changed successfully, but it actually doesn't change anything. I don't understand why?

Help, please.

Thnx
Milan
The user name is stored in uppercase in the user account. So what you could do is:

declare l_user varchar2 (30);
Start
l_user: = v ('APP_USER');
apex_application. G_user: = upper (l_user);
apex_util. CHANGE_CURRENT_USER_PW(:P43_NEWPASSWORD);
apex_application. G_user: = l_user;
end

Scott

Share the authentication scheme between different applications
Hi all:

I use APEX3.1.2 in Oracle 10g XE.

I created a new authentication scheme called 'APEX_EBS' in the application "A". I have several other applications 'B', 'C' etc. I want also to application 'B' and 'C' using the same authentication scheme 'APEX_EBS', I created for application 'A'. However, I have connection select application 'B' (or 'C'), then the shared components = > authentication schemes, I do not see the pattern "APEX_EBS".

How to make my "APEX_EBS" available for application 'B' and 'C' custom authentication scheme. It seems easy to do, but I can't find an answer.

Thank you!

Kevin
Kevin,

First, all applications must exist in the same workspace. Go to application B, create an authentication scheme (note, Plan, no schema) of the Gallery (choice of the scheme of Application Express) and name it EBS_COPY, for example. Then modify this scheme and under subscription, use the popup LOV labeled 'Reference Master Authentication Scheme From' and select the application APEX_EBS schema a. apply changes and which copy the APEX_EBS authentication scheme in application B.

This publish/subscribe feature is also available for other types of shared components. At any time, the developer of a subscribing application can use "Refresh" to "pull" the latest version of the component from the main application, or editing. Alternatively, the publishing application developer can use the "publish" feature to 'push' the most recent copy of the component to all subscribers.

Note that for shared in this way authentication schemes, you must decide if you want to use a page of common connection or page within each application. If your APEX_EBS authentication scheme uses a login page in one or more of your apex applications, let me know how it should work and I will be able to guide you further.

Scott

Create the custom for more than one table, and then another user authentication scheme
Hello

I already test to create an courable authentication scheme. It works very well!

My problem is that I designed a database on the data requirements. So the results are two different user tables - one record data of the company and the other to consist of data from dealers. Both can register on my web application with e-mail address (Unique).

The authentication scheme in APEX checks the table right on a data user!

A possible solution is to call the company with the dealer table table. But in the picture of society isn't some attributes wich find no need in the dealer table and vice versa.
Further, that it is not possible that the concessionaire may register that they self as a company with the same which e-mail they use for registration as a reseller.

Can you give me some more ideas how slove/manage this problem...

I am using APEX 4.0.2 on an Oracle 10 g database.

NEDO

Edited by: Mr.Nedo the 12.05.2011 02:16
>
The authentication scheme in APEX checks the table right on a data user!

A possible solution is to call the company with the dealer table table. But in the picture of society isn't some attributes wich find no need in the dealer table and vice versa.
Further, that it is not possible that the concessionaire may register that they self as a company with the same which e-mail they use for registration as a reseller.
>

Create a view which combines common elements of the user of the 2 tables and the authentication scheme based checks on the view.

Using custom authentication

The orders database sample application demo normally comes with authentication customized with user and package and trigger for the user tables and verification of pwd.
Can anyone help me that use of old authentication scheme custom code that I can customize?
Thanks in advance
George

Hi George,.

Please update, that you manage with a name instead of user483406.

user483406 wrote:

The orders database sample application demo normally comes with authentication customized with user and package and trigger for the user tables and verification of pwd.

Can anyone help me that use of old authentication scheme custom code that I can customize?

Thanks in advance

George

Patrick Barel has created a nice blog on custom in Oracle APEX authentication.

I hope this helps!

Kind regards

Kiran

How to redirect the page when custom authentication is on?

Hello gurus:
I'm working on a APEX 4.2 x asks, when the authentication scheme is set to Custom - which means, the validation is done through a PLSQL package against a custom table.
I have 3 buttons on the homepage viz, Login, forgotten password, register. This page has nothing other than these three buttons.
If I click on the " login " button, it takes me to the login page. If I click on the forgotten password button, it takes me to the password screen. However by clicking the register button, only takes me to the login Page.
I don't understand why this happens. Can anyone help?
Thank you
Srini

Srini.Ramanujam wrote:

I'm working on a APEX 4.2 x asks, when the authentication scheme is set to Custom - which means, the validation is done through a PLSQL package against a custom table.

I have 3 buttons on the homepage viz, Login, forgotten password, register. This page has nothing other than these three buttons.

If I click on the " login " button, it takes me to the login page. If I click on the forgotten password button, it takes me to the password screen. However by clicking the register button, only takes me to the login Page.

I don't understand why this happens.

This happens if the registration page requires authentication. The page must be accessible to the public.

Custom authentication scheme

Similar Questions

Maybe you are looking for