Help: creating a custom LDAP authentication

Hi all

For some reason I need a LDAP authentication against 2 host servers.
For this reason that I wrote a function with 2 parameters of user and password. This function is to search on a server to which the user can find and make a simple_bind on the server, return true to bind with success and false for failure.

FUNCTION LDAP_AUTH_GLOBAL_DOMAIN
  ( pUser     IN            VARCHAR2
  , pPassword IN            VARCHAR2 )
RETURN BOOLEAN
IS
  l_retval PLS_INTEGER;
  l_session DBMS_LDAP.session;
  l_ldap_port   VARCHAR2(256) := '123';
  l_ldap_host   VARCHAR2(256);
  l_ldap_user   VARCHAR2(256);
  l_ldap_passwd VARCHAR2(256);
  v_login       VARCHAR2(256);
  v_login_result boolean := FALSE;
  v_domain       VARCHAR2(100);
BEGIN
  BEGIN
    v_domain := GET_DOMAIN_OF_USER( pUser => pUser );
    v_login := v_domain || '\' || pUser;
  
    IF lower(v_domain) = 'mydomain' THEN
      l_ldap_host := 'host.mydomain.com';
    ELSIF lower(v_domain) = 'mydomain2' THEN
      l_ldap_host := 'host.mydomain2.com'';
    END IF;
    
    DBMS_LDAP.USE_EXCEPTION := TRUE;
    --    
    l_session := DBMS_LDAP.init( hostname => l_ldap_host, 
                                 portnum => l_ldap_port);
    l_retval  := DBMS_LDAP.simple_bind_s( ld => l_session, 
                                          dn => v_login, 
                                          passwd => pPassword );
    v_login_result := TRUE;                                      
                                          
    l_retval := DBMS_LDAP.unbind_s( ld => l_session );
    
  EXCEPTION 
    WHEN OTHERS THEN
      v_login_result := FALSE;
  END;  
    
  RETURN v_login_result;
END LDAP_AUTH_GLOBAL_DOMAIN;

In the next step, I created a new authentication scheme "Based on the pre-setting plan of the Gallery", entered a name and selected "Custom" as the type of regime.
The next page, I even ask some values:
Function name Sentinel-> what I have to do or is there a default check when I leave it empty
Name of procedure no valid Session-> y at - it a default value, when it is empty
Name of the function of authentication-> I entered: "return my_auth (: username,: PASSWORD) ' or 'return my_auth' or 'my_auth '.
Name of the Logoout post-> procedure y at - it a default value, when it is empty
Activate the attributes Legacy authentication-> does this mean?

On my login page existing I changed nothing, so I still have my processes:
The Username Cookie value:

begin
owa_util.mime_header('text/html', FALSE);
owa_cookie.send(
    name=>'LOGIN_USERNAME_COOKIE',
    value=>lower(:P101_USERNAME));
exception when others then null;
end;

wwv_flow_custom_auth_std.login(
    P_UNAME       => :P101_USERNAME,
    P_PASSWORD    => :P101_PASSWORD,
    P_SESSION_ID  => v('APP_SESSION'),
    P_FLOW_PAGE   => :APP_ID||':1'
    );

I'm a little uncertain about this logon process, should I change this?
I've never used custom authentication and cannot find a step-to-step tutorial, by saying what needs to be done.

Thanks for your help
Chrissy

Don't know if this is the case, but I think that your authentication functio signature should be:

FUNCTION LDAP_AUTH_GLOBAL_DOMAIN
  (p_username   IN VARCHAR2,
   p_password   IN VARCHAR2)
RETURN BOOLEAN

Tags: Database

Similar Questions

Custom LDAP integration
We create a custom LDAP integration to replace the obsolete in the application. We have all our services to remote containers on a server separate from the slave servers. Must install the custom assemblies on the remote server that contains and if yes which directories? The documentation in the EP said to install only in the directories bin, web applications. Thank you.
Yes, put it in the same directory as the RemotingContainer.exe file.

LDAP authentication TWICE - authentication by default custom and Oracle?
Hi all

I have create an application with 2 pages (including the login page). My login page customized (for example...) 101) uses the authentication scheme that is customized with LDAP authentication.

My question is...
When I put in my URL of the login page in IE. Apex always redirect me to another page of connection (it looks like the default Oracle login page). The URL is http://xxxx.com/pls/apex_dev/wwww_flow_custom_auth_std.login_page?...

After I entered the username and password, it transfers me to my custom login page. Again, I have to enter the same username and password... Can someone tell me how can I remove/disable the default Oracle login page? Because I don't want to authenticate LDAP in TWICE. I'm really grateful if anyone can guide me how to turn off in detail.

Thank you mnay
The Sessison. not valid Page in the authentication scheme must be set to 101 (from the selection list). Is it? There should be nothing in the invalid Session of URL attribute.

Scott

Help with LDAP authentication
Can anyone help me please with the fields required for LDAP authentication. My network administrator has sent me the following

LDAP://xxx.xxx.XX.x:389 / o = companyname? UID

Should the host be ldap://xxx.xxx.xx.x or just xxx.xxx.xx.x?
What looks like the DN? Wouldn't be just o = companyname, uid = % LDAP_USER %?

I tried a bunch of different scenarios against the LDAP test, but not luck. I checked THAT LDAP is working properly by means of other applications that use it.
First, use Google for some free LDAP viewers. Those who will help a lot, and they usually work approximately 30 days before you have to pay to save them.

Then, specify the address of the LDAP server in the program, connect and try to find your information. My big problem has tried to get all understood, was that I also had to precede the domain name, something like user domain\username. Once I saw that in the LDAP viewers, and I used the same formula in my authentication routines, everything worked perfectly.

Among the free that I used was called LDAP administration tool.

Hope this helps, get LDAP working has been a huge headache until this.

Bill Ferguson

Need help to create a custom connector
I need help on developing custom Homegrown application connector and the version I use is OIM9.0.3
First of all, what are the steps we need care while developing a custom connector.
I can't able to find the process in google to develop the custom connector.
If you have all data related to the development of the connector custom, please share to me...

What are the thing we need to take care while developing the connector.
I spoke in the version OIM9.1 there is a possibility to develop the custom connector using the Genric technology, we can create the custom connector using the IOM GTC 9.1 feature

early response will be appreciated
I think the approach to take here will depend to a large extent what are the characteristics of the request of the House. Where it stores its user and the right information? It exposes an API or perhaps the database tables that you can use for commissioning?

In general, you need to create the following in IOM:

(1) a Type of COMPUTER resource
(2) a COMPUTER resource
(3) a resource object
(4) a form of customized process
(5) a procurement process
(6) task of process adapters (allows to really reach out to the target application and perform commissioning activities)

Please come back with more information on what you are trying to integrate with and I can give you hope that some other points.

Rob

Need help to create a custom formula

I have a form of evaluation of staff for which I need to create a custom calculation script. We have a rating scale for 1,2,3,4, N/O (not observed). I need a formula that will not include indicators that were marked "N/O" but an average of all selected numbers and place it on the form.
The formula must focus on all areas and determine if they are a numeric value or the N/O, add all the fields with a digital together and then divide by the total number of assessments which have a numeric value. For example:
1.01 = 4
1.02 = 3
1.03 = N/O
1.04 = 3
1.05 = 3
1.06 = 4
1.07 = N/O
I need the formula for adding 1.01,1.02,1.04,1.05 and 1.06 and divide by 5 instead of divide by 7, because all indicators have not been observed.

Ah ok. In this case, you can use this code as the script of custom calculation of your average text field:

var n = 0;

var total = 0;

for (var i = 1; i)<=7; i++)="">

var f = this.getField("1.0"+i);

If (/ ^ \d$/.test(f.valueAsString)) {}

n ++ ;

Total += Number (f.valueAsString).

}

}

If (n == 0) event.value = "";

else event.value = total/n;

Asa and Cisco ldap authentication

Hi all

I have a problem with LDAP authentication.

I have a cisco Asa5510 and windows Server 2008 R2

I create the LDAP authentication.

AAA-server LDAPGROUP protocol ldap
AAA-server host 10.0.1.30 LDAPGROUP (inside)
Server-port 389
LDAP-base-dn dc = systems, dc = local
LDAP-naming-attribute sAMAccountName
LDAP-login-password *.
LDAP-connection-dn CN = users, OU = users, DC = network, DC = local
microsoft server type

but when I test, I have an error (user account work directly to the server)

AAA-authentication server LDAPGROUP host 10.0.1.30 userid password test *.

INFO: Attempt to <10.0.1.30>IP address authentication test (timeout: 12 seconds)
ERROR: Authentication rejected: not specified

Help, please

concerning

Frédéric

You have the account with username 'user' in ' 'reseaux.local' and "Utilisateurs.reseau.local '?"

If so, can you check if they are two other AD domain? The bug pointed out that ASA do not support authentication via LDAP refererals multi-domain.

You might consider to using an account administrator AD in "reseaus.local" for ASA to connect to AD.

Custom security / authentication provider

Hello
I need to create a custom provider that allows connections to a data source.
I followed this tutorial
http://fusionsecurity.blogspot.PT/2009/07/building-custom-security-providers-with.html
and when I start the weblogic, in types of list available providers, it appears.
I've also linked to it
http://WebLogic-wonders.com/WebLogic/2014/01/14/simple-sample-custom-database-authenticator-Oracle-WebLogic-Server-11g/
This should work for the source, but it will not appear in the list of types available from suppliers.
Can anyone help me with this? I did find a lot of information on how to create a provider or connect to a database by using a data source.
I use jdev 12 c.
Thanks in advance

Thanks for your reply Markus.

Do you know a tutorial that can help me?

Update:

I managed to get to work with the link I gave in the original thread

Creating a custom for the current scale

Hi guys,.

I need help in the creation of a custom scale. I read motor current (analog I / P) and I want to show that on a chart and write it to a file. I need to use a linear scaling for custom scale. The slope is 2 and the intersection point is 0. I have attached the code to clearly indicate what I'm currently building. The way I put up right now, it's not the scaling. It has 2 spots in the code. I would like to create a custom for the first task, as in the attached code scale. I had a scale customized using VI to Express DAQ Assistant. But I do not see these options when I try to do the same with the DAQmx task. Please let me know how this can be done. Any help is greatly appreciated.

Thank you

REDA

Ah.

on the pallate DAQmx > advanced > the balance settings

There is a scale property node and "Create Scale.vi"

AnyConnect user using the user certificate authentication and LDAP authentication

Hello

I'm trying to implement the Anyconnect VPN for my office. Now, I want the user to authenticate the user certificate based (which is install user local system are we) CN value and LDAP authentication. A help how to achieve this requirement. We install Certificate ROOT and INTERMEDIATE Godaddy and even already installed ASA. Also, we have the user certificate installed on each system user to authenticate the user.

Any help please.

Hi subhasisdutta,

This link will certainly help you with the configuration:

http://www.Cisco.com/c/en/us/support/docs/security/AnyConnect-secure-mob...

Hope this info helps!

Note If you help!

-JP-

Another failure of the LDAP authentication

I'm trying to setup LDAP authentication for my ASA, as well as the AD Agent. Currently my authentication fails with the following debug output...

[- 2147483610] Starting a session

[- 2147483610] New Session request, the 0xcc854d8c, reqType = authentication context

[- 2147483610] Fiber has started

[- 2147483610] Create LDAP context with uri = ldap://10.11.1.15:389

[- 2147483610] Connect to the LDAP server:

LDAP://10.11.1.15:389

status = success

supportedLDAPVersion [-2147483610]: value = 3

supportedLDAPVersion [-2147483610]: value = 2

[- 2147483610] Liaison as a Sargent\

[- 2147483610] Authentication Simple for Sargent\ to 10.11.1.15

[- 2147483610] LDAP search:

Base DN = [DC = City, DC = charlottesville, DC = org]

Filter = [sAMAccount = sargentm]

Range = [subtree]

[- 2147483610] The analysis of returned search results State failure

[- 2147483610] Fiber output Tx = 308 bytes Rx = 677 bytes, status =-1

[- 2147483610] End of the session

ERROR: Authentication rejected: not specified

I can however run successful AD etc., queries using the following commands.

show the identity of the user ad-users city.charlottesville.org filter sargentm

Ideas?

Replace the below listed command within the parameters of the server:

sAMAccount name-attribute LDAP

With

LDAP-naming-attribute sAMAccountName

Note: the sAMAccountName is configured correctly.

Jatin kone

-Does the rate of useful messages-

Clientless VPN SSL - policy of another LDAP authentication group

Hi all

I am currently working with Clientless SSL VPN. I have a problem with the creation of access to the different or blocking of users.

I created tunnel/connection-profile (WEB-VPN-TEST-Profil2) and create group WEB-VPN-TEST2. I joined with the LDAP server. I also create a map LDAP attribute to provide only specific users to access. I havn't create an address pool

What I'm trying to do is give access to the 'IL DBA' team and stop access to all the others in my organization. But to the login page when I give my password, I am able to connected even if I'm in the team "IT Network". Here's what I've done, (think I work for abcxyz.com)

=======================================================

AAA-server BL_AD protocol ldap

AAA-server BL_AD (inside) host 172.16.1.1

OR base LDAP-dn = abcxyz, DC = abcxyz, DC = com

LDAP-naming-attribute sAMAccountName

LDAP-login-password *.

LDAP-connection-dn [email protected] / * /

microsoft server type

LDAP-attribute-map CL-SSL-ATT-map

=======================================================

LDAP attribute-map CL-SSL-ATT-map

name of the memberOf IETF-Radius-class card

map-value memberOf 'CN = IT s/n, OU = abcxyz, DC = abcxyz, DC = com' WEB-VPN-TEST2

========================================================

WebVPN

allow inside

tunnel-group-list activate

internal-password enable

========================================================

internal strategy group WEB-VPN-TEST2

Group WEB-VPN-TEST2 policy attributes

VPN-tunnel-Protocol webvpn

group-lock value WEB-VPN-TEST-Profil2

WebVPN

value of the URL-list WEB-VPN-TEST-BOOKMARK

value of personalization WEB-VPN-TEST2

========================================================

remote access of tunnel-group WEB-VPN-TEST-Profil2 type

attributes global-tunnel-group WEB-VPN-TEST-Profil2

authentication-server-group abcxyz_AD

Group Policy - by default-WEB-VPN-TEST2

tunnel-group WEB-VPN-TEST-Profil2 webvpn-attributes

enable WEB-VPN-TEST-Profil2 group-alias

=========================================================

Please let me know if there is a question or let me know why I am still able to access the same if I did my attribure to match only with "IT"DBA ".

Thanks in advance.

BR.

Adnan

Hello Adnan,

That's what you do:

internal group WITHOUT ACCESS strategy

attributes of non-group policy

VPN - concurrent connections 0

attributes global-tunnel-group WEB-VPN-TEST-Profil2

Group Policy - by default-NO-ACCESS

Group WEB-VPN-TEST2 policy attributes

VPN - connections 3

Kind regards

Create a custom stamp, which can be edited or has a text box to enter the 4 digits

I need to do these in stamps for inspections on the ground. I am using acrobat for operations more and more now that I see the versatility in the management and creation of form. I have the guide to quickly access the fair of the stamps used in Acrobat X. I was wondering if there is a way to add a text box to them like a stamp or is there a different function, I should use. These are glued on a pdf of a floorplan that I organize.
Thanks for any help.

Yes, you must create a custom dynamic stamp with custom scripts to prompt the user for input.

Secrets of dynamic stamp using JavaScript and Acrobat XI by Thom Parker.

For Cloud SGD LDAP authentication for users and administrators

Hello.
I recently completed the installation of my new cloud of SGD 12.1.0.3 on Linux 6.4 (on a virtual machine).
My question is if it is possible (and how) to enable authentication for new administrator SGD through LDAP accounts?
We have already our VM hosts configured to allow LDAP authentication to theirs, but how to configure WHO to enable LDAP authentication even as users of server? Because users are in LDAP, they do not have a local account on the servers, and we do not necessarily want users of WHO in order to connect the servers anyway.
One of the objectives to use LDAP is that we want to allow users to have only to change their domain/LDAP password and everything else is updated.
I see that when an account is created in the OMS, the user is created in the repository of OMS database. I really want to restrict not know them to log directly in the database, but do how this is possible. Can we still use pupbld for this? Probably not...
I read the book below the Oracle documentation, but it is for SGD 11.1 and I'm under 12.1.
But the same year, he was not very descriptive about how to set up.
It sounds almost as if you had to take the decision to use LDAP for the installation of beginning of WHO.
I hope not, and I do not remember that as an option that I have installed the SGD.
Configuration of Oracle Enterprise repository to use external authentication tools - 11 g Release 1 (11.1.1.7)

Yes, you can still integrate with LDAP. Please see the documentation here

http://docs.Oracle.com/CD/E24628_01/doc.121/e36415/sec_features.htm#CJAGHGAH

EM use WLS for authentication, so everything that is supported by this version of WLS will work. Documentation received instructions for OAM/OID/HAD and Active Directory are specified.

Users can be changed to type external if they are already created in the repository with the appropriate connection name. Otherwise, new users can be created.

Also be sure to examine the external roles option, which allows you to map a LDAP group to an external role in EM by using the same name and automatically assigning the privileges required by this group.

Create a custom as container declarative component

Hi all

I use Jdev 12 c.

I want to create a custom declarative component like this:

Container.JSF:

<af:panelGroupLayout id="#{attrs.Name}_VIEWPORT" layout="scroll" binding="#{attrs.Binding}"
                         inlineStyle="position:absolute;width:#{attrs.ViewportWidth}px;height:#{attrs.ViewportHeight}px;top:#{attrs.ViewportY}px;left:#{attrs.ViewportX}px;border:1px solid;background:#c6c6ff;z-index:#{attrs.ZIndex};">
        <af:panelGroupLayout id="#{attrs.Name}" layout="scroll"
                             inlineStyle="position:absolute;width:#{attrs.Width}px;height:#{attrs.Height}px;">
          
        </af:panelGroupLayout>
    </af:panelGroupLayout>
<af:xmlContent>
        <afc:component>
            <afc:description/>
....
....
</af:xmlContent>

I use this custom component to group some child components like this:

< abc: container... >

< af:inputText... / >

< / abc: container >

But the things is in the Java code, I can't get components RichInputText:

It is my function:

    private void getFacetAndChild(UIComponent parent) {
        Iterator childrens = parent.getFacetsAndChildren();
        while (childrens.hasNext()) {
            UIComponent child = (UIComponent)childrens.next();
            System.out.println("Log child >> " + child);
            getFacetAndChild(child);
        }
    }

this function will print only the second RichPanelGroupLayout.

Any ideas to help me get all the RichInputText?

Thank you and best regards!

Hi all

I found the solution. Just add a facet for custom container

inlineStyle = "position: absolute;" width: #{uploading. ViewportWidth} px; height: #{uploading. ViewportHeight} px; top: #{uploading. ViewportY} px; left: #{uploading. ViewportX} px; border: 1px solid; background: #c6c6ff; z index: #{uploading. ZIndex}; » >

inlineStyle = "position: absolute;" width: #{uploading. Width} px; height: #{uploading. Height PX}; » >

....

....

And the used page:

Maybe this solution will help others to create a custom container

Thank you and best regards!

Help: creating a custom LDAP authentication

Similar Questions

Maybe you are looking for