Help: creating a custom LDAP authentication
Hi allFor some reason I need a LDAP authentication against 2 host servers.
For this reason that I wrote a function with 2 parameters of user and password. This function is to search on a server to which the user can find and make a simple_bind on the server, return true to bind with success and false for failure.
FUNCTION LDAP_AUTH_GLOBAL_DOMAIN
( pUser IN VARCHAR2
, pPassword IN VARCHAR2 )
RETURN BOOLEAN
IS
l_retval PLS_INTEGER;
l_session DBMS_LDAP.session;
l_ldap_port VARCHAR2(256) := '123';
l_ldap_host VARCHAR2(256);
l_ldap_user VARCHAR2(256);
l_ldap_passwd VARCHAR2(256);
v_login VARCHAR2(256);
v_login_result boolean := FALSE;
v_domain VARCHAR2(100);
BEGIN
BEGIN
v_domain := GET_DOMAIN_OF_USER( pUser => pUser );
v_login := v_domain || '\' || pUser;
IF lower(v_domain) = 'mydomain' THEN
l_ldap_host := 'host.mydomain.com';
ELSIF lower(v_domain) = 'mydomain2' THEN
l_ldap_host := 'host.mydomain2.com'';
END IF;
DBMS_LDAP.USE_EXCEPTION := TRUE;
--
l_session := DBMS_LDAP.init( hostname => l_ldap_host,
portnum => l_ldap_port);
l_retval := DBMS_LDAP.simple_bind_s( ld => l_session,
dn => v_login,
passwd => pPassword );
v_login_result := TRUE;
l_retval := DBMS_LDAP.unbind_s( ld => l_session );
EXCEPTION
WHEN OTHERS THEN
v_login_result := FALSE;
END;
RETURN v_login_result;
END LDAP_AUTH_GLOBAL_DOMAIN;
In the next step, I created a new authentication scheme "Based on the pre-setting plan of the Gallery", entered a name and selected "Custom" as the type of regime.The next page, I even ask some values:
Function name Sentinel-> what I have to do or is there a default check when I leave it empty
Name of procedure no valid Session-> y at - it a default value, when it is empty
Name of the function of authentication-> I entered: "return my_auth (: username,: PASSWORD) ' or 'return my_auth' or 'my_auth '.
Name of the Logoout post-> procedure y at - it a default value, when it is empty
Activate the attributes Legacy authentication-> does this mean?
On my login page existing I changed nothing, so I still have my processes:
The Username Cookie value:
begin
owa_util.mime_header('text/html', FALSE);
owa_cookie.send(
name=>'LOGIN_USERNAME_COOKIE',
value=>lower(:P101_USERNAME));
exception when others then null;
end;
Login:wwv_flow_custom_auth_std.login(
P_UNAME => :P101_USERNAME,
P_PASSWORD => :P101_PASSWORD,
P_SESSION_ID => v('APP_SESSION'),
P_FLOW_PAGE => :APP_ID||':1'
);
I'm a little uncertain about this logon process, should I change this?I've never used custom authentication and cannot find a step-to-step tutorial, by saying what needs to be done.
Thanks for your help
Chrissy
Don't know if this is the case, but I think that your authentication functio signature should be:
FUNCTION LDAP_AUTH_GLOBAL_DOMAIN
(p_username IN VARCHAR2,
p_password IN VARCHAR2)
RETURN BOOLEAN
Tags: Database
Similar Questions
-
We create a custom LDAP integration to replace the obsolete in the application. We have all our services to remote containers on a server separate from the slave servers. Must install the custom assemblies on the remote server that contains and if yes which directories? The documentation in the EP said to install only in the directories bin, web applications. Thank you.
Yes, put it in the same directory as the RemotingContainer.exe file.
-
LDAP authentication TWICE - authentication by default custom and Oracle?
Hi all
I have create an application with 2 pages (including the login page). My login page customized (for example...) 101) uses the authentication scheme that is customized with LDAP authentication.
My question is...
When I put in my URL of the login page in IE. Apex always redirect me to another page of connection (it looks like the default Oracle login page). The URL is http://xxxx.com/pls/apex_dev/wwww_flow_custom_auth_std.login_page?...
After I entered the username and password, it transfers me to my custom login page. Again, I have to enter the same username and password... Can someone tell me how can I remove/disable the default Oracle login page? Because I don't want to authenticate LDAP in TWICE. I'm really grateful if anyone can guide me how to turn off in detail.
Thank you mnayThe Sessison. not valid Page in the authentication scheme must be set to 101 (from the selection list). Is it? There should be nothing in the invalid Session of URL attribute.
Scott
-
Can anyone help me please with the fields required for LDAP authentication. My network administrator has sent me the following
LDAP://xxx.xxx.XX.x:389 / o = companyname? UID
Should the host be ldap://xxx.xxx.xx.x or just xxx.xxx.xx.x?
What looks like the DN? Wouldn't be just o = companyname, uid = % LDAP_USER %?
I tried a bunch of different scenarios against the LDAP test, but not luck. I checked THAT LDAP is working properly by means of other applications that use it.First, use Google for some free LDAP viewers. Those who will help a lot, and they usually work approximately 30 days before you have to pay to save them.
Then, specify the address of the LDAP server in the program, connect and try to find your information. My big problem has tried to get all understood, was that I also had to precede the domain name, something like user domain\username. Once I saw that in the LDAP viewers, and I used the same formula in my authentication routines, everything worked perfectly.
Among the free that I used was called LDAP administration tool.
Hope this helps, get LDAP working has been a huge headache until this.
Bill Ferguson
-
Need help to create a custom connector
I need help on developing custom Homegrown application connector and the version I use is OIM9.0.3
First of all, what are the steps we need care while developing a custom connector.
I can't able to find the process in google to develop the custom connector.
If you have all data related to the development of the connector custom, please share to me...
What are the thing we need to take care while developing the connector.
I spoke in the version OIM9.1 there is a possibility to develop the custom connector using the Genric technology, we can create the custom connector using the IOM GTC 9.1 feature
early response will be appreciatedI think the approach to take here will depend to a large extent what are the characteristics of the request of the House. Where it stores its user and the right information? It exposes an API or perhaps the database tables that you can use for commissioning?
In general, you need to create the following in IOM:
(1) a Type of COMPUTER resource
(2) a COMPUTER resource
(3) a resource object
(4) a form of customized process
(5) a procurement process
(6) task of process adapters (allows to really reach out to the target application and perform commissioning activities)Please come back with more information on what you are trying to integrate with and I can give you hope that some other points.
Rob
-
Need help to create a custom formula
I have a form of evaluation of staff for which I need to create a custom calculation script. We have a rating scale for 1,2,3,4, N/O (not observed). I need a formula that will not include indicators that were marked "N/O" but an average of all selected numbers and place it on the form.
The formula must focus on all areas and determine if they are a numeric value or the N/O, add all the fields with a digital together and then divide by the total number of assessments which have a numeric value. For example:
1.01 = 4
1.02 = 3
1.03 = N/O
1.04 = 3
1.05 = 3
1.06 = 4
1.07 = N/O
I need the formula for adding 1.01,1.02,1.04,1.05 and 1.06 and divide by 5 instead of divide by 7, because all indicators have not been observed.
Ah ok. In this case, you can use this code as the script of custom calculation of your average text field:
var n = 0;
var total = 0;
for (var i = 1; i)<=7; i++)="">=7;>
var f = this.getField("1.0"+i);
If (/ ^ \d$/.test(f.valueAsString)) {}
n ++ ;
Total += Number (f.valueAsString).
}
}
If (n == 0) event.value = "";
else event.value = total/n;
-
Asa and Cisco ldap authentication
Hi all
I have a problem with LDAP authentication.
I have a cisco Asa5510 and windows Server 2008 R2
I create the LDAP authentication.
AAA-server LDAPGROUP protocol ldap
AAA-server host 10.0.1.30 LDAPGROUP (inside)
Server-port 389
LDAP-base-dn dc = systems, dc = local
LDAP-naming-attribute sAMAccountName
LDAP-login-password *.
LDAP-connection-dn CN = users, OU = users, DC = network, DC = local
microsoft server typebut when I test, I have an error (user account work directly to the server)
AAA-authentication server LDAPGROUP host 10.0.1.30 userid password test *.
INFO: Attempt to <10.0.1.30>IP address authentication test (timeout: 12 seconds)
ERROR: Authentication rejected: not specifiedHelp, please
concerning
Frédéric
You have the account with username 'user' in ' 'reseaux.local' and "Utilisateurs.reseau.local '?"
If so, can you check if they are two other AD domain? The bug pointed out that ASA do not support authentication via LDAP refererals multi-domain.
You might consider to using an account administrator AD in "reseaus.local" for ASA to connect to AD.
10.0.1.30> -
Custom security / authentication provider
Hello
I need to create a custom provider that allows connections to a data source.
I followed this tutorial
http://fusionsecurity.blogspot.PT/2009/07/building-custom-security-providers-with.html
and when I start the weblogic, in types of list available providers, it appears.
I've also linked to it
This should work for the source, but it will not appear in the list of types available from suppliers.
Can anyone help me with this? I did find a lot of information on how to create a provider or connect to a database by using a data source.
I use jdev 12 c.
Thanks in advance
Thanks for your reply Markus.
Do you know a tutorial that can help me?
Update:
I managed to get to work with the link I gave in the original thread
-
Creating a custom for the current scale
Hi guys,.
I need help in the creation of a custom scale. I read motor current (analog I / P) and I want to show that on a chart and write it to a file. I need to use a linear scaling for custom scale. The slope is 2 and the intersection point is 0. I have attached the code to clearly indicate what I'm currently building. The way I put up right now, it's not the scaling. It has 2 spots in the code. I would like to create a custom for the first task, as in the attached code scale. I had a scale customized using VI to Express DAQ Assistant. But I do not see these options when I try to do the same with the DAQmx task. Please let me know how this can be done. Any help is greatly appreciated.
Thank you
REDA
Ah.
on the pallate DAQmx > advanced > the balance settings
There is a scale property node and "Create Scale.vi"
-
AnyConnect user using the user certificate authentication and LDAP authentication
Hello
I'm trying to implement the Anyconnect VPN for my office. Now, I want the user to authenticate the user certificate based (which is install user local system are we) CN value and LDAP authentication. A help how to achieve this requirement. We install Certificate ROOT and INTERMEDIATE Godaddy and even already installed ASA. Also, we have the user certificate installed on each system user to authenticate the user.
Any help please.
Hi subhasisdutta,
This link will certainly help you with the configuration:
http://www.Cisco.com/c/en/us/support/docs/security/AnyConnect-secure-mob...
Hope this info helps!
Note If you help!
-JP-
-
Another failure of the LDAP authentication
I'm trying to setup LDAP authentication for my ASA, as well as the AD Agent. Currently my authentication fails with the following debug output...
[- 2147483610] Starting a session
[- 2147483610] New Session request, the 0xcc854d8c, reqType = authentication context
[- 2147483610] Fiber has started
[- 2147483610] Create LDAP context with uri = ldap://10.11.1.15:389
[- 2147483610] Connect to the LDAP server:
status = success
supportedLDAPVersion [-2147483610]: value = 3
supportedLDAPVersion [-2147483610]: value = 2
[- 2147483610] Liaison as a Sargent\
[- 2147483610] Authentication Simple for Sargent\ to 10.11.1.15
[- 2147483610] LDAP search:
Base DN = [DC = City, DC = charlottesville, DC = org]
Filter = [sAMAccount = sargentm]
Range = [subtree]
[- 2147483610] The analysis of returned search results State failure
[- 2147483610] Fiber output Tx = 308 bytes Rx = 677 bytes, status =-1
[- 2147483610] End of the session
ERROR: Authentication rejected: not specified
I can however run successful AD etc., queries using the following commands.
show the identity of the user ad-users city.charlottesville.org filter sargentm
Ideas?
Replace the below listed command within the parameters of the server:
sAMAccount name-attribute LDAP
With
LDAP-naming-attribute sAMAccountName
Note: the sAMAccountName is configured correctly.
Jatin kone
-Does the rate of useful messages-
-
Clientless VPN SSL - policy of another LDAP authentication group
Hi all
I am currently working with Clientless SSL VPN. I have a problem with the creation of access to the different or blocking of users.
I created tunnel/connection-profile (WEB-VPN-TEST-Profil2) and create group WEB-VPN-TEST2. I joined with the LDAP server. I also create a map LDAP attribute to provide only specific users to access. I havn't create an address pool
What I'm trying to do is give access to the 'IL DBA' team and stop access to all the others in my organization. But to the login page when I give my password, I am able to connected even if I'm in the team "IT Network". Here's what I've done, (think I work for abcxyz.com)
=======================================================
AAA-server BL_AD protocol ldap
AAA-server BL_AD (inside) host 172.16.1.1
OR base LDAP-dn = abcxyz, DC = abcxyz, DC = com
LDAP-naming-attribute sAMAccountName
LDAP-login-password *.
LDAP-connection-dn [email protected] / * /
microsoft server type
LDAP-attribute-map CL-SSL-ATT-map
=======================================================
LDAP attribute-map CL-SSL-ATT-map
name of the memberOf IETF-Radius-class card
map-value memberOf 'CN = IT s/n, OU = abcxyz, DC = abcxyz, DC = com' WEB-VPN-TEST2
========================================================
WebVPN
allow inside
tunnel-group-list activate
internal-password enable
========================================================
internal strategy group WEB-VPN-TEST2
Group WEB-VPN-TEST2 policy attributes
VPN-tunnel-Protocol webvpn
group-lock value WEB-VPN-TEST-Profil2
WebVPN
value of the URL-list WEB-VPN-TEST-BOOKMARK
value of personalization WEB-VPN-TEST2
========================================================
remote access of tunnel-group WEB-VPN-TEST-Profil2 type
attributes global-tunnel-group WEB-VPN-TEST-Profil2
authentication-server-group abcxyz_AD
Group Policy - by default-WEB-VPN-TEST2
tunnel-group WEB-VPN-TEST-Profil2 webvpn-attributes
enable WEB-VPN-TEST-Profil2 group-alias
=========================================================
Please let me know if there is a question or let me know why I am still able to access the same if I did my attribure to match only with "IT"DBA ".
Thanks in advance.
BR.
Adnan
Hello Adnan,
That's what you do:
internal group WITHOUT ACCESS strategy
attributes of non-group policy
VPN - concurrent connections 0
attributes global-tunnel-group WEB-VPN-TEST-Profil2
Group Policy - by default-NO-ACCESS
Group WEB-VPN-TEST2 policy attributes
VPN - connections 3
Kind regards
-
Create a custom stamp, which can be edited or has a text box to enter the 4 digits
I need to do these in stamps for inspections on the ground. I am using acrobat for operations more and more now that I see the versatility in the management and creation of form. I have the guide to quickly access the fair of the stamps used in Acrobat X. I was wondering if there is a way to add a text box to them like a stamp or is there a different function, I should use. These are glued on a pdf of a floorplan that I organize.
Thanks for any help.
Yes, you must create a custom dynamic stamp with custom scripts to prompt the user for input.
Secrets of dynamic stamp using JavaScript and Acrobat XI by Thom Parker.
-
For Cloud SGD LDAP authentication for users and administrators
Hello.
I recently completed the installation of my new cloud of SGD 12.1.0.3 on Linux 6.4 (on a virtual machine).
My question is if it is possible (and how) to enable authentication for new administrator SGD through LDAP accounts?
We have already our VM hosts configured to allow LDAP authentication to theirs, but how to configure WHO to enable LDAP authentication even as users of server? Because users are in LDAP, they do not have a local account on the servers, and we do not necessarily want users of WHO in order to connect the servers anyway.
One of the objectives to use LDAP is that we want to allow users to have only to change their domain/LDAP password and everything else is updated.
I see that when an account is created in the OMS, the user is created in the repository of OMS database. I really want to restrict not know them to log directly in the database, but do how this is possible. Can we still use pupbld for this? Probably not...
I read the book below the Oracle documentation, but it is for SGD 11.1 and I'm under 12.1.
But the same year, he was not very descriptive about how to set up.
It sounds almost as if you had to take the decision to use LDAP for the installation of beginning of WHO.
I hope not, and I do not remember that as an option that I have installed the SGD.
Yes, you can still integrate with LDAP. Please see the documentation here
http://docs.Oracle.com/CD/E24628_01/doc.121/e36415/sec_features.htm#CJAGHGAH
EM use WLS for authentication, so everything that is supported by this version of WLS will work. Documentation received instructions for OAM/OID/HAD and Active Directory are specified.
Users can be changed to type external if they are already created in the repository with the appropriate connection name. Otherwise, new users can be created.
Also be sure to examine the external roles option, which allows you to map a LDAP group to an external role in EM by using the same name and automatically assigning the privileges required by this group.
-
Create a custom as container declarative component
Hi all
I use Jdev 12 c.
I want to create a custom declarative component like this:
Container.JSF:
<af:panelGroupLayout id="#{attrs.Name}_VIEWPORT" layout="scroll" binding="#{attrs.Binding}" inlineStyle="position:absolute;width:#{attrs.ViewportWidth}px;height:#{attrs.ViewportHeight}px;top:#{attrs.ViewportY}px;left:#{attrs.ViewportX}px;border:1px solid;background:#c6c6ff;z-index:#{attrs.ZIndex};"> <af:panelGroupLayout id="#{attrs.Name}" layout="scroll" inlineStyle="position:absolute;width:#{attrs.Width}px;height:#{attrs.Height}px;"> </af:panelGroupLayout> </af:panelGroupLayout> <af:xmlContent> <afc:component> <afc:description/> .... .... </af:xmlContent>
I use this custom component to group some child components like this:
< abc: container... >
< af:inputText... / >
< af:inputText... / >
< / abc: container >
But the things is in the Java code, I can't get components RichInputText:
It is my function:
private void getFacetAndChild(UIComponent parent) { Iterator childrens = parent.getFacetsAndChildren(); while (childrens.hasNext()) { UIComponent child = (UIComponent)childrens.next(); System.out.println("Log child >> " + child); getFacetAndChild(child); } }
this function will print only the second RichPanelGroupLayout.
Any ideas to help me get all the RichInputText?
Thank you and best regards!
Hi all
I found the solution. Just add a facet for custom container
- inlineStyle = "position: absolute;" width: #{uploading. ViewportWidth} px; height: #{uploading. ViewportHeight} px; top: #{uploading. ViewportY} px; left: #{uploading. ViewportX} px; border: 1px solid; background: #c6c6ff; z index: #{uploading. ZIndex}; » >
- inlineStyle = "position: absolute;" width: #{uploading. Width} px; height: #{uploading. Height PX}; » >
- ....
- ....
And the used page:
Maybe this solution will help others to create a custom container
Thank you and best regards!
Maybe you are looking for
-
Can't turn on my Satellite A215
Hello I have a Toshiba Satellite A215, was used for 1 year and a half. One day, suddenly, he just made a short "pop" sound and crashed. Cannot activate it since then. More than that, small fires showing me the connection ca, use of the HDD, etc. batt
-
Deletion of a HP Envy 120 print job
I deleted a few small print jobs to my printer which worked well. But a print job rest that I can't delete it, it has been remove for more than 12 hours, it's only work in small characters (the application of 1 'Word' page). The printer displays "e
-
Here are my settings but when I click on save, it is said: default gateway is not a valid address. If necessary some additional data I can post, just ask.
-
The functionality of cyclking between the windows have been disabled. Anyone who knows how to turn it on?
-
Smartphone blackBerry OS upgrade of risk?
Hello Forum, Is there a risk to the upgrade of the OS for the storm with the package of another carrier? There are carriers of specific components that will impact operation on my home network? I am very interested in the new version.148 and the pro