How to authenticate with dbms_crypto

Hi, I use 11.2.0.4 database and 4.0.3.16 SQL Developer to build the application in the 4.2.5.00.08 APEX. So far I've always used the APEX of authentication or service AD. I would like to create a new scheme of personal authentication with encrypted passwords, using a PL/SQL package. I copied and pasted most of this from discussion threads. I always wanted to be a programmer, alas, my hopes are fading. I know that you people can do this in your sleep. I can create the user and encrypt the password, however, I can not authenticate on the encrypted password. Can I have mucked cela up while trying different threads. I think the problem is the process on the page, or I can not be in the way of the correct settings. P101_PASSWORD is a type of password to APEX. When I have a comment - AND student_password = v_hash, it works, but of course, he don't know the password. I appreciate the tips.

Peter

DECLARE

Result number: = 0;

BEGIN

result: = AUTH_PKG.authenticate_user (p_user_name_in = >: P101_USERNAME, p_password_in = >: P101_PASSWORD);

IF (result = 0)

THEN

wwv_flow_custom_auth_std.post_login

(P_UNAME = >: P101_USERNAME,)

P_PASSWORD = >: P101_PASSWORD,.

P_SESSION_ID = > v ('APP_SESSION').

P_FLOW_PAGE = >: APP_ID | » :1');

ON THE OTHER

owa_util. REDIRECT_URL ('f? p = & APP_ID.:101: & SESSION.) ") ;

END IF;

END;

The error is... additional_info: ORA-20001: year XXX tainted to authenticate the user - ORA-06502: PL & #x2F; SQL: a digital error or value: hex to raw conversion error

CREATE TABLE 'STUDENT '.

(NUMBER OF 'STUDENT_ID',

VARCHAR2 (100 BYTE) "E-MAIL."

VARCHAR2 (100 BYTE) "STUDENT_PASSWORD."

'STUDENT_PK' CONSTRAINT PRIMARY KEY ('STUDENT_ID")

create or replace the BODY of PACKAGE 'AUTH_PKG' AS

PROCEDURE adduser (p_user_name_in IN student.email%TYPE, p_password_in IN student.student_password%TYPE)
is
v_pwd_hash varchar2 (2000);
Start
v_pwd_hash: = get_enc_val (p_password_in, 'AL32UTF8');
insert into student (e-mail, student_password) values (p_user_name_in, v_pwd_hash);
commit;
adduser end;

FUNCTION authenticate_user (p_user_name_in IN student.email%TYPE, p_password_in IN student.student_password%TYPE)
RETURN number
IS
l_username student.email%TYPE: = p_user_name_in;
l_password student.student_password%TYPE: = p_password_in;
l_count NUMBER: = 0;
v_hash varchar2 (2000);

BEGIN
v_hash: = get_dec_val (p_password_in, 'AL32UTF8');
SELECT count (*)
IN l_count
The STUDENT
WHERE UPPER (email) = UPPER (l_username)
AND student_password = v_hash
AND NVL (num_invalid_logins, 0) < l_max_failed_logins;.
IF l_count = 1 THEN
apex_util.set_session_state ('USERNAME', UPPER (l_username));
apex_util.set_session_state ('LOGIN_MESSAGE', 'count = 1');
reset_invalid_login_count (l_username);
RETURN 1;
ON THE OTHER
apex_util.set_session_state ('LOGIN_MESSAGE', ' count <>1');
update_invalid_login_count (l_username);
l_failed_logins_count: = GET_NUM_INVALID_LOGINS (l_username);
IF l_failed_logins_count > l_max_failed_logins THEN
lock_user_account (l_username);
apex_util.set_session_state ('LOGIN_MESSAGE', 'your account has been locked.');
END IF;
RETURN 0;
END IF;
EXCEPTION
WHILE OTHERS THEN
RAISE_APPLICATION_ERROR (-20001, ' XXX is an error produced to authenticate-' |) SQLERRM);
END authenticate_user;

function get_enc_val (p_in in flood, in the first p_key) gross return is
l_enc_val varchar2 (2000);
number of l_mod: = dbms_crypto. ENCRYPT_AES128 + dbms_crypto. CHAIN_CBC + dbms_crypto. PAD_PKCS5;
Start
l_enc_val: = dbms_crypto.encrypt (UTL_I18N. STRING_TO_RAW(p_in,'AL32UTF8'), l_mod, p_key);
Return l_enc_val;
end;

function get_dec_val (p_in in flood, p_key in raw) gross yield
is
gross l_ret (2000);
gross l_dec_val (2000);
number of l_mod: = dbms_crypto. ENCRYPT_AES128 + dbms_crypto. CHAIN_CBC + dbms_crypto. PAD_PKCS5;
Start
l_dec_val: = dbms_crypto.decrypt(p_in,l_mod,p_key);
l_ret: = UTL_I18N. RAW_TO_CHAR (l_dec_val, 'AL32UTF8');
Return l_ret;
end;

END AUTH_PKG;

Post edited by: Hi 2775296, the original message was get_enc_val (p_in in varchar2, p_key in the first). I tried to change the data types from raw to varchar2 and varchar2 to raw, but I'm not sure who should be believed or varchar2. I got the same result. I also tried to change the v_hash: = get_dec_val (p_password_in, 'AL32UTF8'); to v_hash: = get_enc_val (p_password_in, 'AL32UTF8'); I got the same result. I don't think that get_dec_val is needed for this. No explanation is useful. Thank you. Peter

Store your password like a brute, for raw (100) of the instance

And you can try something like

create or replace package body auth_pkg

as

--

function hash_pw (p_pw varchar2, varchar2 p_salt)

Return to raw

is

t_pw raw (200);

t_salt raw (200);

t_tmp raw (204);

T_T raw (20);

t_hpw raw (100);

Start

If utl_raw.length (utl_raw.cast_to_raw (substr (p_pw, 1, 800))) > 200

then

t_pw: = utl_raw.substr (utl_raw.cast_to_raw (substr (p_pw, 1, 800)), 1, 200);

on the other

t_pw: = utl_raw.cast_to_raw (p_pw);

end if;

If utl_raw.length (utl_raw.cast_to_raw (substr (p_salt, 1, 800))) > 200

then

t_salt: = utl_raw.substr (utl_raw.cast_to_raw (substr (p_salt, 1, 800)), 1, 200);

on the other

t_salt: = utl_raw.cast_to_raw (p_salt);

end if;

because me in 1... 5

loop

t_tmp: = utl_raw.concat (t_salt, to_char (i, 'fm0xxxxxxx'));

for c in 1... 1024

loop

t_tmp: = dbms_crypto.mac (t_tmp, dbms_crypto.hmac_sh1, t_pw);

If c = 1

then

T_T: = t_tmp;

on the other

T_T: = utl_raw.bit_xor (t_t, t_tmp);

end if;

end loop;

t_hpw: = utl_raw.concat (t_hpw, t_t).

end loop;

Return t_hpw;

end;

--

procedure adduser

(p_user_name_in to student.email%type

p_password_in in student.student_password%type

)

is

v_pwd_hash raw (100);

Start

v_pwd_hash: = hash_pw (p_password_in, bass (p_user_name_in));

insert into student (e-mail, student_password) values (p_user_name_in, v_pwd_hash);

end;

--

function authenticate_user

(p_user_name_in to student.email%type

p_password_in in student.student_password%type

)

Return number

is

number of l_max_failed_logins: = 10;

cursor c_usr (gross b_hash)

is

Select 1 model

the student

where superior (e-mail) = upper (p_user_name_in)

and student_password = v_pwd_hash

and nvl (num_invalid_logins, 0)<>

r_usr c_usr % rowtype;

l_found boolean;

Start

Open c_usr (hash_pw (p_password_in, bass (p_user_name_in));)

extract the c_usr in r_usr;

l_found: = c_usr % found;

close c_usr;

--

If l_found

then

apex_util.set_session_state ("username", upper (p_user_name_in));

apex_util.set_session_state ('login_message', 'count = 1');

reset_invalid_login_count (p_user_name_in);

on the other

apex_util.set_session_state ('login_message', ' County<>1');

update_invalid_login_count (p_user_name_in);

If (p_user_name_in) get_num_invalid_logins > l_max_failed_logins

then

lock_user_account (p_user_name_in);

apex_util.set_session_state ('login_message', "your account has been locked.");

end if;

end if;

refer the case back when end t_found then 1 0 otherwise;

end;

--

end;

Tags: Database

Similar Questions

  • Client pix VPN how to authenticate with Active Directory

    Hi all, I've just set up my first Client VPN on a Cisco PIX. Everything works very well so that hitting the correct subnet and logon. However, I would like to see how I can get my connection of remote users with there active directory accounts. Right now I use the local connection for the pix for testing purposes. Sounds easy, but I'm missing something

    We use:

    Cisco Pix 515E version 6.3 (3)

    Thank you

    Dan

    Unfortunately the PIX 6.3.3 version does not support Active Directory authentication. V6.3.3 PIX only supports authentication to the server database, radius, and Ganymede local PIX.

    If you want to authenticate to active directory, it is support for PIX v7.x go.

    Here are the different types of authentication support for PIX v7.x leave for your reference:

    http://www.Cisco.com/en/us/docs/security/ASA/asa70/configuration/guide/AAA.html

    Hope that answers your question.

  • How to authenticate a network open on 4th generation Apple TV? Or pull up a web browser?

    How to authenticate a network open on 4th generation Apple TV? Or pull up a web browser?

    If you need assistance with a Wi Fi connection = > get help with Wi-Fi on your Apple TV - networks Support Apple

  • To authenticate with Kerberos for TimeMachine on OSX Server

    Hello

    Someone has an idea, how I can use Kerberos to authenticate with the TimeMachine service hosted by a server OSX?

    We use Mac clients in an Active Directory environment. Rules of procedure requires users to change their password after a few weeks. The problem: advertising knows the password, so the OSX Server knows the password, but the customers still have the old password stored in the keychain. So they try to connect to the service time machine with the old and evil, and that powers won't work. With Kerberos, this could be resolved.

    Any ideas?

    We use Mac OS X on the clients and server OSX 5.0.15 10.11.2

    Thank you!

    How to set up Time Machine?  System preferences or via a Configuration profile?  I'm guessing the system preferences.

    Try this command on one of your customers:

    tmutil destinationinfo

    If the value of the URL looks like this:

    AFP://user@host._afpovertcp._tcp.local./TM_Staff/

    Then you connect using Hello and so you're outside the Kerberos realm.  You can try to change the destination of a fully qualified host name or use configuration profiles.  What is the server bound to AD?

    Reid

    Apple Consultants Network

    'El Capitan Server - Foundation Services.

    «El Capitan Server - Collaboration & control»

    'El Capitan Server - Advanced Services '.

    : IBooks exclusively available in Apple store

  • URL is not change after successful authenticate with ISE 1.1.1

    Hello

    I have install Cisco Identity Service Engine (1.1.1) with Wireless LAN Controller (7.2.110)

    Everything is complete, unless the redirect URL. My customer comments can join the SSID of comments and also can authenticate to ISE.

    But after they success to authenticate with ISE, the URL in the browser does not alter the pre - configure. There still be something like https://ise-ip:8443/guestportal/redir.html . Anyway the content in the browser is replaced by the URL that is configured as http://www.google.com/

    How can I do with this cause of situation that everything works well, but only the URL of the browser that is not a change to the sits one.

    Thank you

    Mathias

    Hello

    See if this thread will help, what you can do to work around the problem, is to redirect all authentications to a single Web page.

    https://supportforums.Cisco.com/message/3664154#3664154

    Thank you

    Tarik Admani
    * Please note the useful messages *.

  • How to reset AirPort Extreme 10.11.6 OS? How to work with this pinhole? I'm trying to get rid of this flashing yellow light, which began after I installed a new modem from Comcast.

    How to reset AirPort Extreme 10.11.6 OS? How to work with this pinhole? I'm trying to get rid of this flashing yellow light, which began after I installed a new modem from Comcast.

    How to work with this pinhole?

    Usually a paperclip or toothpick or ball pen.

    Stick it in the hole and reset for about 10 seconds until the front led flashes quickly.

    How to reset AirPort Extreme 10.11.6 OS?

    The software method... Unlike the above material method... is to open airport utility and select restore default settings.

    Both methods take you to the same place.

    You can also read the manual...

    Reset to a base station AirPort FAQ - Apple Support

  • How Siri works with a hotspot wifi phone from ATT without data?

    How Siri works with a hotspot wifi phone from ATT without data? I have the hotspot & it recognizes my iPhone5c, but Siri cannot find a connection when I use it. My phone service is now but only phone at & t imessage. No data, unpaid for the text. It works fine on my home WiFi & works but not the hotspot.

    Siri requires an Internet connection

    It will not work without one

  • How the interface with my RND4000?

    I'm a replacement IT here. I have almost no notes to work from, and I've never used a SIN.

    How the interface with my RND4000? I tried to put the IP address in a web browser and you get "unable to connect".

    I think the NAS is supposed to be "hosted" on one of my servers. How to determine what is the server?

    Hello Helpdesk-Kerry,

    Then, it should be accessible. Perhaps, try another computer if after restarting it does not open yet?

    Kind regards

  • How to communicate with the gsm using lab view

    Please, someone tell me about the following uncertainties:

    1 can anyone tell me about the GSM part in lab mode?

    2. how to communicate with the GSM using lab view?

    3. how to publish my data through GSM using lab view?

    4. how to use ipod to send data to laboratory?

    5. what a DAC suitable for ipod?

    6. how to install the lab for ipod DAC mode?

    without worrying

    FR. mohammad rehan

    rehan_the_great wrote:

    Can u please tell me the minimum requirement of computer (labtop) for the use of labview, like ram size, HARD drive, map chart etc...

    A simple search for "labview requirements" on this site would have given you the information you want.

    http://www.NI.com/LabVIEW/requirements/

  • How to: scan with the HP Windows 8 software

    Learn how to analyze with your HP printer in Windows 8 by using the software provided with your printer.

    I hope that this video is informative and useful in your scanning process.

  • M1217nfw - How to scan with the page feed

    I'm tired of scan one page at a time. Is is possible to scan multiple pages from the feeder to scan? I.m on an operating system Windows 8 using the application "scan to" (don't know what is the name of apps or version.

    TIA

    Hey TIA,.

    There is no much difference between Win7 and win 8 so please follow this document below:

    How to scan with HP software > how to scan a document of several pages in a single file > ADF

     

    (If you need software HP for your MFP HP LaserJet Pro M1217nfw then follow Note :))

    http://support.HP.com/us-en/document/c03584750

    Note: Please find the link to download the HP LaserJet full feature and driver software

    http://h10025.www1.HP.com/ewfrf/wc/softwareDownloadIndex?softwareitem=IM-80811-6&cc=us&DLC=en&LC=en&OS=4132&product=4075472&sw_lang=

  • How to scan with an office jet 6500 has and a Mac OS 10.9.4?

    How to scan with an office jet 6500 has and a Mac OS 10.9.4?

    Hi midandco and welcome to the Forums of HP!

    I see that you are looking in the scanning options.  I would like to help.

    As there is no software available for Mac OS X 10.9 HP, you are advised to use the driver of digitization of the OS from Apple.  I'm including a document I would recommend using, title v10.9 OS X Mavericks: installing and using the printer on a Mac.  There is a section called "How to scan with Apple software update driver?"  This should help to address the issue.

    Please let me know if you have any questions.  Thanks for posting on the HP Forums!

  • How to scan with my MG5620 for attachment to an e-mail message to send with my chrombit (wireless connect

    How to scan with my MG5620 for attachment to an e-mail message to send with my chrombit (wireless connect)? I guess I have to be able to drop on my Google Cloud someway.

    Thanks, I'll do the application of inkjet Canon a try.

  • How to talk with microcontroller using RS232

    Hello

    I'm working on a project, which includes a power supply and the Commission of the PRINTED circuit board. This Board is composed of a microcontroller, with realys, power supply.

    My goal is to read current, volatge and reading output relay using the ports of mictocontroller.

    It's my first project, and I don't have any experience in how to communicate with microcontroller using LV (VISA). ?

    How to read the ports?

    I have to write the program for her?

    If I, then, how can I send this program to the LV program?

    I'm a little confused. Could you please help.

    Thank you

    So in your case, your best bet is uot start with programs for example LabVIEW which is by opening LabVIEW > help > find examples.  This must fill out a ton of examples.  Once in the example finder go to hardware input and output.  I was looking at so the two following folders: series and VISA.  Depending on how you communicate to your device you should be able to find an example of program that will let you use and on your way!

    The other source of assistance that I propose is the Nicom/community where many users publish different programs for different applications - you may be able to find an example that is suitable for your application.

    I hope that this help please let us know if you need more help!

  • How to deal with analysis PC Performance & Stability Report

    Yesterday, when I just walked into my Office Xp, an error report in a program called... uh, PC Performance & Stability Report analysis, can possibly be, telling me to correct these errors have shown under its professional service.
    How to deal with him?
    Thank you for your advice it.

    Hello MeriClaybron,

    1. have you installed any show analyzing the program on your computer?

    This problem can be caused due to infection by the Virus. I suggest that you run a virus scan on your computer using Microsoft Safety scanner and check if you have the same problem.

    http://www.Microsoft.com/security/scanner/en-us/default.aspx

Maybe you are looking for

  • GPIB - Recovery timeout in the IBRD

    Hello Appellant to the IBRD of in a C++ program, I sometimes get an error in time-out (identified by checking which bits are defined in ibsta). Assuming that the only problem is that I have not put long time enough (ie the remote device will really a

  • update of the lollipop &lt; Closed &gt; roll of India soon?

    Lollipop seem to be held in re USA terms of their cyber d... Is der any possibility to do soon for the India... Using a retail edition has always not updated d is overwhelming... There is der such a delay of Motorola for an update which had Neva hapn

  • dv7t-6100cto: retrieve from restore disk I did for ssd

    Can I restore my system to an SSD of the restore disc, as I did when I bought my computer or it will not work on anything other than a hard drive? The drive is a model intel 330 I used and got a corruption or something and need to reinstall the syste

  • I want to completely re - install Windows Vista and start over. How can I do this without disk?

    I have windows vista on my laptop, I just want to clean all the files and renew my operating system because my laptop does not work in normal mode and I have to use in safe mode all the time. and I have no cd for windows. any suggestion what should I

  • SONY KDL-46EX720 subtitles problem

    I bought a Sony KDL-46EX720 a year ago to the Portugal. I remember viewing a movie hollow files usb port and it worked fine, except for the subtitles that had a strange police which made impossible subtitles to read (I remember, we had the opportunit