session browser or apex?

My application requires LDAP authentication. It includes a custom login page (pg 101) - which of course is not public.

I start internet (IE) session of bowser, then start apex session, run app, it takes me to the login page. All right. Now sign out of the workspace. Connecting to the workspace (in the same browser session), run the application and this time I can run my pages without even be directed to the login page.

But if I start a new browser session and connect to the workspace and run the application, it will take me back to the login page.


I don't know what I need to fix in order to authenticate the user for each session of apex.


Please advice.

Thank you

Edited by: user5406804 May 19, 2010 11:08

When you use a custom authentication to function, you must return a BOOLEAN value; I see that in your code.

I see that the last line will redirect you to page 1; This is usually handled by the process of connection to the page 101:

(wwv_flow_custom_auth_std). Login
P_UNAME =>: P101_USERNAME,
P_PASSWORD =>: P101_PASSWORD,
P_SESSION_ID-online v ('APP_SESSION'),
P_FLOW_PAGE =>: APP_ID | » : 1'
);

This code calls the current authentication model and if its success, redirect you: APP_ID:1, which is page 1 of your current application.

You can install the sample Application and look at how this feature is implemented; the mechanics of the function is different, but all the moving parts, so to speak, are in their proper places it.

Thank you

-Scott-

http://spendolini.blogspot.com
http://www.sumneva.com

Tags: Database

Similar Questions

  • ApEx 4.0 cannot see the collections in the session browser.

    Hello

    I have an environmental assessment APEX 4.0 Setup on my place of work. I'm going to have is, I can't see one of my collections using the browser session, even if I do the collections exists because the reports based on the collections have given.

    I could see the other details of the session as page elements and elements of application but no specimen.

    I tested with apex.oracle.com using the same computer and browser (IE 7) and I could see the collections - no problems here.

    Evaluation and development of environments sharing the same database server (10g R2) and the same application server Oracle SOA Suite (10.1.3.4.0)

    The image files are different and has two different aliases for each of the environment (DEV's) and /i40/ for the EVAL

    Development is running Apex 3.2.1

    I don't know what other information must be posted to assess this situation, but please let me know.

    Any help is appreciated. I tried searching the forum, but it looks like I'm alone with this problem.

    Kind regards
    Ligon

    I searched with Jason on our team, and believe it or not, this issue seems to have existed before the APEX 4.0. However, a patch set exception (i.e., single patch) for this bug is available on MetaLink Patch 9855165as: ' BAD RESULTS WHEN watching a SESSION STATE OF DEVELOPER TOOLBAR» This will also be installed in the APEX 4.0.1 patch set.

    Thanks again for reporting this.

    Joel

  • Reuse of Session Ldap at Apex

    Hello community,

    I have a problem to record the ldap at the Apex. I know, there was another post on this forum, and the solution was to save the Session in an App-Item.

    But I can't change my authentication scheme / authentication service name, because the function wait only two parameters (USER/password) and a boolean return value.

    So I can not add an OUT parameter to save it in an App-item, or return a dbms_ldap.session... What can I do?

    Sorry, my English is not ;-) and my German

    Thank you very much!

    SSE

    Hi HSE.

    If you want to do in APEX, you must create and destroy an LDAP session on each request where you do a call dbms_ldap. There is no way to store the LDAP session and use it again on the next request. However, you can save the P101_USERNAME and the P101_PASSWORD in session state and use them to create the session. Make sure that not to re - these items during the connection. Normally, the password does not save state. You define it is "does not save the State" attribute 'No' and setting 'store the value encrypted in session state' to 'Yes' is also a good idea.

    Kind regards
    Christian

  • Error handling/Session Timeout with APEX & Ajax / Javascript

    In our project, we have the problem, what a session timeout can occur when the user stays on the same page and a jQuery/JavaScript/ajax process is used.

    If a request for action called in a popup ajax without an active session process the HTML for the login page is the user.

    How a management capable errors that no html will be displayed in the pop-up window?


    Further there are external JavaScript files which need to read the content of elements of the application.
    Is there an elegant/small/reusable way to get the value of the elements of the application?
    The & APP_ID. The syntax does not work in external JS files.

    Hi Oliver

    Personally, I think that if you get a timeout that the popup is closed and your parent page is redirected to the login page. By using a cheque as a reminder of the success/error during an AJAX call you inspect the xhr.responseText to work if you have received a timeout would be recommendation and if found close the context menu, and then assign him the login page window.location.

    However for AJAX calls not you will face a problem. In this case, you need a script in your login page that checks the window.opener and if so close the popup and sets the window.location opener to your login page. for example, I would like to add something like this to your header login page or login page model header.

    Note: only tested on FF. In addition, the javascript above is just a very basic example and will close all popup which displays the login page and reload the parent with the login page. It can lead to an undesirable feature for web pages open your app in a popup, since it will be automatically shut down and recharge the calling page that could frustrate people. In this case, you will need to add more conditional logic in the script to check the current window.opener.location to check if the URL is for your application and then perform the close and reload action.

    Of course, there are other ways to manage what is happening it is just an option I would like to Explorer.

    If you need to read the values of the elements of application not page elements in javascript, you need to add a script to your page footer that defines these example

    To get the value of an element of the application:

    apex.appItem('MY_APP_ITEM1');

    In the script above the request item values are secure prevent changes since they are accessible through the service such that they are defined as local variables to the breast. The only issue you will face access the value of an element of application which is been updated in session state by a process of AJAX. With the help of local values printed on the page rendered as it can get out of sync. If your item applciation values include line breaks or double quotes then you must escape them, if you need this support use a region of page PLSQL and escape the output after JSON script item values.

    In the example I use apex Namespace, some people may argue it's a bad habit, but for me, I like to keep everything apex linked together. He has pro of / jerks to the argument, if the decision is yours.

    Note: the reason to add the script to your footer must ensure that the values of point of application have been in session state, before they are issued.

    The previous post of VC is the right way to access the elements of the entry page and DOM values.

    See you soon
    Matt

  • Sessions of the apex to the upcomig WORLD Kscope11 question

    Hope that this applies to ask here, but I see that there are a good number of sessions Apex at this WORLD conference and see a few familiar names I've learned a lot about the format of this list. No one knows if they ever sessions of the Conference such as these on a webcast? I tried to put a note on the WORLD site, but thought I would also ask here. Due to economy travel budgets are tight. It would give another option to learn some new exciting topics and how to apply the Apex, in tight budget times.

    Thank you
    Mark

    Hi Mark,

    WORLD is sometimes webinars, see http://www.odtug.com/apex/f?p=500:235:0:P235_NEWS_ID:3061 (14 June there is an APEX one by Dan McGhan). Not necessarily exactly the same as the Conference.
    Redgate offers free webinars now and then, for instance https://www2.gotomeeting.com/register/251093450 (APEX for Mobile).
    Skillbuilders (where Dan works) also offers free online seminars, see http://skillbuilders.com/

    But the best thing is to be in Long Beach, of course...

    Concerning
    Roel

  • Session of the APEX Collection is specific

    I think I know the answer to that, but I want to be 100% sure. My application is using a collection that is filled and then the SQL source for the region. What happens if two users run the application at the same time? Will I run into any problems, or is a local colleciton for each specific Apex session?

    Thank you!

    Hello

    The collection's application and specific session

    Kind regards
    Jari

    Published by: jarola on October 28, 2010 20:05
    >
    Collections allow you to temporarily capture one or more non-scalar values. You can use collections to store the rows and columns of session state so that they are accessible, manipulated or treatment during the user's specific session. You can consider a collection like a bucket in which you store temporarily and name the lines of information.
    >
    http://download.Oracle.com/docs/CD/E17556_01/doc/apirefs.40/e15519/apex_collection.htm#CACFAICJ

  • How do I change time of Session expires in APEX?

    Greetings,

    I'm developing in APEX 3.2.

    Every few minutes while I develop, I have to log in again, it becomes tedious everyday having to connect 100 times.
    So I would like to know where I can change the time that the session times out, so I can't change tom some great value, let's say like 8 or 12 hours.

    I would also change the time that a regular user can also stay connected in case he has a little time for the session expires, and since I test everything I develop would also be great not to have to you connecting every few minutes when I'm testing something.

    I have check the scene, I remembered it in the preferences of the user and administration, but outside valid acount i didn t find anything.
    Thank you all,

    Best regards


    My home page

    Published by: Igor Carrasco on April 24, 2009 13:18

    Hello

    See this link, Patrick he explained step by step...

    [http://www.inside-oracle-apex.com/is-your-oracle-apex-session-timing-out/]

    See you soon

    Ben

  • How to create a session of apex in example of SQL * more?

    I would like to establish a session to the apex with a different tool for SQL Workshop.

    How can I achieve this for example using SQL * Plus or SQL Developer?

    Is there a document on the internet that answers this question? I couldn't even find.

    Martin Giffy Souza on Oracle APEX: how to create a Session of the APEX in PL/SQL

  • What is a session in APEX?

    The definition and the functionality of a ' * session * "in the apex, the same as with other web development platforms?

    While each session is only linked to a customer?

    and session variables last for the duration of the session?

    Hello

    Take a look at the section "what is a session" in the documentation.

    http://download.Oracle.com/docs/CD/E14373_01/AppDev.32/e11838/concept.htm#BCEDJAIH

    Hope this helps,

    John.
    --------------------------------------------
    Blog: http://jes.blogs.shellprompt.net
    Work: http://www.apex-evangelists.com
    Author of Pro Application Express: http://tinyurl.com/3gu7cd
    AWARDS: Don't forget to mark correct or useful posts on the forum, not only for my answers, but for everyone!

  • Session number 0 on Apex 3.1.2 (and earlier?)

    Hello!
    We face a serious problem with the function of "session 0" on Apex 3.1.2. We have to use this function because our applications are highly dependent on their listing.
    That's why we built some apache rewrites in the form of:
    ...
    RewriteRule ^ / criterion1_([A-Z,a-z,0-9].*)$ http://%{HTTP_HOST}/pls/dad/f?p=APP_ID:APP_PAGE_ID1:0: PAGE_ITEM1: $1
    RewriteRule ^ / criterion2_([A-Z,a-z,0-9].*)$ http://%{HTTP_HOST}/pls/dad/f?p=APP_ID:APP_PAGE_ID2:0: PAGE_ITEM2: $1
    ...

    All in all it works quite nice...
    ... Expect a serious error:

    When first calling the first rewrite and then call the second, the value of the PAGE_ITEM1 is stored a deportation. Is not occure without the functionality of session 0, because the values depend on the session and without a given session id it will be a new session created.

    Some examples of 'life ':
    Part 1.
    http://www.endlichferien.NET/country_Deutschland/region_Nordsee - > 676 (currently) lines
    http://www.endlichferien.NET/country_Deutschland/region_Ostsee - > 139 (currently) lines

    Part 2.
    http://www.endlichferien.NET/country_Deutschland/region_Nordsee/type_Ferienwohnung-> 379 lines
    http://www.endlichferien.NET/country_Deutschland/region_Ostsee/type_Ferienwohnung-> 119 lines

    So far so good:
    Now, try again part 1: you will encounter fewer results, because the definition of "type_Ferienwohnung" is stored in the session 0...
    For our business case, it is very important to get accurate results, because customers will not understand the issues described...

    Someone at - he met the same or a similar problem?
    Y at - there ideas for a solution?

    Thanks in advance for your interest...

    Kindly
    Alex

    Hello

    However, I think that it is JUST a workaround. Do you agree?

    Not really a work-around No... It's more the fact that you try to use the Session 0 for several end-users and it then session state are "collision" from your point of view (although it works as advertised in this sense).

    Basically, the situation is, you want Google bot to follow the link of the zero session, so that you get consistent, indexing and ranking. However, for end users access users should be able to click on the different links and their session state follow the autour etc, correct?

    One option that jumps on me, is to extend your rewrite rules so that all incoming requests of Googlebot follow the session 0, but request the user final (i.e. not Googlebot/other spiders) have instead a real session generated/associate at their request (in other words do not specify zero for users). In this way, you get the best of both worlds.

    I made a fair assessment of your situation? Or am I missing some point bottom line here? (It's possible... it's Friday and it's been a week of oh-so-long).

    John.
    --------------------------------------------
    Blog: http://jes.blogs.shellprompt.net
    Work: http://www.apex-evangelists.com
    Author of Pro Application Express: http://tinyurl.com/3gu7cd
    AWARDS: Don't forget to mark correct or useful posts on the forum, not only for my answers, but for everyone!

  • Expiring sessions / are invalidated too early

    Hi all

    We have recently updated Apex 5.0.1 bug tracking application. Since then users complain to pass that their session expired error message and need to re-login, although they work constantly with the application and have not been idle. The behavior is not reproducible on demand. The application property 'Session duration in seconds Maximum' is set to dry 28800 (8 hrs), "Maximum Session Idle Time in Seconds" is set to 10800 seconds (3 hours). Neither value is reached, the problem sometimes happens also after working with the app for a few minutes only. The authorization scheme used by the application is set to "Invalid Session name of the procedure" pointing to a procedure that doesn't include that of:

    procedure invalid_session_proc is

    Start

    (wwv_flow). Show

    p_flow_id = > v ('APP_ID').

    p_flow_step_id = > 'LOGIN '.

    );

    apex_application.stop_apex_engine ();

    end invalid_session_proc;

    If the user simply is redirected to the login page.

    Questioning apex_050000.apex_workspace_activity_log I found two types of entries:


    one)

    ERROR_MESSAGE ERROR_ON_COMPONENT_TYPE ERROR_ON_COMPONENT_NAME APEX_USER

    person is ORA-20987: APEX - your session has expired - contact the administrator of the application.    WWV_FLOW_SECURITY FINAL_EXCEPTION_HANDLER

    APEX_USER is sometimes even vacuum!

    and

    (b)

    ERROR_MESSAGE ERROR_ON_COMPONENT_TYPE ERROR_ON_COMPONENT_NAME APEX_USER

    [email protected] ORA-20987: APEX - your session has expired - click < a href = "f? "p = 109:1:NO:" > here < /a > to create a new session.    WWV_FLOW_SECURITY FINAL_EXCEPTION_HANDLER

    I guess b type entries are created during a timeout values is reached, but why don't Apex sometimes think that the sessions are invalid / expired, even if they are still valid and product entries of type has?

    Someone has any advice on how to better analyze this problem? Because it cannot be replicated on demand, preferably a mechanism of the Protocol would be necessary which can be analyzed for example every day.

    No one can describe the algorithm that apex is used to determine that a session is valid or point to the documentation?

    Some setup information:

    * Apex version: 5.0.1.00.06

    * DB version: 11.2.0.3.0

    * Version of ADR: 2.0.10.289.08.11

    * Version of the glassfish server: 3.1.2.2 (generation 5)

    Any help will be greatly appreciated.

    Kind regards

    Christof

    Solution: the problem was caused by the browser asking favicon.ico when you open a file in a new browser window/tab instead of download. In our production environment, we use an Apache Web server as a frontend for Glassfish. In the Apache conf files a rewriting rule has been defined that redirect each attempt to a file in the root of the document to the login page of our Apex application. This of course also applied to favicon.ico, then all requests for this file invalidated the session of the Apex. After changing the configuration so that redirected requests for favicon.ico is no longer the problem disappeared.

  • Application SSO between the APEX and application non-APEX

    Hello

    In most of the forums I found information on how to implement SSO between 2 APEX applications. Anyone know if it is possible to implement SSO between one APEX application and a non-APEX?

    If it is possible, a usefulness of links?

    I understand APEX handles session management and also creates the session in a DB table. This session can be created in another application?

    I'm mainly looking for on the SSO application between an application built on AngularJS/NodeJS with APEX.

    Thank you

    Hi 1467086,

    1467086 wrote:

    Please change your login username of "1467086" to something meaningful. Reference: Video tutorial how to change username available

    In most of the forums I found information on how to implement SSO between 2 APEX applications. Anyone know if it is possible to implement SSO between one APEX application and a non-APEX?

    If it is possible, a usefulness of links?

    Without providing you details, members of the forum can not say. See: How to get answers from the forum

    Please include information on enforcement non-APEX thus.

    I understand APEX handles session management and also creates the session in a DB table. This session can be created in another application?

    Can you "another application" run PL/SQL.

    If yes then refer: Martin Giffy D'Souza on Oracle APEX: how to create a Session of the APEX in PL/SQL

    I'm mainly looking for on the SSO application between an application built on AngularJS/NodeJS with APEX.

    AngularJS is intended for the side (browser) interaction rich client with the user. But, NodeJS can provide you with the functionality you need.

    danmcghan-Oracle has previously worked with AngularJS and has now tapped into NodeJS with his excellent blog on https://jsao.io/, it can guide you on how to go about using NodeJS.

    I hope this helps!

    Kind regards

    Kiran

  • Recomendations for autonomous apex or glassfish server for 10 concurrent users thousands

    Hi all

    We are a medium enterprize with 15 thousand users.

    We intend to develop a mobile application using apex.

    I think that apex performs a dedicated connection to the database like oracle forms. so if 10 thousand users open mobile applications, this means that 10 thousand users are connected to the database at the same time.

    Am I wrong?

    If so, then let it be stand-alone mode would be able to serve in this case?

    How much RAM we required for such a charge?

    I would like to ask a question at a time, but these questions are a little research related to me, that's why I post in a thread.

    Thank you.

    Kind regards.

    Hi Maahjoor,

    We are a medium enterprize with 15 thousand users.

    We intend to develop a mobile application using apex.

    I think that apex performs a dedicated connection to the database like oracle forms. so if 10 thousand users open mobile applications, this means that 10 thousand users are connected to the database at the same time.

    Am I wrong?

    No, the session of the APEX is a dedicated connection to the database. Session of the APEX is independent of Session data, for each new request a database connection is created and abandoned when finished.

    If so, then let it be stand-alone mode would be able to serve in this case?

    What standalone mode are you talking about? Oracle remains Data Services (formerly APEX Listener) as a web server in standalone mode?

    If Yes, then it is not recommended to Oracle:

    Reference: running in stand-alone Mode that says:

    "Stand-alone mode is suitable only for development purposes and is not supported for use in production deployments. Use a taken J2EE application server supported for production deployments.

    You should always go for ADR deployed to one of the recommended Java EE application server. (Oracle Weblogic Server/Oracle Glassfish Server/Apache Tomcat)

    How much RAM we required for such a charge?

    The answer to this question is arbitrary. It is not only the RAM you should be concerned. It is on what architecture (hardware and software), you must go.

    This Article in Oracle Magazine by Mike Hichwa will help you: Browser-Based: Sizing Up Performance

    I hope this helps!

    Kind regards

    Kiran

  • Use of multiple instances of the same browser...

    Hi people,

    I have a question...
    I inherited a large APEX application, it uses Oracle SSO to log.

    We are migrating the application to a new set of servers and run regression tests.
    Testers are connecting using IE6 and multiple instances of the application both on the oldTest newTest servers and opening.

    If at some point, you can:
    an application Admin user (username ADMINTEST123)  logged into the application on oldTest
an application Admin user (username ADMINTEST123)  logged into the application on newTest

an application standard user (username TEST123)  logged into the application on oldTest
an application standard user (username TEST123)  logged into the application on newTest
    Is this supported?

    Could someone tell me or direct me to the documentation or the thread that lists which is supported / unsupported for use of browser with APEX and SSO?

    Thanks in advance,
    Gus...

    So this can I conclude that what you say and the above results we could get questions if connection users and open new windows in this sense?

    Yes, if users connect or not, if requests for pages using the same session of apex are issued different browser instances, the results may be undesirable.

    Scott

  • load image of cod in the browser.

    Hello

    I have a content browser (rendering app) in my application. I would like to direct the url to a file that is included in the /images/ folder that compiles with the Cod. I tried using "file:///images/image.png", and it doesn't seem to work. How can I speak on this subject, is it possible?

    See you soon,.

    Chris,

    ****************************************************************

    The folder structure

    CBC-------.

    ... pic.gif

    ... com-------.

    ... Rafael - \FileDemo.Java

    ****************************************************************

    The code to open the file local image:

    package com.rafael;

import java.io.*;

import net.rim.device.api.system.*;import net.rim.blackberry.api.browser.*;

class FileDemo extends Application {

    public static void main(String args[]) {

        FileDemo theApp = new FileDemo();

        theApp.enterEventDispatcher();

    }

    public FileDemo() {        BrowserSession session = Browser.getDefaultSession();        session.displayPage("cod://test/pic.gif" );     }}

    If I put pic.gif in an additional nested folder - code will not work, even I specify this folder nested within the url. File must be located in the root of your package folder structure.

    Note that the location of the file is made up through rule:

    Cod://CodModuleName/filename.ext

    This example of code compiled into the test.cod file. And because of this, there is 'test' word specified in the location of the file.

Maybe you are looking for