Database Account Credentials Authentical Failure

Hello All,
I've set my Authentication Scheme in APEX to Database Account credentials (I have Oracle 10+ installed). However, when I login I get the following errors. Can someone please advise?
ORA-28007: the password cannot be reused
ORA-06512: [b]at "FLOWS_020200.WWV_FLOW_SECURITY", line 221
ORA-06512: at "SYS.WWV_FLOW_VAL", line 49
ORA-06521: PL/SQL: Error mapping function
Error ERR-10480 Unable to run authentication credential check function.
Thanks

Hi Scott:
Thanks for the clarification with Default User profile.
In my database, the authetication works for all the profiles that have DEFAULT PROFILE. However, doesn't work for DB accounts that don't belong to DEFAULT profile(these users have profile called ENDUSER_PROFILE).
So, how and where can I define multiple profiles as VALID for the Database Account authentication?
Thanks for your help!
Muni

Similar Messages

  • Database Account Credentials

    I have the following questions:
    1. I currently have APEX 2.0 in 3 databases. How can I upgrade them to APEX 2.2? APEX 2.0 uses the tablespaces called HTMLDB and FILES.
    2. How can I use database account credentials in APEX 2.2? Is there any detailed instruction on the Website?
    Thanks.
    Andy

    Download 2.2 and use the upgrade installation option. I don't understand the part about tablespaces.
    About the authentication scheme, just create an authentication scheme and select the new method and try it out.
    Detailed instructions on the website? What website or URL?
    Scott

  • Database Account Authentication to a few users.

    Good Morning, apex teachers.
    I have one more doubt about apex.
    This time is related to Database Account Authentication.
    I was wondering if it would be possible to filter which database users
    can logon to my application?
    For instance I have this users on my database: John, Paul, Ringo and George.
    But I only want to John and Paul be able to logon, if Ringo or George try to
    do the same, they would have their access denied.
    Thanks for all the help you guys have been giving to me.
    Regards, Leandro Freitas.

    "Database Account Credentials
    Database Account Credentials utilizes database schema accounts. This authentication scheme requires that a database user (schema) exist in the local database. When using this method, the user name and password of the database account is used to authenticate the user.
    Database Account Credentials is a good choice if having one database account for each named user of your application is feasible and account maintenance using database tools meets your needs"
    You are trying to use schemas or do you have a table with the beatles users and passwords? Don't let Ringo out man... ;)

  • Database authentication & database account profiles

    Hi,
    Is anyone aware of any sample applications that uses database acccount profiles for password policies like ageing, length, reuse and so on.
    I've searched the forums but havn't found any links
    Has anyone experience in this field
    Many thanks
    Pete

    Roger,
    The authentication code and the general steps to hook it up are posted in this thread: Re: Custom Authentication
    As far as checking profile settings and account status, I would run these checks in processes on your after-login page. If there are exceptions, the user can respond to them on that page. If there are no exceptions, the page should branch to the start-of-application page of your choice. How you access this profile/account information for the authenticated user is up to you to figure out. Keep in mind that you will not be connected as the database account you authenticated against, so there is really no "active" profile involved. Your application's parsing schema will need to be granted access to whatever dictionary views it needs for this purpose.
    Good luck,
    Scott

  • Database Account and User Groups

    Hello,
    Currently, I am using DATABASE ACCOUNT for an authentication scheme for all of my applications but, I would like to setup User Groups as well to limit users to thier prospective pages and/or objects within the application for easy maintenance of users. I have read that, in order to apply user groups in an application, you must use APPLICATON EXPRESS ACCOUNT credentials.
    Another developer has modified the "APEX_ACCESS_CONTROL" table with an additional column(s) that would allow access to specific pages. I am not sure if this is good practice to modify Apex tables.
    Is there a way to create user groups while using DATABASE ACCOUNT for authentication? What is the best practice in a case like this?
    Can anyone please shed some light on this? Thanks.
    - Dee

    Dee,
    I would like to setup User Groups as well to limit users to thier prospective pages and/or objects within the application for easy maintenance of users.I'm not clear on what your purpose is, just runtime authorization, or something more?
    Another developer has modified the "APEX_ACCESS_CONTROL" table with an additional column(s) that would allow access to specific pages. I am not sure if this is good practice to modify Apex tables.Those tables belong to your application's parsing schema and they are accessed only by code in applications you develop. The Application Express machinery knows nothing about them.
    Is there a way to create user groups while using DATABASE ACCOUNT for authentication?You can create your own tables to define groups and to keep track of which named accounts belong to which groups. And you can write an API for applications to use to query this information and to maintain it from custom applications built for that purpose.
    All

  • The test couldn't sign in to Outlook Web App due to an authentication failure. Extest_ account.

    Hi.
    I'm using SCOM 2012 R2 and have imported the Exchange server 2010 MP.
    I have runned the TestCasConnectivityUser.ps1 script and almost everything is okay except for the OWA test login.
    The OWA rule is working for some time until (I think) SCOM is doing a automatic password reset of the extest_ account. Then I get the OWA error below. The other test connectivity are working. Any suggestions.
    One or more of the Outlook Web App connectivity tests had warnings. Detailed information:
    Target: xxx|xxx
    Error: The test couldn't sign in to Outlook Web App due to an authentication failure.
    URL: https://xxx.com/OWA/
    Mailbox: xxxx
    User: extest_xxx
    Details:
    [22:50:08.936] : The TrustAnySSLCertificate flag was specified, so any certificate will be trusted.
    [22:50:08.936] : Sending the HTTP GET logon request without credentials for authentication type verification.
    [22:50:09.154] : The HTTP request succeeded with result code 200 (OK).
    [22:50:09.154] : The sign-in page is from ISA Server, not Outlook Web App.
    [22:50:09.154] : The server reported that it supports authentication method FBA.
    [22:50:09.154] : This virtual directory URL type is External or Unknown, so the authentication type won't be checked.
    [22:50:09.154] : Trying to sign in with method 'Fba'.
    [22:50:09.154] : Sending HTTP request for logon page 'https://xxx.com/CookieAuth.dll?Logon'.
    [22:50:09.154] : The HTTP request succeeded with result code 200 (OK).
    [22:50:09.373] : The test couldn't sign in to Outlook Web App due to an authentication failure.
    URL: https://xxx.com/OWA/
    Mailbox: xxx
    User: extest_xxx
    [22:50:09.373] : Test failed for URL 'https://xxx/OWA/'.
    Authentication Method: FBA
    Mailbox Server: xxx
    Client Access Server Name: xxx
    Scenario: Logon
    Scenario Description: Sign in to Outlook Web App and verify the response page.
    User Name: extest_xxx
    Performance Counter Name: Logon Latency
    Result: Skipped
    Site: xxx
    Latency: -00:00:00.0010000
    Secure Access: True
    ConnectionType: Plaintext
    Port: 0
    Latency (ms): -1
    Virtual Directory Name: owa (Default Web Site)
    URL: https://xxx.com/OWA/
    URL Type: External
    Error:
    The test couldn't sign in to Outlook Web App due to an authentication failure.
    URL: https://xxx.com/OWA/
    Mailbox: xxx
    User: extest_xxx
    Diagnostic command: "Test-OwaConnectivity -TestType:External -MonitoringContext:$true -TrustAnySSLCertificate:$true -LightMode:$true"
    EventSourceName: MSExchange Monitoring OWAConnectivity External
    Knowledge:
    http://go.microsoft.com/fwlink/?LinkID=67336&id=CB86B85A-AF81-43FC-9B07-3C6FC00D3D42
    Computer: xxx
    Impacted Entities (3):
    OWA Service - xxx, xxx - xxx, Exchange
    Knowledge:     View additional knowledge...
    External Knowledge Sources
    For more information, see the respective topic at the Microsoft Exchange Server TechCenter
    Thanks
    MHem

    Hi,
    Based on the error, it looks like an OWA authentication failure.
    Have you tried post this to LYNC forums?
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • APEX Database Account Authentication Problem

    Hi There
    I'm developing an application in APEX 3.1 on top of an Oracle 10g database. The schema account ABC has full control of all objects but additional users have been added USER1 for example. When I set the authentication of the APEX application to Database Account I am able to login as ABC but not when I use USER1. The errors I receive are:
    ORA-28007: the password cannot be reused ORA-06512: at "APEX_030200.WWV_FLOW_SECURITY", line 248 ORA-06512: at "SYS.WWV_FLOW_VAL", line 55 ORA-06521: PL/SQL: Error mapping function
    ERR-10480 Unable to run authentication credential check function.
    I haven't used any custom funtions, pages or procedures, even tried starting a new app from scratch and still am not able to login.
    Thanks
    Daniel

    Thanks Varad, but I was able to log in to PL/SQL Developer using the USER1 credentials. I have found the problem though, the Oracle database was an older version than this APEX functionality could work with. We upgraded the database and now I can log in fine.

  • Connect to DataBase programmatically with Integrated Security in SharePoint - which account credentials are used?

    Hi to All!
    I have a simple question. I connect to DataBase programmatically, using SqlConnection and Integrated Security in connection string. It works! But I cannot understand -  which account credentials are used? My Windows account(under which I was logged
    in) or NetworkService Account, or something else?
    If I was logged in as FBA user in SharePoint - what in this case?

    Hi MaryBath,
    When you use integrated security = true it means the same as integrated security = SSPI and in this case the current Windows account credentials are used for authentication and if you set the integrated
    security = false you have to provide UserName and Password . so for your question it uses the current windows account credentials.
    here is the Microsoft link for the same...
    https://msdn.microsoft.com/en-us/library/system.data.sqlclient.sqlconnection.connectionstring(VS.71).aspx
    If your code is executing on server in SharePoint (in webparts or features or application page). it will take the windows account of the server to connect to the database because all are executing on server not on client machine. your
    login credentials has nothing to do with it.
    Note: there are 2 authentication Windows Authentication and SQL Authentication so make sure that on database windows authentication is enabled (it will only work when windows authentication is enabled....
    Please 'propose as answer' if it helped you, also 'vote helpful' if you like this reply.

  • How to create an database account authentication scheme in apex

    Dear
    I have an apex installation (embeded) on oracle 11g.
    I want to create a database account authentication scheme in apex. I have seen the page with different tab like name,subsription,source,session not valid, login processing, logout URL,session cookie attributes and comments.
    I want to know what are the things to be specifed on these tabs and the effects. I have gone thru the documentation 'Application Builder User’s Guide Release 4.1' , but the functionalities of these tabs are not mentioned.
    Please help.
    Dennis
    Edited by: Dennis John on Feb 28, 2012 10:57 PM

    Thanks to dear Jit
    I am new to apex.
    I have gone thru that documents but I couldn't find any detailed documentation about the database account authentication scheme configuration
    The database account authentication scheme creation interface will show tabs like name,subsription,source,session not valid, login processing, logout URL,session cookie attributes and comments.
    I want to know what are the things to be specifed on these tabs and how it will reflect in the login. The specified documentation is not giving any detail about the above mentioned tabs of authentication scheme creation iwizard.
    And also I want to know how the applciation user will be mapped to the database account?
    As per my understanding a database user (for each run time user) is required for to authenticate the apex run time login other than the applciation schema user (holds the objects of applicaiton)
    run time user means - end user who uses the applcaition, not the developer.
    Please help.
    Dennis

  • Authentication using database accounts (EJB)

    Hi.
    I'm developing a web app(struts, jsp). Users should log-in using their Oracle
    database accounts (created with CREATE USER ...). Is it possible to accomplish that using EJB? How?
    I've read that i can somehow map application server's users with database users
    using sql authentication providers: Wouldn't then sql queries made by ejbs
    still be executed with the same user every time?

    Normally application servers use a shared login to allow using a shared connection pool, and avoid the cost of logging in and out.
    Are you using JPA or the native TopLink API? Are you using JTA?
    TopLink / EclipseLink have several features for user logins.
    You can use Oracle proxy connections, these allow a shared connection pool to be used, but allow setting a proxy user on the connection.
    See, org.eclipse.persistence.config.PersistenceUnitProperties.ORACLE_PROXY_TYPE
    You can also use real database logins with JPA (or ServerSession) through using a JPA EntityManager properties or a ConnectionPolicy.
    See, org.eclipse.persistence.config.EntityManagerProperties, org.eclipse.persistence.sessions.server.ConnectionPolicy.
    You also have the option of using a shared login for reads, and a user login for writes.
    If you are using the native API, you can also use DatabaseSessions.
    James : http://www.eclipselink.org

  • Authentication Scheme - Database Account with login user exists in table

    Hi all,
    I m new to APEX. Could anyone tell me how can i modify the authentication scheme to validate the user by Database Account DB user & password, also the username must exist in a table
    As the DB is not only designed for one application, so DB account may incl. DB users more than the users who can access the APEX application. So I must check the user name exists in a table also.
    Thx.

    Scott,
    I try to save the msg in application item and set the message by application item in process before header, it works perfect. The message display as what i want :)
    One more question is i would like to give this link to user will go let the user go to the target page and can edit the page without doing any searching b4.
    http://XXX/apex/f?p=115:3::NO:::P3_ID:82
    If the user hvnt login, system will prompt login page, after the user login it, it will direct go to the target page. I have try if the user type in a wrong username / password it still work after i retype a correct one. The page can redirect to the target page.
    However, if i type in a user name & password is correct but not exist in my define table like what i stated b4. Then i type in a correct one I can just go to page 1 instead of the target one.
    How can i do the same thing?
    Sorry for non-stop questioning, but pls help. Thanks a lot.

  • Authentication failure for zone 1 error

    We did some cleanup of old user accounts in our edir tree and after that I noticed a whole bunch of error messages on our catalina.out file. Problem is the error message does not specify what account it is looking for so I do not know what account I need to restore/recreate. Vibe seems to be working okay so I'm not sure what is broken with this account missing. Error message reads:
    2014-01-18 18:38:02,429 WARN [http-8443-55] [org.kablink.teaming.module.authentication.impl.Aut henticationModuleImpl] - Authentication failure for zone 1: org.springframework.security.userdetails.UsernameN otFoundException: User account disabled or deleted; nested exception is org.kablink.teaming.security.authentication.UserAc countNotActiveException: This account has been disabled or deleted.
    We are running on Vibe 3.4.0. Any help in identifying the account needed would be much appreciated.
    Thank you,
    Ronnie

    This looks okay.  An authFail indicates that someone is polling this device with the wrong community string.  Check x.x.x.x to make sure there aren't any applications polling this device with wrong credentials.
    Something else to note is that you should not be using '@' in your community strings.  While this shouldn't really matter for routers, it's a good rule of thumb not to use '@' on Cisco devices as that character is reserved for community string indexing.

  • LSASS.exe Authentication Failure ever 30 minutes

    I'm getting two authentication failures every 30 minutes from lsass.exe on various ports (changes every time). The attempted authentication is for the admin account, which was recently changed. This is sourced from the server back to the server on either 127.0.0.1 or the server's IP. Anyone have any idea on this?
    This topic first appeared in the Spiceworks Community

    Verify your RADIUS configuration with the Test button on the AAA Server Groups configuration screen. Once you supply a username and password, this button allows you to send a test authentication request to the ACS server.
    Choose Configuration > Remote Access VPN > AAA Setup > AAA Server Groups.
    Select your desired AAA Server group in the top pane. Select the AAA server that you want to test in the lower pane. Click the Test button to the right of the lower pane. In the window that appears, click the Authentication radio button, and supply the credentials with which you want to test. Click OK when finished

  • Intermittent AD Authentication failures in ISE 1.2

              Starting today I was getting intermittent authentication failures in ISE. It would say that the user was not found in the selected identity store. The account is there though. At one point I ran a authetication test from the external identity source menu and I got a failure and then the next time a pass. I have no idea why this is happening. I just updated to ISE 1.2 the other day. I'm also seeing what looks like a high level of latency on both of my PSN's. Is this normal?  Any ideas?
    Thanks
    Jef

    Interesting. I have one location that is not having this problem at all. The other is having it somewhat frequently. The PSN's for each location are tied to the local AD servers. I have not had this until we started getting 300-380 PC's connecting. We are a school so we are slowly getting started. It's real random. One user will work then another time they won't. Happens with admin and user. I have notices that with this new version of ISE it is complaining that it is getting accounting updates from the NAS too often, but I have not looked into this because I just installed 1.2 about 3-4 days ago and haven't had time to look into it.
    When you say Multicast to you AD...how did you check that? We do use multicast.

  • SSO Database Store not authenticating

    Hi Everyone,
    Iam trying to use the Microsoft SSO Database to try authenticating to SAP NetWeaver Portal for content integration.
    The SAP user id is configured with password , we are able to use these credentials and login to SAP Portal.
    But when we are launching the iView WebPart - it is passing the j2ee_guest user id and the page in not displayed in Sharepoint - either it goes into a loop / it is giving the iView Runtime Error ( log files in portals shows the j2EE_guest user details).
    Any idea what am I missing here?
    Thanks,
    Uma.

    Thanks William.
    This is the logs Iam seeing in the sharepoint side , when we are trying to view the SAP WD iView in WebPart.
    Iam not sure whether the sso store in MS Portal needs some change - Can suggest ?
    9/22/2009 8:50:03 AM OWSTIMER.EXE (0x0974) 0x0C7C Windows SharePoint Services General 8e25 Medium Failed to look up string with key "DistributionLists_Alias", keyfile core. 
    9/22/2009 8:49:33 AM SSOSRV.EXE (0x1540) 0x0B70 SharePoint Portal Server SSO 0 Medium Destroying CSessionEx 
    9/22/2009 8:49:33 AM SSOSRV.EXE (0x1540) 0x0B70 SharePoint Portal Server SSO 0 Medium Destroying CCommandEx 
    9/22/2009 8:49:33 AM SSOSRV.EXE (0x1540) 0x0B70 SharePoint Portal Server SSO 0 Medium SSO config data in the db is up to date 
    9/22/2009 8:49:33 AM SSOSRV.EXE (0x1540) 0x0B70 SharePoint Portal Server SSO 0 Medium Provider=SQLOLEDB;Extended Properties='Server=WTCA0029MOSS01;Database=SSO;Trusted_Connection=yes;App=Windows SharePoint Services;Timeout=15'; 
    9/22/2009 8:49:33 AM SSOSRV.EXE (0x1540) 0x0B70 SharePoint Portal Server SSO 0 Medium CSsoResourceManager succeeded in getting the connection string 
    Thanks,
    Uma.

Maybe you are looking for


HashFlare