401 Authentication in Apex 4.0

Similar Messages

• Custom Authentication in Apex 4.2

  Hi,
  I am trying to create a custom authentication scheme in apex 4.2. I have a database table which have username and password in it. I am using a function which returns Boolean after checking the username and password. I have checked it from toad and it works fine. But, when i am calling it from custom authentication it doesn't work.
  How can i configure this custom auth into my application,
  Thanks,

  Hello,
  Can you please provide more details. What is not working?
  Have you created new authentication scheme? Before this, does your application had any authentication scheme?
  Best case - create sample application in apex.oracle.com and post credentials so we can have a look
  Useful blog entires.. Custom Authentication in APEX and How to setup Custom Authentication in Oracle APEX
  Regards,
  Hari
  Edited by: Hari_639 on Apr 27, 2013 7:56 PM

• How to enable LDAP authentication for APEX

  How do I enable LDAP authentication for APEX 4.2? Thank for your help.
  Kevin

  you need to create new authentication based on predefined LDAP authentication from shared components => Authentication
  and provide your company LDAP authentication credentials

• 401 authentication in URL-Services?

  It seems that I cannot get URL-services to use basic-realm (401) authentication. Am I missing something, or is this a missing feature?

  I would call it a missing feature. I can configure an external application to use basic (401) authentication. Why is it that url services has this limitation if it is using the external app configuration to send login information.
  If it's not a missing feature it should be, and I for one would like to see it implemented.
  Clint

• Changing log in- authentication in Apex 3.0 but saying user id

  I created two applications using Apex 3.0, (not my choice , this is what client has)
  Each application has a log in page. When a user updates a page it uses a trigger to insert the users ID and the current timestamp on the record.
  The user asked me to have a common menu that calls both of these applications. I need to have a log in page at this common menu level because some users only have access to one of applications. I did this. Everything works fine. Except every time the users moves back and forth between main menu and application they have to sign in again.
  So, I changed the pages on the two applications to not require authentication. So now, user logs in once at main menu. Depending on their user id they either see
  two applications or one or the other. This works.
  The problem now is that when they go to update a record, the application no longer has their user id and all records get updated with the word 'nobody'.
  Any ideas on how to get around this? Not have the users log in each time they go between main menu and applications but still save the user id for update? Apex 3.0 has page items, I dont see anything like an application item
  thanks

  Assuming the applications you have are all located in the same workspace, you could go to Shared Components > Authentication Schemes of each application and under the
  Session Cookie Attributes > Cookie Name enter some name (SSO_COOKIE for example) which should be the same for all application. Now, your applications will not require a new login. Logging into any of those applications only once will do the job.
  Denes Kubicek
  http://deneskubicek.blogspot.com/
  http://www.apress.com/9781430235125
  http://apex.oracle.com/pls/apex/f?p=31517:1
  http://www.amazon.de/Oracle-APEX-XE-Praxis/dp/3826655494
  -------------------------------------------------------------------

• How to create a custom authentication in APEX?

  Hello
  I have little experience in APEX and i'm trying to create a custom authentication for a new application i'm developing. I've tried to follow other posts replies but no success...
  I already have a table for usernames and passwords - let's call it table_users - having the following fields: ent_id, ent_username, ent_password and ent_type. I don't need a form in my application to insert new users; only give users access to change their own password.
  How can i create a custom authentication?
  I thank in advance all the replies.

  Hi,
  I used the authentication described in this page, not sure how it weighs up to others but does the job here
  http://djmein.blogspot.com/2007/07/custom-authentication-authorisation.html

• Is it possible to manage Fingerprint Authentication in APEX?

  Hi,
  I have a restaurant control application in which the waiters need to login in order to place orders.
  I would like to enable fingerprint authentication using Microsoft Fingerprint or Digital Persona devices. I understand the output from such devices is an image. Is it possible to transform the fingerprint image into a text chain (password) in order to use a simple authentication function? Or will I need to manage blobs?
  Has anybody done this with APEX?
  Regards
  Francisco Barrena.

  hi friend,
  i am facing problem with my fringerprint machine.i dont have any idea how to connect that macine with my system and how to extract that fingerprint machine data in to my application witch is build up into Apex.
  i want to use fingerprint machine to manage Employee Daily attendance.But i dont know how can i do this in apex.
  if you have any idea please help me
  Thanks
  Manoj Kaushik

• External authentication from APEX

  Hi All
  I have a problem. User need to get over on new system external to APEX and automatically authenticate there. I know login and password. How execute authentication?
  Is any idea, may be using apex or just javasrcipt?

  Hello,
  If your compliance team is worried about network packet sniffers, then you should be using SSL, using a Cookie would not solve that problem (as the information would still be transmitted in clear text).
  If you search this forum for 'cookie' you should find quite a few hits on how to use Cookies in APEX (including how to create and read them).
  John.
  http://jes.blogs.shellprompt.net
  http://apex-evangelists.com

• Conditional authentication in ApEx

  Hi,
  I have an application developed in Apex 4.1 running on Oracle DB 10g XE and it uses Application Express authentication scheme. It is working fine but I also want to add IP restrictions on the scheme.
  I want it such that a user can only login to the application from the IP address he is authorized to. For this I have created a table which stores the user id and their IP addresses but dont know how to implement that.
  Please help.
  Regards
  Saurabh

  sorry to have wrongly placed the question in this forum.

• Issue in accessing Client Web Service 401 authentication error

  Hi,
  I have a requirement where i need to call a web service from SOA composite. When i deploy the service on SOA Server and try accessing it i get below error
  **oracle.fabric.common.FabricException: Cannot read WSDL "{http://www.service-now.com}ServiceNow_u_incident" from Metadata Manager.: Error in getting XML input stream: https://XXXXXXX.service-now.com/incident.do?WSDL: Response: '401: Unauthorized' for url: 'https://XXXXXXXX.service-now.com/incicdent.do?WSDL'**
  If i go from broweser and hit the url it asks for my ldap / windows credential.
  My question is how to i pass these credentials from Composite.
  sample service
  https://demo.service-now.com/incident.do?WSDL
  Shirish

  To pass HTTP Basic Auth from an External Reference in a composite_
  Set up in the EM
  1. Create the credentials in the EM
  - In the EM Weblogic Domain > right click the domain name
  - Choose Security > Credentials
  2. Create an oracle.wsm.security map
  This is where the http token details are held
  - If the oracle.wsm.security does not exist create one (Create Map)
  - call it oracle.wsm.security
  3. Create the Key
  - Click create Key
  - Enter the following values
       Select Map -> oracle.wsm.security
       Key -> Key name
       Type -> Password
       Username -> << basic auth username required >>
       Password -> << basic auth password required >>
       Description -> Clear text description
  Note : Make the key name specific to the service you are accessing i.e. basic.credentials.sitea.demo
  Secure the Reference Partner Link
  In JDeveloper
       Open the composite that needs securing
       Right click on the external reference
       Select Configure WS Policies
       For Security, click the + button
       Select the oracle/wss_http_token_client_policy entry
       Select this and click the pencil button to edit the Override Value.
       In the override value column (csf-key), enter the credential key name you wish to use. i.e. basic.credentials.sitea.demo
  Deploy the service, and this will now be secured against the Basic Auth.
  This does not address SSO / Windows AD integration from the client, this is where a Web Service is protected by basic auth. If you need to integrate with AD as SSO etc then you will need to configure Kerberos. That is a much bigger explaination that you will probably find on the Net.
  Good luck
  Edited by: rodhiggins on 28/05/2013 22:52

• Using OID for authentication in APEX and PL/SQL apps

  Hi,
  One of my colleagues (much more skilled in APEX than me) has written a PL/SQL package that makes it easy to use Oracle Internet Directory (OID) groups to control access to pages and items in APEX. It assumes that you are already using Oracle Single Sign-On (which he also set up for us).
  Being a package, it's easy to use in any PL/SQL application.
  He's given me permission to add his work to my web page but prefers to remain anonymous. You can see how to do it here:
  http://www.patrickhaston.co.uk/plsql/oid_authorisation.html
  The source code is available for download.
  Hope this is useful.
  Patrick.

  Nothing new - all documented with APEX.

• I am getting '401 Authentication Required' with sign-in box. Didn't happen until I loaded ver. 3.6.13

  Another detail I omitted in my problem: I don't have this problem with Google Chrome. If I could go back to the previous Firefox setting that would be fine. This has taken far too much of my time. I want to read not fix.

  Hi,
  I tried the example and got some weird error messages as follows:
  ********* error messages*********
  ShowComponent.java:90: cannot resolve symbol
  symbol : method getName ()
  location: class javax.swing.UIManager.LookAndFeelInfo[]
  { String plafName = plafs.getName();
  ^
  ShowComponent.java:91: cannot resolve symbol
  symbol : method getClassName ()
  location: class javax.swing.UIManager.LookAndFeelInfo[]
  final String plafClassName = plafs.getClassName();
  ^
  ShowComponent.java:139: cannot resolve symbol
  symbol : method indexOf (char)
  location: class java.lang.String[]
  int equalsPos = args.indexOf('=');
  ^
  ShowComponent.java:143: cannot resolve symbol
  symbol : method forName (java.lang.String[])
  location: class java.lang.Class
  Class componentClass = Class.forName(args);
  ^
  ShowComponent.java:161: cannot resolve symbol
  symbol : method substring (int,int)
  location: class java.lang.String[]
  String name = args.substring(0, equalsPos); //property name
  ^
  ShowComponent.java:162: cannot resolve symbol
  symbol : method substring (int)
  location: class java.lang.String[]
  String value = args.substring(equalsPos+1); //property value
  ^
  6 errors.
  *****end of error messages*****
  I use jdk1.3 and Win2000. Can anybody tell me how to delete above error messages?
  Thanks a lot.
  Li

• Authentication function not working in APEX but works in pl/sql

  Greetings, Jim here.
  I have written a very simple authentication funtion which uses the dbms_ldap package to authenticate using the userid and password from the login page.
  I've tested this function thru pl/sql and it returns true and false accordingly.
  I've created a custom authentication schema and in the authentication function I have return myfunction;
  The problem is, when called thru APEX, it appears to always return true and lets the login proceed, even if the password is correct. I know its using the function due to the fact that if I enter a bogus function as the authentication function, APEX spits up a message saying so.
  So, I know the function works, but I don't know why it does not work with APEX. Posting function below.
  CREATE OR REPLACE FUNCTION ODBS.CUSTAPEXLOGIN (p_username IN VARCHAR2,p_password IN VARCHAR2)
  RETURN BOOLEAN AS
  retval PLS_INTEGER;
  emp_session DBMS_LDAP.session;
  ldap_host VARCHAR2(256);
  ldap_port VARCHAR2(256);
  ldap_user VARCHAR2(256);
  ldap_passwd VARCHAR2(256);
  ldap_base VARCHAR2(256);
  BEGIN
  ldap_host := 'oraldap';
  ldap_port := '389';
  ldap_user := p_username;
  ldap_passwd := p_password;
  ldap_base := 'cn=users,dc=company,dc=com';
  emp_session := DBMS_LDAP.init(ldap_host,ldap_port);
  retval := DBMS_LDAP.simple_bind_s(emp_session,('cn=' || ldap_user || ',' || ldap_base),ldap_passwd);
  if retval = 0 then
  return true;
  else
  return false;
  end if;
  EXCEPTION
  WHEN OTHERS THEN
  begin
  if sqlcode = -31202 then
  return false;
  end if;
  end;
  END;
  /

  Hi Jim,
  Can you clarify this -
  The problem is, when called thru APEX, it appears to always return true and lets the login >proceed, even if the password is correctThat implies you're saying your authentication function ALWAYS returns true? Is that correct? Also 'even if the password is correct' doesn't read correctly to me, did you mean 'even if the password is incorrect'?
  You then say -
  now the function works, but I don't know why it does not work with APEX.So by 'does not work' you mean in APEX it is always returning true therefore allowing you to login regardless of the username/password you use? Is that correct?

• Apache Jakarta JETSPEED and ApEx (Authentication)

  Hi everybody!
  I would like to integrate ApEx into the Apache Jakarta Java Framework Jetspeed. Therefore I would like to use the usermanagement and and session handling of this framework (authentication in Jespeed is also used for ApEx - no new login necessary).
  Does anyone have an idea, how this can be setup in ApEx/Jetspeed? Or does anyone have a ready solution for this question?
  Thanks in advance and best regards,
  Christian

  ApEx is not JSR168 compliant - but that doesn't mean to someone couldn't come up with a way to plug some ApEx content into a JSR168 portlet. When you're doing this kind of thing there are lots of considerations.
  Like:
  what is the content?
  who needs to be able to see it?
  who needs to update it, if anyone?
  what are the security implications?
  One very simplistic approach that could be used to get ApEx content into the Jetspeed portal is to use a standard HTML portlet with an iframe embedded in it that points over to the ApEx content. Obviously, this doesn't include any kind of authentication to ApEx.
  You'd probably have to look into some of the SSO stuff that's buit into ApEx.
  Earl

• APEX - NTLM Authentication slow

  I've been trying to set up NTLM authentication for APEX as described on [this blog|http://jastraub.blogspot.com/2008/03/ntlm-http-authentication-and.html] and in [this whitepaper|http://www.oracle.com/technology/products/database/application_express/pdf/apex_ntlm_authentication_wp.pdf].
  The enviroment is as follows:
  DB: 10.1.0.4.2 on a windows 2003 SP2 server
  Application server: 10.1.2.3.0 on a windows 2003 SP2 server
  Clients: windows XP SP2 / IE 6 & 7 (tested both)
  The authentication appears to work fine, but it does seem rather slow (~20 seconds).
  I've tried using the earlier version of the page sentry function (without the hacky bits to trick IE) and this works pretty much instantly in Firefox (but gives the expectected problems in IE).
  I've experimented with commenting various bits out to find out which bit might be causing the issue, and it apears to be when the session cookie is being re-written into the HTTP header
  ie:
  >
  FOR ii IN 1 .. l_htp_rows LOOP
  IF l_htp_buffer(ii) LIKE 'Set-Cookie:%' THEN
  htp.p(l_htp_buffer(ii));
  END IF;
  END LOOP;
  >
  I've been trying to analyze the HTTP traffic, but it just appears that there is a 15-20 second delay before recieving a reponse from the server.
  I've tried logging the steps int he function into a table, and it all seems to happen pretty much instantly, so I guess the issue seems to be occuring on the Apache server?
  Does anyone have any ideas what might be causing this, or any further steps I could take to diagnose?
  Thanks,
  Keith

  I've got absolutely no idea what was causing the problem, but I've dropped recreated the auth procedure, and now it all seems to work fine.
  very odd...