Authorization scheme violation message not translatable?

Hello team,
could you please confirm that the authorization scheme violation message is not included in the translatable text for some reason?
I can't find it in the list of texts to be translated even after seeding the application.
Bye,
Flavio
http://oraclequirks.blogspot.com/search/label/Apex

Hello gents,
it's curious because after doing some tests i was almost convinced it was a sort of "feature".
From the behavior of the application i see that the authorization code is not duplicated in a translated application as it happens for most other components, as a result if i modify the authorization violation message, the change becomes effective immediately across all translations.
In view of this fact i developed the fancy theory that this was a security measure to prevent that a non-updated translated application could serve as a "trojan horse" to access a restricted page in virtue of the lack of control...
Anyway, i'm glad to hear that my theory is a nonsense :-D
Bye,
Flavio
http://oraclequirks.blogspot.com/search/label/Apex

Similar Messages

Page Authorization Scheme OK button not working

Hi All,
I have a Page Level Authorization scheme, which makes a PL/SQL Function call to determine whether the logged in user should have access to the Page. This works well and displays an 'Access denied by Page security check' error message, but the OK Hyperlink that is displayed does not work as I would expect as I am not returned to the calling page.
The pages in question are Popups and when I hover over the OK Hyperlink, the Javascript in the Taskbar shows javascript:window.history.go(-1). Is this the route of my problem, and is there any way around this when using Popup windows?
Thanks,
Mike

Scott,
Thanks for your response. Yes you have the sequence right: "User clicks on link to popup page from base page and the link is to a forbidden page"
"The basic question is why would you ever show a link to a forbidden page to the user?"
The main reason is time, ideally yes we would like to hide links to forbidden pages but it will take time to implement due to complexity of role combinations and number of pages. So for now, we are confident in our method for denying access to forbidden pages.
The error message that is displayed on the forbidden page is set in the Authorization Scheme, but how do I alter the OK link? Isn't this generated 'behind the scenes'?
Thanks,
Mike

FlatFile Schema Change - Message not getting changed correctly.

A biztalk orchestration uses a flatfile schema (with three nodes accountnumber, date, amount) to send the output in .csv format. The generated .csv file presents the data in trheee columns specific to the three nodes.
I am trying to add an new fourth node (Description) to the flatfile schema but the generated .csv file is presenting all the data in single cell instead of displaying using four different columns. I am trying to figure out a solution.
Appreciate any pointers. Thanks

Output file shows the new node with data.
I think somehow the pipeline componenet not accepting the new schema structure. Hence tried the following steps and the solution seems working now.
1) Deleted the pipeline reference in dependent application, stopped the dependent application.
2) Stopped, Delete and re-deployed current application.
3) Dependent application's sendport is enabled with the flatfile pipeline
3) re-started the host instances, and dependent, and current applications.
Flatfile conversion works OK now.
Disabling & reenabling pipeline solved it.
Thanks

Error message severity not translated correct when locale is changed

We have a shell page displaying different task flows within a dynamic region. The shell page f:view tag has locale="#{LocaleManager.currentLocale}" to allow programmatic change of locale. Most of the flows uses the locale from the browser request (e.g. Danish) but some pages has fixed locale (en_US) and will always be rendered with this locale (don't ask me why. It's a requirement). For those fixed locale pages, the expression #{LocaleManager.currentLocale} always returns "en_US". It works nice, but we have a strange problem with the translation of error messages displayed by validators/converters. E.g. if a character is entered in a number field, the user will see the usual popup error message like "*Error:* The value is not a number". The message part of the error message is translated but the severity message prefix ("Error:" in the example), seems to be translated and cached once per session. If the error message popup has been displayed once in a different locale, then after change of locale, the severity message prefix continues to use the translation from the first display. The message part of the message is translated perfectly.
Let me give an example:
1) User enters da_DK page and enters a invalid number. Error message displayed: "*Fejl:* Værdien er ikke et tal"
2) User enters en_US page and enters a invalid number. Error message displayed: "*Fejl:* The value is not a number"
If the examples is reversed, then the error messages will be:
2) "*Error:* The value is not a number"
1) "*Error:* Værdien er ikke et tal"
Do anyone know how to clear this translated severity message prefix, when locale is changed? Or is there a better way to overcome this issue?
We're using JDeveloper and ADF 11.1.2.2 and are able to reproduce the issue on the embedded weblogic.

Hi again
ok I added another locale that ships with flash builder, and encoutered the same problem
whenever I change the locale, the error tooltips are gone
I was even able to fix both new locales by assigning the the validators custom error messages using resourceManager.getString() like i assign a value to all other UI strings in the application
the default locale which is specified in the project compiler's parameters is en_US
and my final question to you is:
is there a best practice regarding localizing & managing the error massages Flex SDK uses?
what is the internal path to the resource bundles that flex uses to display errors?
it seems like it makes more sense to copy and edit an existing list of errors, rather then blow up the application code...
can you please share your view on the matter
thank you for your help
Yariv

Can't accept BBM invitations and Invites sent show as "Pending for Authorization" but recipients are not receiving them either (PIN Message Status : Service Blocked)

I recenly changed device from BB Curve 8530 to BB Bold 9900 and ever since then can't accept BBM invitations and Invites sent shows only as "Pending for Authorization" but recipients are not receiving them either. Tried sending PIN messages but I got a red x next to the message and the status says: "Service Blocked" .
When my phone got lost, I was lucky that I just synchronized my device to my BB Desktop. Not only was I able to retrieve my contacts (phonebooks and BBM) but also ALL txt msgs and even call logs
Anway, that happening, I assumed I don't need to re-send all my BBM friends invites since some were able to communicate with me. But for those who have deleted my profile (knowing it got lost) and were still on my contact were the ones affected. I tried deleting them and sent an invite only to find out that: I can't accept BBM invitations and Invites sent shows as "Pending for Authorization" but recipients are not receiving any. (they also have the same pending for authorization notice on their end)
When I tried to send them a PIN message I get a red x next to the message nd get the service blocked message.
Help I do not know what else to do.
** FYI: new contacts added with my new PIN have no prob sending invites and me accepting them all.

Hello Lhea,
This issue is most likely Caused by the BlackBerry not being provisioned for BlackBerry Data Services.
Please have a look at the following article that covers "Service Blocked" when sending a PIN message:
http://btsc.webapps.blackberry.com/btsc/KB19244
I hope this helps.
-HB
Come follow your BlackBerry Technical Team on twitter! @BlackBerryHelp
Be sure to click Kudos! for those who have helped you.Click Solution? for posts that have solved your issue(s)!

Authorization scheme not working.

My requirement is I want to allow access only to few people for some pages, buttons.
I am using Authorization scheme with scheme Type as "Exists SQL Query"
Working Query
SELECT p.EMP_ID FROM people p where emp_alias=:APP_USER and p.EMP_alias = 'ABC'
Not Working query
SELECT p.EMP_ID FROM people p where emp_alias=:APP_USER AND p.EMP_alias in ('ABC','XYZX)
Error: ORA-00907: missing right parenthesis
ERR-1082 Error in executing authorization scheme code.
Can anyone say what am I missing.

Thank you, adding braces and putting OR condition worked.
SELECT p.EMP_ID FROM people p WHERE emp_alias = :APP_USER AND (p.EMP_alias = 'ABC' OR p.EMP_alias = 'XYZX')
But not sure, how it is working some times and not working some times, if I have new lines, it doesnt work and if I have multiple conditions, it doesnt work.
This doesnt work..
SELECT p.EMP_ID FROM people p WHERE p.EMP_alias= :APP_USER and (emp_alias='ABC' or emp_alias='XYZ') and (p.EMP_ROLE='DBA' or p.EMP_ROLE ='DBAMGR')

Authorization scheme (using {not} Scheme)

I have build a change password page and every user, except user with a Guest role (= GUEST SCHEME) have access to that page.
I defined a scheme GUEST for users with the GUEST role. When I define the page with Authorization scheme {not}GUEST this isn't working everyone has access to the page, also the guest users.
am I misunderstanding the {not}scheme choice or is something else wrong.
Fred.

Fred,
I have solved it with the work around I mentioned before:I read what you said very carefully but thought it reckless to conclude that the workaround was successful because you just said "To work around the problem, I did xyz" without indicating the outcome.
The authorization schemes on navigation tabs fire also on the default login pageYes they do, they fire on every page whether or not the page template accommodates a navigation bar. This looks like a bug to me.
Is there a "authorization scheme report" which shows all the objects where the authorization scheme is defined.Shared Components > Authorization Schemes > Utilization (slightly different in each version).
Scott

Page 0 security: authorization scheme not applied to other pages

the page 0 security: authorization scheme not applied to other pages (neither as an override for existing pages nor as a default for new pages).
how is this intended to work?

mcstock,
Can you clarify your question please? Can you give specific steps to reproduce this issue that you are inquiring about?
Thanks.
Joel

Page Restriction - Authorization Scheme

I have an application 8736 this application as 3 tabs
TAB1: information TAB2: department   TAB3: Admin
TAB3 as a form in which SHOULD be only be view by users which authorisation rights. I have been trying to do this for sometimes now and it is not work. I have a table called users
TABLE:users
username    access_level
john919             2
sarah765           0
For the page in TAB3 if you have an access level of 2. You should be able to view this page and if not they you should get an error message saying "sorry you cant view this page".
In this case "john919" should be able to view the page in tab "Tab3" and "sarah765 " SHOULD NOT.
I have this query in the Authorization Scheme and the scheme type: pl/sql function returning boolean
DECLARE
   v_access_level   NUMBER (2);
BEGIN
   IF (:APP_PAGE_ID = 61)
   THEN
      SELECT MAX (ADMIN_LEVEL)
        INTO v_access_level
        FROM USERS
       WHERE USER_NAME = :APP_USER;
      IF v_access_level = 2
      THEN
         RETURN TRUE;
      ELSE
         RETURN FALSE;
      END IF;
   ELSE
      RETURN TRUE;
   END IF;
END
I have never try this before and I have being asking around and alot of people tell me this should check the admin_level in the USERS table using the current username of the person looking in to see if they have access to this page. SO far this is as fail me. Please help

If you only have one access level per user then try changing your authorization scheme code to
DECLARE
   v_access_level   NUMBER (2);
BEGIN
      SELECT ADMIN_LEVEL
        INTO v_access_level
        FROM USERS
       WHERE USER_NAME = :APP_USER;
      IF v_access_level = 2
      THEN
         RETURN TRUE;
      ELSE
         RETURN FALSE;
      END IF;
END;
now apply this scheme to tab3

Authorization schemes & verifing roles

Hi,
I'm having a hard time understanding how to use authorization schemes. My users log in as Oracle users. Each user is assigned to a role (with specific privileges granted to each type of role). I found that the privileges were not being enforced in the application according to the roles assigned to each user. From what I understand, this is because the SQL is being parsed according to the schema owner, not the individual user. So let's say for example I want to have a Create button only appear on a page if the user is assigned to role A or role B. Do I need to use an authorization scheme for this, or do I perform a query to determine the type of role the user is assigned to, and based on the result, conditionally show the button? I know there are lots of postings on authorization schemes in this forum (and I have read the Help manual), but I still do not understand how to get this working. Thank you.

....later same day... 
I've been reading/researching all day and it seems like I need to either a) make a table that defines user/role or b) query the database for the role assigned to this user (which I would have to do in choice a also) and then assign it as an application item. I tried option b, by creating an item on page 1 in my application, using this query: 
SELECT granted_role
FROM dba_role_privs
WHERE grantee = :APP_USER;
 
But I am getting this Oracle error message: 
ORA-00942: table or view does not exist 
Error ERR-1019 Error computing item default value: page=1 name=P1_ROLE.
 
How can I query the dba_role_privs table from within Application Express?
Do I need to GRANT SELECT priviliges to the schema owner to access this table?

Create Authorization Scheme for LDAP Groups

I have installed APEX 4.0 in my staging environment and got the LDAPS to finally work. I can now login to the application with my LAN user name and password. The only problem is so can everyone else on the LAN. So I wanted to create an authorization scheme that would only allow a certain group or groups of LDAP users into the application rather than everyone.
I am at the Create Authorization Scheme page and am kind of stuck. Has anyone done this before and can share some SQL or knowledge?

hi larosejh
If you want to do that you must write your own procedures using the dbms_ldap package. I found some code a while back that searches the LDAP. Maybe you can use this to create a function for your authentication.
DECLARE
retval PLS_INTEGER;
my_session DBMS_LDAP.session;
my_attrs DBMS_LDAP.string_collection;
my_message DBMS_LDAP.message;
my_entry DBMS_LDAP.message;
entry_index PLS_INTEGER;
my_dn VARCHAR2(256);
my_attr_name VARCHAR2(256);
my_ber_elmt DBMS_LDAP.ber_element;
attr_index PLS_INTEGER;
i PLS_INTEGER;
my_vals      DBMS_LDAP.STRING_COLLECTION ;
ldap_host VARCHAR2(256);
ldap_port VARCHAR2(256);
ldap_user VARCHAR2(256);
ldap_passwd VARCHAR2(256);
ldap_base VARCHAR2(256);
BEGIN
retval := -1;
-- Please customize the following variables as needed
ldap_host := 'host';
ldap_port := '389';
-- In case of update/insert/delete need change ldap_user to other.
     -- ldap_user := 'cn=orcladmin';
     -- ldap_passwd:= 'welcome';
-- set User and password to NULL for anonymous user.
ldap_user := 'user';
ldap_passwd:= 'password';
ldap_base := 'CN=Users,DC=ee,DC=intern';
-- end of customizable settings
-- Start output Header--
DBMS_OUTPUT.PUT_LINE('+++++++++++++++++++++++++++++++++++++++++++++++++++');
DBMS_OUTPUT.PUT('> DBMS_LDAP Search Example ');
DBMS_OUTPUT.PUT_LINE('');
DBMS_OUTPUT.PUT_LINE(RPAD('> LDAP Host ',25,' ') || ': ' || ldap_host);
DBMS_OUTPUT.PUT_LINE(RPAD('> LDAP Port ',25,' ') || ': ' || ldap_port);
-- Choosing exceptions to be raised by DBMS_LDAP library.
DBMS_LDAP.USE_EXCEPTION := TRUE;
my_session := DBMS_LDAP.init(ldap_host,ldap_port);
DBMS_OUTPUT.PUT_LINE (RPAD('> Ldap session ',25,' ') || ': ' ||
RAWTOHEX(SUBSTR(my_session,1,8)) ||
'(returned from init)');
-- bind to the directory
retval := DBMS_LDAP.simple_bind_s(my_session,
ldap_user, ldap_passwd);
DBMS_OUTPUT.PUT_LINE(RPAD('> simple_bind_s Returns ',25,' ') || ': '
|| TO_CHAR(retval));
-- issue the search
my_attrs(1) := 'dn'; -- retrieve all attributes
retval := DBMS_LDAP.search_s(my_session, ldap_base,
DBMS_LDAP.SCOPE_SUBTREE,
'objectclass=*',
my_attrs,
0,
my_message);
DBMS_OUTPUT.PUT_LINE(RPAD('> search_s Returns ',25,' ') || ': '
|| TO_CHAR(retval));
DBMS_OUTPUT.PUT_LINE (RPAD('> LDAP message ',25,' ') || ': ' ||
RAWTOHEX(SUBSTR(my_message,1,8)) ||
'(returned from search_s)');
-- count the number of entries returned
retval := DBMS_LDAP.count_entries(my_session, my_message);
DBMS_OUTPUT.PUT_LINE(RPAD('> Number of Entries ',25,' ') || ': '
|| TO_CHAR(retval));
DBMS_OUTPUT.PUT_LINE('+++++++++++++++++++++++++++++++++++++++++++++++++++');
-- End output Heading --
-- get the first entry
my_entry := DBMS_LDAP.first_entry(my_session, my_message);
entry_index := 1;
-- Loop through each of the entries one by one
while my_entry IS NOT NULL loop
-- print the current entry
my_dn := DBMS_LDAP.get_dn(my_session, my_entry);
-- DBMS_OUTPUT.PUT_LINE (' entry #' || TO_CHAR(entry_index) ||
-- ' entry ptr: ' || RAWTOHEX(SUBSTR(my_entry,1,8)));
DBMS_OUTPUT.PUT_LINE (' dn: ' || my_dn);
my_attr_name := DBMS_LDAP.first_attribute(my_session,my_entry,
my_ber_elmt);
attr_index := 1;
while my_attr_name IS NOT NULL loop
my_vals := DBMS_LDAP.get_values (my_session, my_entry,
my_attr_name);
if my_vals.COUNT > 0 then
FOR i in my_vals.FIRST..my_vals.LAST loop
DBMS_OUTPUT.PUT_LINE(' ' || my_attr_name || ' : ' ||
SUBSTR(my_vals(i),1,200));
end loop;
end if;
my_attr_name := DBMS_LDAP.next_attribute(my_session,my_entry,
my_ber_elmt);
attr_index := attr_index+1;
end loop;
my_entry := DBMS_LDAP.next_entry(my_session, my_entry);
DBMS_OUTPUT.PUT_LINE(' --------------------------------------------------- ');
entry_index := entry_index+1;
end loop;
-- unbind from the directory
retval := DBMS_LDAP.unbind_s(my_session);
DBMS_OUTPUT.PUT_LINE(RPAD('unbind_res Returns ',25,' ') || ': ' ||
TO_CHAR(retval));
-- Start Output Footer --
DBMS_OUTPUT.PUT_LINE('Directory operation Successful .. exiting');
-- Start Output Footer --
-- Handle Exceptions
EXCEPTION
WHEN OTHERS THEN
DBMS_OUTPUT.PUT_LINE(' Error code : ' || TO_CHAR(SQLCODE));
DBMS_OUTPUT.PUT_LINE(' Error Message : ' || SQLERRM);
DBMS_OUTPUT.PUT_LINE(' Exception encountered .. exiting');
END;
/

Message not updated in SAP Solution Manager

Hello SAP Solution Experts,
My requirement is to be able to send an incident message to SAP and when they in turn reply, the message in SAP Solution Manager is updated with the reply of SAP. The message could be for example a SAP NOTE number or some guidelines as message text.
But currently, this is not the case since we are not receiving any updates in the SAP Solution Manager. We need to consult the Marketplace to have access to the message of SAP.
So basically, as per my understanding, I think SAP is unable to update our Solution Manager system.
I would be grateful if someone could shed some light on how to make the replies of SAP available directly in our SAP Solution Manager?
Are there any steps to follow to achieve this requirement?
I am using the text schema ZLFN as follows:
Another issue, when the message is created and saved, we get the following warning message.
Translation in English would be: “No information text is available for SAP”.
Thanks and Kind Regards,
Yovish.

Dear Yovish,
Report 'AI_CRM_IM_UPDATE_FROM_SAP' is used to update incidents from SAP.
As alexander said, you can schedule the job 'REFRESH MESSAGE STATUS' using mentioned program on periodically(1 Hr).
This batch would update your solution manager system's incidents.
You can also do the status mapping to update your solman systems incident status by SAP status.
Thanks,
Vikas.

Authorization Schemes always fails

I am trying to verify that the user has the correct access in the authorization scheme. No matter what I put it fails. I currently have it set to pl/sql function returning boolean and the code as:
begin
return true;
end;
I still get the error message for my Authorization Scheme every time. For my application settings I selected the {Not} option, and that fails as well.
Can someone point me in the right direction?
Thanks.

Johnnie,
If you made this an application level authorization then try checking the page. Frankly I don't know how it could have failed when it says always return true... But try something like the following:
DECLARE
   l_retval BOOLEAN;
BEGIN
   l_retval := nv('APP_PAGE_ID') = 101 OR v('APP_USER') IS NOT NULL;
   RETURN l_retval;
END;The first page is checking to see if the user is on the login page. The second condition is really nothing, you'll want to fix it for your application. If you're still having problems, please post an example application on apex.oracle.com so we can take a look under the hood.
Regards,
Dan

Order of evaluation - Authorization scheme or application computation

APEX 4.2.2
A page has a Evaluate for every page view authorizaton scheme of the type Value of item in Expression 1 = Expression 2 with Expression 1=G_ITEM and Expression 2=1. G_ITEM is set using a Before-Header application computation conditioned to fire when G_ITEM is null.
What I see is that the authorization scheme always returns false and the page is not rendered. Inspecting wwv_flow_data shows that G_ITEM is not there. So it would appear that the authorization scheme is evaluated before the application computation and since it returns false, the engine stops.
Does that sound right? Is this order of evaluation of components documented anywhere? There is a Utilities > Page Events screen but that doesn't include Authorization schemes.
Thanks

Hi Christian - I am referring to a page-level authorization scheme set to be evaluated For each page view
Here are some more details...the application has only one UI (Desktop) and Application XX > User Interfaces > User Interface Details > Home URL is set to f?p=&APP_ID.:30:&SESSION.
When I launch the app using f?p=181::::LEVEL9 this is what I get in apex_debug_messages
init cgi_var_name.count=>29
CGI: PATH_INFO = /f
HTTP://xxx/pls/xxx
QUERY_STRING=p=181::::LEVEL9
REQUEST_METHOD=GET
REMOTE_ADDR=xx.xx.xx.xx
REMOTE_USER=foobar
APEX_LISTENER_VERSION=
REFERER=
Cookies:
S H O W: application="181" page="" workspace="" request="" session=""
Reset NLS settings
alter session set NLS_LANGUAGE="AMERICAN"
alter session set NLS_TERRITORY="AMERICA"
alter session set NLS_CALENDAR="GREGORIAN"
alter session set NLS_SORT="BINARY"
alter session set NLS_COMP="BINARY"
...NLS: Set Decimal separator="."
...NLS: Set NLS Group separator=","
...NLS: Set g_nls_date_format="DD-MON-RR"
...NLS: Set g_nls_timestamp_format="DD-MON-RR HH.MI.SSXFF AM"
...NLS: Set g_nls_timestamp_tz_format="DD-MON-RR HH.MI.SSXFF AM TZR"
no characterset conversion needed
...Setting session time_zone to -04:00
reset_nls_environment
reset
reset
Processing page view with session ID = 0
fetch_flow_info
set_html_escaping_mode p_mode=>E
Language derived from: FLOW_PRIMARY_LANGUAGE, current browser language: en-us
alter session set nls_language="AMERICAN"
alter session set nls_territory="AMERICA"
NLS: CSV charset=WE8MSWIN1252
...NLS: Set Decimal separator="."
...NLS: Set NLS Group separator=","
...NLS: Set g_nls_date_format="DD-MON-RR"
...NLS: Set g_nls_timestamp_format="DD-MON-RR HH.MI.SSXFF AM"
...NLS: Set g_nls_timestamp_tz_format="DD-MON-RR HH.MI.SSXFF AM TZR"
Setting NLS_DATE_FORMAT to application date format: mm/dd/yyyy
...NLS: Set g_nls_date_format="mm/dd/yyyy"
...NLS: Set g_nls_timestamp_format="DD-MON-RR HH.MI.SSXFF AM"
...NLS: Set g_nls_timestamp_tz_format="DD-MON-RR HH.MI.SSXFF AM TZR"
NLS: Language=en-us
fetch_flow_info
set_html_escaping_mode p_mode=>E
Application 181, Authentication: PLUGIN, Page Template: 12902619543947292
authenticate_and_init_session p_app_id=>181
fetch_flow_info
set_html_escaping_mode p_mode=>E
set_g_security_group_id p_security_group_id=>634111608319703,p_check_host_prefix=>true
does_host_prefix_match p_security_group_id=>634111608319703,p_host_prefix=>,c_path_info=>/f
detect_user_interface p_application_id=>181
... "Desktop" is the only UI - no autodetection necessary
... setting ui to "DESKTOP"
... authentication id=252985691712777759, sgid=634111608319703, curr flow sgid=634111608319703
... page is public:null
Authentication check: Login (NATIVE_CUSTOM)
... no page specified: failure
...fetch session state from database
get_current
... DOES NOT EXIST - ignore
fetch items (exact)
Redirecting to f?p=181:30:
Stop APEX Engine detected
Final commit
I am not sure why the engine stops rendering but I get the Access denied by Page security check error on the screen
Next experiment...launch f?p=181:30:::LEVEL9:
That gets me the following debug stack
init cgi_var_name.count=>28
CGI: PATH_INFO = /f
HTTP://xxx/pls/xxx.xx
QUERY_STRING=p=181:30:::LEVEL9:
REQUEST_METHOD=GET
REMOTE_ADDR=xx.xx.xx.xx
REMOTE_USER=foobar
APEX_LISTENER_VERSION=
REFERER=
Cookies:
S H O W: application="181" page="30" workspace="" request="" session=""
Reset NLS settings
alter session set NLS_LANGUAGE="AMERICAN"
alter session set NLS_TERRITORY="AMERICA"
alter session set NLS_CALENDAR="GREGORIAN"
alter session set NLS_SORT="BINARY"
alter session set NLS_COMP="BINARY"
...NLS: Set Decimal separator="."
...NLS: Set NLS Group separator=","
...NLS: Set g_nls_date_format="DD-MON-RR"
...NLS: Set g_nls_timestamp_format="DD-MON-RR HH.MI.SSXFF AM"
...NLS: Set g_nls_timestamp_tz_format="DD-MON-RR HH.MI.SSXFF AM TZR"
no characterset conversion needed
...Setting session time_zone to -04:00
reset_nls_environment
reset
reset
Processing page view with session ID = 0
fetch_flow_info
set_html_escaping_mode p_mode=>E
Language derived from: FLOW_PRIMARY_LANGUAGE, current browser language: en-us
alter session set nls_language="AMERICAN"
alter session set nls_territory="AMERICA"
NLS: CSV charset=WE8MSWIN1252
...NLS: Set Decimal separator="."
...NLS: Set NLS Group separator=","
...NLS: Set g_nls_date_format="DD-MON-RR"
...NLS: Set g_nls_timestamp_format="DD-MON-RR HH.MI.SSXFF AM"
...NLS: Set g_nls_timestamp_tz_format="DD-MON-RR HH.MI.SSXFF AM TZR"
Setting NLS_DATE_FORMAT to application date format: mm/dd/yyyy
...NLS: Set g_nls_date_format="mm/dd/yyyy"
...NLS: Set g_nls_timestamp_format="DD-MON-RR HH.MI.SSXFF AM"
...NLS: Set g_nls_timestamp_tz_format="DD-MON-RR HH.MI.SSXFF AM TZR"
NLS: Language=en-us
fetch_flow_info
set_html_escaping_mode p_mode=>E
Application 181, Authentication: PLUGIN, Page Template: 12902619543947292
authenticate_and_init_session p_app_id=>181
fetch_flow_info
set_html_escaping_mode p_mode=>E
set_g_security_group_id p_security_group_id=>634111608319703,p_check_host_prefix=>true
does_host_prefix_match p_security_group_id=>634111608319703,p_host_prefix=>,c_path_info=>/f
get_login_url p_user_interface_id=>12942041779151719,p_application_id=>181,p_security_group_id=>634111608319703
get_home_url p_user_interface_id=>12942041779151719,p_application_id=>181,p_security_group_id=>634111608319703
... authentication id=252985691712777759, sgid=634111608319703, curr flow sgid=634111608319703
... page is public:false
Authentication check: Login (NATIVE_CUSTOM)
get_current
... DOES NOT EXIST - ignore
builtin_cookie_sentry p_cookie_name=>ORA_WWV_APP_181
get_by_cookie_name p_cookie_name=>ORA_WWV_APP_181
session cookie value for ORA_WWV_APP_181=
... cookie is not set
... failure, session not found
set_db_session_info
...fetch session state from database
get_current
... DOES NOT EXIST - ignore
fetch items (exact)
execute_native_session_sentry p_type=>NATIVE_CUSTOM
...Execute Statement: begin declare
begin
wwv_flow.g_boolean := htmldb_public_user.Modntlm_Page_Sentry;
end;
~
get_cookie_properties 181 -> ORA_WWV_APP_181, ,
get_by_cookie_name p_cookie_name=>ORA_WWV_APP_181
session cookie value for ORA_WWV_APP_181=
... cookie is not set
get_cookie_properties 181 -> ORA_WWV_APP_181, ,
get_by_cookie_name p_cookie_name=>ORA_WWV_APP_181
session cookie value for ORA_WWV_APP_181=
... cookie is not set
generate_unique_session_id
remember_deep_link p_url=>f?p=181:30:::LEVEL9:
get_current
... DOES NOT EXIST - ignore
... insert into wwv_flow_sessions$: 7781513768577
create_new
Session created: 7781513768577 user: foobar
save_by_name p_item_name=>FSP_AFTER_LOGIN_URL,p_item_value=>***
set_builtin_global_item_value p_item_name=>FSP_AFTER_LOGIN_URL,p_value=>f?p=181:30:7781513768577::LEVEL9:
...Session State: Saved Item "FSP_AFTER_LOGIN_URL" New Value="f?p=181:30:7781513768577::LEVEL9:"
login p_uname=>foobar,p_password=>...,p_session_id=>7781513768577,p_flow_page=>181:30,p_entry_point=>POST-LOGIN,p_preserve_case=>false,p_use_secure_cookie=>false
execute_login p_username=>foobar,p_password=>...,p_current_app_id=>181,p_next_app_id=>181,p_next_page_id=>30,p_post_login=>true,p_builder_login_for_workspace=>
...delaying unrecoverable error to the end of execute_login
create_or_reuse_session
get_current
... session=7781513768577, user=foobar, sgid=634111608319703 (from db)
...Session ID 7781513768577 can be used
...New Instance Detected -
get_current
... session=7781513768577, user=foobar, sgid=634111608319703 (from cache)
get_login_url p_user_interface_id=>12942041779151719,p_application_id=>181,p_security_group_id=>634111608319703
get_home_url p_user_interface_id=>12942041779151719,p_application_id=>181,p_security_group_id=>634111608319703
... authentication id=252985691712777759, sgid=634111608319703, curr flow sgid=634111608319703
... page is public:false
... POST LOGIN shortcut, no pre-auth and auth process
... Authentication success
... running post_auth_240111674424380819
...Execute Statement: begin declare
procedure post_auth_240111674424380819 is
begin
post_auth_240111674424380819;
end;
end;
Collection - Begin create_collection_from_query_b, Collection Name: AD_GROUPS
Collection - Begin Create Collection, Collection Name: EM_ROLES
save_by_name p_item_name=>G_APP_USER,p_item_value=>***
find_item_by_name p_name=>G_APP_USER
set_substitution_cache p_id=>8993704979413505,p_value=>***,p_name=>G_APP_USER,p_filter=>Y,p_encrypted=>N
...Session State: Saved Item "G_APP_USER" New Value="foobar"
get_item_value p_item=>FSP_AFTER_LOGIN_URL,p_flow=>181,p_instance=>7781513768577
... l_instance=7781513768577,l_flow_id=181,l_sgid=634111608319703,p_item=FSP_AFTER_LOGIN_URL
get_builtin_global_item_value p_item_name=>FSP_AFTER_LOGIN_URL,p_session_id=>7781513768577
...value="f?p=181:30:7781513768577::LEVEL9:"
save_by_name p_item_name=>FSP_AFTER_LOGIN_URL,p_item_value=>***
set_builtin_global_item_value p_item_name=>FSP_AFTER_LOGIN_URL,p_value=>
...Session State: Saved Item "FSP_AFTER_LOGIN_URL" New Value=""
log_login p_username=>foobar,p_security_group_id=>634111608319703,p_owner=>foobar,p_application_id=>181,p_authentication_method=>Login,p_authentication_result=>0,p_custom_status_text=>
... update session user (foobar) and auth result ()
reset_cache
update_hashed_id -> ORA_WWV-PqmZTwhNdxkMTTqPlY88APZ1, sqlrowcount=1
send name=>ORA_WWV_APP_181,value=>ORA_WWV-PqmZTwhNdxkMTTqPlY88APZ1,expires=>,path=>,domain=>,secure=>,httponly=>HTTPONLY
Redirecting to f?p=181:30:7781513768577::LEVEL9:
...setting g_unrecoverable_error:=true again
Stop APEX Engine detected
Stop APEX Engine detected
Final commit
init cgi_var_name.count=>29
CGI: PATH_INFO = /f
HTTP://xxx/pls/xxx.xx
QUERY_STRING=p=181:30:7781513768577::LEVEL9:
REQUEST_METHOD=GET
REMOTE_ADDR=xx.xx.xx.xx
REMOTE_USER=foobar
APEX_LISTENER_VERSION=
REFERER=
Cookies:
S H O W: application="181" page="30" workspace="" request="" session="7781513768577"
Reset NLS settings
alter session set NLS_LANGUAGE="AMERICAN"
alter session set NLS_TERRITORY="AMERICA"
alter session set NLS_CALENDAR="GREGORIAN"
alter session set NLS_SORT="BINARY"
alter session set NLS_COMP="BINARY"
...NLS: Set Decimal separator="."
...NLS: Set NLS Group separator=","
...NLS: Set g_nls_date_format="DD-MON-RR"
...NLS: Set g_nls_timestamp_format="DD-MON-RR HH.MI.SSXFF AM"
...NLS: Set g_nls_timestamp_tz_format="DD-MON-RR HH.MI.SSXFF AM TZR"
no characterset conversion needed
...Setting session time_zone to -04:00
reset_nls_environment
reset
reset
fetch_flow_info
set_html_escaping_mode p_mode=>E
Language derived from: FLOW_PRIMARY_LANGUAGE, current browser language: en-us
alter session set nls_language="AMERICAN"
alter session set nls_territory="AMERICA"
NLS: CSV charset=WE8MSWIN1252
...NLS: Set Decimal separator="."
...NLS: Set NLS Group separator=","
...NLS: Set g_nls_date_format="DD-MON-RR"
...NLS: Set g_nls_timestamp_format="DD-MON-RR HH.MI.SSXFF AM"
...NLS: Set g_nls_timestamp_tz_format="DD-MON-RR HH.MI.SSXFF AM TZR"
Setting NLS_DATE_FORMAT to application date format: mm/dd/yyyy
...NLS: Set g_nls_date_format="mm/dd/yyyy"
...NLS: Set g_nls_timestamp_format="DD-MON-RR HH.MI.SSXFF AM"
...NLS: Set g_nls_timestamp_tz_format="DD-MON-RR HH.MI.SSXFF AM TZR"
NLS: Language=en-us
fetch_flow_info
set_html_escaping_mode p_mode=>E
Application 181, Authentication: PLUGIN, Page Template: 12902619543947292
authenticate_and_init_session p_app_id=>181
fetch_flow_info
set_html_escaping_mode p_mode=>E
set_g_security_group_id p_security_group_id=>634111608319703,p_check_host_prefix=>true
does_host_prefix_match p_security_group_id=>634111608319703,p_host_prefix=>,c_path_info=>/f
get_login_url p_user_interface_id=>12942041779151719,p_application_id=>181,p_security_group_id=>634111608319703
get_home_url p_user_interface_id=>12942041779151719,p_application_id=>181,p_security_group_id=>634111608319703
... authentication id=252985691712777759, sgid=634111608319703, curr flow sgid=634111608319703
... page is public:false
Authentication check: Login (NATIVE_CUSTOM)
get_current
... session=7781513768577, user=foobar, sgid=634111608319703 (from db)
builtin_cookie_sentry p_cookie_name=>ORA_WWV_APP_181
get_by_cookie_name p_cookie_name=>ORA_WWV_APP_181
session cookie value for ORA_WWV_APP_181=ORA_WWV-PqmZTwhNdxkMTTqPlY88APZ1
... session=7781513768577, user=foobar, sgid=634111608319703 (from cache)
... success, session id and security group id matches
... set user and session id in package globals
set_g_security_group_id p_security_group_id=>634111608319703,p_check_host_prefix=>true
does_host_prefix_match p_security_group_id=>634111608319703,p_host_prefix=>,c_path_info=>/f
set_db_session_info
...fetch session state from database
get_current
... session=7781513768577, user=foobar, sgid=634111608319703 (from cache)
fetch items (exact)
... fetched 8993704979413505: name=G_APP_USER, value=foobar
execute_native_session_sentry p_type=>NATIVE_CUSTOM
...Execute Statement: begin declare
begin
wwv_flow.g_boolean := htmldb_public_user.Modntlm_Page_Sentry;
end;
~
get_cookie_properties 181 -> ORA_WWV_APP_181, ,
get_by_cookie_name p_cookie_name=>ORA_WWV_APP_181
session cookie value for ORA_WWV_APP_181=ORA_WWV-PqmZTwhNdxkMTTqPlY88APZ1
... session=7781513768577, user=foobar, sgid=634111608319703 (from cache)
get_cookie_properties 181 -> ORA_WWV_APP_181, ,
get_by_cookie_name p_cookie_name=>ORA_WWV_APP_181
session cookie value for ORA_WWV_APP_181=ORA_WWV-PqmZTwhNdxkMTTqPlY88APZ1
... session=7781513768577, user=foobar, sgid=634111608319703 (from cache)
get_current
... session=7781513768577, user=foobar, sgid=634111608319703 (from cache)
... sentry success, no verification specified
... sentry+verification success
create_or_reuse_session
get_current
... session=7781513768577, user=foobar, sgid=634111608319703 (from cache)
...Session ID 7781513768577 can be used
...New Instance Detected -
get_by_cookie_name p_cookie_name=>ORA_WWV_USER_61814286625969
session cookie value for ORA_WWV_USER_61814286625969=
... cookie is not set
get_builder_session_id: builder session=null
...Setting session time_zone to -04:00
...Check for session expiration:
get_current
... session=7781513768577, user=foobar, sgid=634111608319703 (from cache)
get_builtin_global_item_value p_item_name=>FSP_SESSION_TIME,p_session_id=>7781513768577
NO_DATA_FOUND!
set_builtin_global_item_value p_item_name=>FSP_SESSION_TIME,p_value=>20130925091227::
...Session State: Saved Item "FSP_SESSION_TIME" New Value="20130925091227::"
Session: Fetch session header information
get_current
... session=7781513768577, user=foobar, sgid=634111608319703 (from cache)
fetch_step_info p_mode=>SHOW
get_home_url p_user_interface_id=>12942041779151719,p_application_id=>181,p_security_group_id=>634111608319703
get_login_url p_user_interface_id=>12942041779151719,p_application_id=>181,p_security_group_id=>634111608319703
get_theme_id p_user_interface_id=>12942041779151719,p_application_id=>181,p_security_group_id=>634111608319703
Branch point: Before Header
Authorization Check: "Administrator" Caching: "BY_USER_BY_PAGE_VIEW" Component: "PAGE"
... failed
setting g_primary_language := en-us
Add error onto error stack
...Error data:
......message: Must be Administrator
......additional_info: Access denied by Page security check
......display_location: ON_ERROR_PAGE
......is_internal_error: true
......apex_error_code: APEX.AUTHORIZATION.ACCESS_DENIED
......error_backtrace: ----- PL/SQL Call Stack -----
object      line object
handle    number name
0x2d7325bc0       556 package body APEX_040200.WWV_FLOW_ERROR
0x2d7325bc0       607 package body APEX_040200.WWV_FLOW_ERROR
0x2d7325bc0       911 package body APEX_040200.WWV_FLOW_ERROR
0x211e95470       488 package body APEX_040200.WWV_FLOW_AUTHORIZATION
0x2dbf01138      6000 package body APEX_040200.WWV_FLOW
0x2db632be8       249 procedure APEX_040200.F
0x267d27130        31 anonymous block
......component.type: APEX_APPLICATION_AUTHORIZATION
......component.id: 19813621888498766
......component.name: Administrator
...Show Error on Error Page
......Performing rollback
render_error_page
wwv_flow_init_htp_buffer
reset
reset
get_grid_template p_page_template_id=>12901127353947285
emit_page_header
Show page template header
handle_common_placeholders p_placeholder=>#TITLE#
get_title
handle_common_placeholders p_placeholder=>#IMAGE_PREFIX#
handle_common_placeholders p_placeholder=>#IMAGE_PREFIX#
handle_common_placeholders p_placeholder=>#APEX_CSS#
is_desktop_ui p_application_id=>181,p_page_id=>30,p_security_group_id=>634111608319703
get_ui_type p_application_id=>181,p_page_id=>30,p_security_group_id=>634111608319703
...initialize cache
... ui type name=DESKTOP
... true
handle_common_placeholders p_placeholder=>#TEMPLATE_CSS#
handle_common_placeholders p_placeholder=>#THEME_CSS#
handle_common_placeholders p_placeholder=>#PAGE_CSS#
handle_common_placeholders p_placeholder=>#APEX_JAVASCRIPT#
is_desktop_ui p_application_id=>181,p_page_id=>30,p_security_group_id=>634111608319703
get_ui_type p_application_id=>181,p_page_id=>30,p_security_group_id=>634111608319703
...use cache
... ui type name=DESKTOP
... true
handle_common_placeholders p_placeholder=>#TEMPLATE_JAVASCRIPT#
handle_common_placeholders p_placeholder=>#APPLICATION_JAVASCRIPT#
handle_common_placeholders p_placeholder=>#PAGE_JAVASCRIPT#
handle_common_placeholders p_placeholder=>#IMAGE_PREFIX#
handle_common_placeholders p_placeholder=>#IMAGE_PREFIX#
handle_common_placeholders p_placeholder=>#ONLOAD#
handle_common_placeholders p_placeholder=>#OUTDATED_BROWSER#
handle_common_placeholders p_placeholder=>#FORM_OPEN#
Rendering form open tag and internal values
clear_page_checksum
generate_unique_session_id
perform p_process_point=>AFTER_ERROR_HEADER
Processes - point: AFTER_ERROR_HEADER
handle_common_placeholders p_placeholder=>#REGION_POSITION_07#
handle_common_placeholders p_placeholder=>#HOME_LINK#
handle_common_placeholders p_placeholder=>#LOGO#
handle_common_placeholders p_placeholder=>#NAVIGATION_BAR#
handle_common_placeholders p_placeholder=>#REGION_POSITION_08#
handle_common_placeholders p_placeholder=>#REGION_POSITION_04#
handle_common_placeholders p_placeholder=>#REGION_POSITION_01#
handle_common_placeholders p_placeholder=>#SUCCESS_MESSAGE#
handle_common_placeholders p_placeholder=>#NOTIFICATION_MESSAGE#
handle_common_placeholders p_placeholder=>#GLOBAL_NOTIFICATION#
handle_common_placeholders p_placeholder=>#REGION_POSITION_02#
handle_common_placeholders p_placeholder=>#REGION_POSITION_03#
perform p_process_point=>BEFORE_ERROR_FOOTER
Processes - point: BEFORE_ERROR_FOOTER
emit_footer
Show page footer
Show page tempate footer
handle_common_placeholders p_placeholder=>#CUSTOMIZE#
handle_common_placeholders p_placeholder=>#REGION_POSITION_05#
handle_common_placeholders p_placeholder=>#APP_VERSION#
handle_common_placeholders p_placeholder=>#REGION_POSITION_08#
handle_common_placeholders p_placeholder=>#FORM_CLOSE#
Rendering form close tag and page checksum
handle_common_placeholders p_placeholder=>#DEVELOPER_TOOLBAR#
handle_common_placeholders p_placeholder=>#GENERATED_CSS#
handle_common_placeholders p_placeholder=>#GENERATED_JAVASCRIPT#
emit_generated_javascript
Logging exception in final_exception_handler:
Sqlerrm: ORA-20987: APEX - Must be Administrator - Access denied by Page security check
Backtrace: ORA-06512: at "APEX_040200.WWV_FLOW_ERROR", line 861
ORA-06512: at "APEX_040200.WWV_FLOW_ERROR", line 896
ORA-06512: at "APEX_040200.WWV_FLOW_AUTHORIZATION", line 501
ORA-06512: at "APEX_040200.WWV_FLOW", line 6000
Seems to me that the authorization scheme (which uses the value of the application item) is evaluated before the before-header/unconditional application computation sets the value of the application item and since the authorization scheme fails, show processing stops with an error.
What say you?

Report Link + Authorization Scheme

I have an authorization scheme that checks whether a certain person has privileges to edit a record on Page 2 by referring to the :P2_ID in the authorization scheme. Page 1 has a report with a report link, but the user can see both items they are able to edit and items they are not. I know I can make the link dynamically in the sql but wanted to see if there was an easy way to use an authorization scheme, but pass the #REPORT_COL# value in the report over to an authorization scheme to show or hide the icon for me so I can get the link out of the sql.

Great example Scott! However, I'd would caution the other Sc0tt that calling functions in a SQL statement is fine for a small number of rows, but can CRUSH performance for medium to large result sets. Even if the function is fast, you're still context-switching between SQL and PL/SQL for every row. Make sure you test this with the volume of data you expect your users to encounter. If it's a problem, you might force the user to apply some filters before running the query.
If you're running 11g you can at least minimize the hit of the function with "Function Result Cache". Even if you're not on 11g yet, you can use the following code in 10g and it will switch-on result cache when you compile it in 11g:
create or replace function auth_user(p_key in number)
     return varchar2
     $IF not dbms_db_version.ver_le_10_2 $THEN
          result_cache
     $END
as
begin
    pkg.g_value := p_key;
    if apex_application.public_security_check (p_security_scheme => 'AUTH_USER_COLUMN') then
        return '1';
    else
        return '0';
    end if;
end;
/ If it is a reasonable result set, Scott's solution is perfect.
Thanks,
Tyler

Authorization scheme violation message not translatable?

Similar Messages

Maybe you are looking for