How to avoid multiple logins to same application

Hi, I am using APEX version  4.2.1.00.08. I have a function for AD LDAP authentication. The authentication scheme has Set Cookie Attributes, Cookie Name SESSION_COOKIE. I have been using this for years on previous versions of APEX. As part of the 4.2 upgrade I would like it if users did not have to log in many times a day to the same application. I email links to the application, but even if they are already logged in, it opens page 101 in a new browser window and requires a second login. The email contains a link like this https://server/apex/f?p=102:2:::NO::P2_RECORDID:200000:/ I have read multiple posts, for example "Access two applications with one log in" and http://apps2fusion.com/at/64-kr/413-maintaining-authentication-between-apex-applications but I am still clueless. If a user has logged in once and has an APEX session, is it possible to click the link in the email without having to log in again to the same application? There is an after submit process Set Username Cookie and Onload Before Header process Get Username Cookie. Do I need Set Session Cookie and Get Session Cookie processes? Thanks for your time.
Peter
FUNCTION used for AUTHENTICATION SCHEME
create or replace function ad_auth(
    p_username        in        varchar2,
    p_password        in        varchar2)
return boolean
is
    l_user            varchar2(256);
    l_ldap_server    varchar2(256)    := 'DC';
    l_domain        varchar2(256)    := 'servers';
    l_ldap_port        number            := 389;
    l_retval        pls_integer;
    l_session        dbms_ldap.session;
    l_cnt            number;
begin
    l_user            := p_username||'@'||l_domain;
    l_session        := dbms_ldap.init( l_ldap_server, l_ldap_port ); -- start session
    l_retval        := dbms_ldap.simple_bind_s( l_session, l_user, p_password ); -- auth as user
    l_retval        := dbms_ldap.unbind_s( l_session ); -- unbind
    return true;
exception when others then
    l_retval := dbms_ldap.unbind_s( l_session );
    return false;
end;

Hi Peter,
I'm not familiar with LDAP but from a security point of view, I think it is wise to force your users to login if you sending them a link to a protected site. Just in case they forward the email or sharing the same computer. Could you post some of the code that you use to produce the email? It maybe that you need to concatenate &SESSION. where the session id would be in the url
Regards,
Alistair

Similar Messages

  • How to avoid multiple LOGIN with same user in database.

    Hi All,
    Using database triggers how to control multiple logins of a pertiuclar user.
    thanks in advance

    Don't forget to activate the RESOURCE_LIMIT parameter, which default is FALSE :
    alter system set RESOURCE_LIMIT = true;
    Laurent, I had a similar problem some time ago : I didn't want to avoid multiple access, but only control who was doing what. That's because moving from Client/Server to Web the TERMINAL column in V$SESSION becomes useless.
    I tried your solution, but I had to give up with it, because in my Forms9i application some forms call Reports, which generate a new session.
    I decided to use DBMS_APPLICATION_INFO, and this is satisfactory for my requirements, but I'm interested to discover other solutions.
    P.S. with my solution I'm able to limit accesses, because in the CLIENT_INFO string I put, among other things, the
    application user, so I can control if an user is already connected. The problem is that existing applications have to be modified .....:-(

  • How to avoid multiple listing for same artist?

    How to avoid multiple listing for same artist?

    Sounds like there might be blanks in the artist name.
    For instance "Lou Reed" and "Lou Reed_" will not match.
    (Pretend the underscore _ is a blank).
    Select all the Lou Reed songs, Get Info, and type "Lou Reed" in the artist field. That should fix it.

  • How to avoid multiple users accessing same test data via parameterization in LR??

    i am using LR11.5, i have the following test data:
    TestData
    1
    2
    3
    4
    5
    when i run this script from Controller with 3 users LR picks it as user1->1, user2->1, user3->1
    How do i achieve this case: user1->1, user2->2, user3->3 ??
    Any help would be great.

    I have a related question. i created 2 websites/domains then i went to users and created 2 seperate "network" users then i went to ftp and selected each website and added only user A to site A and user B to site B. what's weird is that when i try to ftp using either of the users it seems to land on the same site. i looked at shared security for the folders and it only shows user a on site a folder and user b on site b folders. am i doing somehitng wrong or is this how it works in mountain lion server? i just want to give the domain owner ftp access so they can manage their files and only thier files. i also had to turn on open directory so that it would not create a local user but a network user. do i need to turn that off and just deal with having a bunch of local users as ftp user? i want to host multiple websites on the server and NO users remote on to server besides ftp.
    edit 1: i only have 1 IP running on the server which i don't think it has any affect on this but thought i mention it :-)
    edit 2: i just noticed one more thing that may help. i used filezilla to remote in using both users, one at a time. it seems to allow both users in but then it shows same directories. i then created a file using the one that was not supposed to have acces and it never sows up. but if i remote desktop to server i can see the new file in the correct folder. so it may have something to d o with the directory listing.

  • How to avoid multiple login option?

    When Solution Manager 4.0 is making RFC connection to ECC 6.0  it asks for login to particular user 4 to 5 times (on ECC). How can I avoid this option?
    Regards,
    Amit

    Hi Amit,
    normally you have to login ones to the sat. system when you are in a SolMan Transaction eg. SOLAR01 or SOLAR02, as long as you are in the transaction there is no relogin necessary, but if you leaf the transaction and start it again then you have to login again. Also when you are e.g. in STWB_2 there it is quiet normal that you have to login several times to a sat. system, I know this is painfully, therefor I recommend to establish the trusted system rfcs as we provide in SMSY.
    Regards,
    uDo

  • How to avoid multiple login to PKCS11 token

    Hello everybody,
    I really hope that somebody here can help me, because I'm really
    starting to think that I won't be able to solve my problem...
    I am developing an application to generate s/mime messages using
    SunPKCS11 and bouncycastle mail library. In order to get a Keystore, which I can later use for setting
    up a SMIMESignedGenerator object which I'll use to sign my email, I
    need to do these steps:
    SunPKCS11 pkcs11Provider = new sun.security.pkcs11.SunPKCS11(configStream);
    Security.addProvider(pkcs11Provider);
    KeyStore smartCardKeyStore = KeyStore.getInstance("PKCS11");
    smartCardKeyStore.load (null,pin);//pin is the pin which I got by
    VOLUNTARILY prompting for it
    Collection altNames=cert.getSubjectAlternativeNames();
    Enumeration aliasesEnum = smKeyStore.aliases();
    String keyAlias=aliasesEnum.nextElement ()
    X509Certificate cert =(X509Certificate) smKeyStore.getCertificate(keyAlias);
    List<X509Certificate> certList = new ArrayList<X509Certificate>()
    certList.add(cert);
    CertStore certsAndcrls = CertStore.getInstance ("Collection",new
    CollectionCertStoreParameters
    (certList));
    SMIMESignedGenerator gen = new SMIMESignedGenerator();
    gen.addSigner((PrivateKey) smKeyStore.getKey(keyAlias, null),
    (X509Certificate)smKeyStore.getCertificate(keyAlias),
    SMIMESignedGenerator.DIGEST_SHA1);
    gen.addCertificatesAndCRLs(certsAndcrls);
    mm=gen.generate(mbp1, pkcs11Provider.getName());//mm is a mimemultipart object
    In this way, I get prompting twice for the pin: once before this code
    that I showed to you (which I called pin) and the second time, I get a
    prompt from the underlying library, originated by the gen.generate
    call.
    How could I do to fix all this and prompt only once for the pin (as it's due...)
    Please help me!
    Thank you very much in advance
    Don Vito CF (carry flag ;)

    Anybody knows? :( I'm thinking about rewriting the classes which I'm using, but I bet that there should be a better way...

  • How to use/sync single data (file) across multiple instances of same application

    Currently we have an application (a diagram editor), that have the ability to save and load (serialize) its state in a xml file.
    Now we want this application to behave like Microsoft OneNote application. Where multiple users have the ability to access the same file.
    Later we may also need to enhance with other things like, (1)what is changed and who changed it, (2)option to resolve conflicts if any.
    I came to know about sync framework to resolve this. so far, i have not tried it.
    All i want is,
    Virtually single file should be edited by multiple instances of same application.
    We need a dll (sync framework) that does following
    It takes complete responsibility of file handling.
    Using this dll, each instance of the application will notify their own changes.
    Each instance of the application should have the ability to detect the changes that is recently made (when, who, what are the changes).
    My question:
    Will sync framework be suitable for this requirement?
    If so, is there a demo application that represents this?
    - Jegan

    Seems like I have found the solution.
    In the taskflow there is a property named data-control-scope and I set it to isolated instead of the default (shared) and this seemed to do the trick.
    I can now have two instances of the same taskflow running with different ApplicationModules
    Cheers,
    Mark

  • How to avoide multiple duplicate entries in adress book?

    How to avoide multiple duplicate entries in adress book? I can add the same contact name and number more than twice and the phone isn't warning me at all!!! I's quite a heck for me.

    not possible from inside AB AFAIK. but you can do the following. in finder open the folder /users/username/library/application support/address book/metdata. switch to the list mode and sort by date modified. quicklook the vcards at the top to see which ones they are.

  • Detecting multiple instances of same application on startup.

    How can I detect multiple instances of same application on startup? I would like to display a message to the user stating that the application is already running [and then close out].

    How can I detect multiple instances of same
    application on startup? I would like to display a
    message to the user stating that the application is
    already running [and then close out].Congratulations on being the bazillionth person to ask this kind of question without bothering to search the internet.

  • How to create multiple instance on same database

    Hi ,
    I would like to know how to create multiple instance on same database . I know that some people use database configuration assistant to do this but i could not figure out how they did it.
    Any how if some one can help me with this and can give me links of this it would be great help for me.
    Thank you for reading my problem and helping me !
    Amil
    please if possible mail me on [email protected]

    How to create multiple instance?????Do you mean multiple instances on the same database, or multiple databases on the same machine ?
    I m new to this field....
    Willin to learn a lot about oracle....Then it wouldn't be bad reading a bit of Database Concepts

  • How to avoid multiple copies of data in page refresh

    How to avoid multiple copies of data in page refresh

    If you are talking about a page with an insert query, ignore the fact that it's a page refresh.  It's just another way that someone can insert duplicate records.  I like to handle this in my insert query.
    insert into thetable
    (f1, f2, etc)
    select distinct
    value1, value2, etc
    from some_small_table
    where you don't already have that record

  • How to create multiple BOM of same parent item?

    Hi All,
    Please guide me, How to create multiple BOM of same parent item? I tried but system throws a message as same Parent Item already exist in the table. I am afraid if system supports this functionality or not?

    Hi,
    You are welcome.......
    Well the exact process would be as I mentioned in my previous post.
    1. Create the BOM for an item
    2. Choose this item in the Production Order
    3. Then in this Production order you can change/ delete/ add whichever item you want .
    OR
    If all the child items are completely different from the original BOM then you can use the Special Type BOM in which you can always create the BOM while creating the Production Order itself. There is no standard BOM here.
    J Nagesh

  • How to avoid multiple copies of the same application in Web Start cache?

    We have an environment where there are several HTTP servers carrying the same Web Start application.
    Is there any way to prevent Web Start from installing another copy of the same application in a client machine's cache if the user hits an HTTP server that is not the one the application was already installed from?

    There is no way WebStart can know that an application from one server is actually the same as an application from another server, so I don't think this is possible.

  • How to avoid multiple users to access same tcode

    Hi all,
    Am creating one z tcode to display the material details for the particular reservation number. How can  I avoid multiple users to access the same tcode simultaneously. If anybody works over that tcode then no other user should be able to access the same tcode until or unless the first user works over it.
    Regards,
    Ramya

    HI,
    you can even use import and export logic and check if user has entered the transaction ..
    Regards,
    Santosh
    Message was edited by:
            Santosh Kumar Patha

  • MULTIPLE LOGIN WITH SAME USER ID

    Hi,
    As per my understanding, multiple login to the portal with the same user id and password is allowed.
    Now,
    1. Is it possible to disbale this in the portal so that user can login to the portal only once?
    2. Is it possible to allow specified no of logins with the same user id?
    Any response is highly appreciated.
    regards,
    Chandra

    What you're trying to do just doesn't work that well with any web application, let alone NW.  There are various problems with trying to restrict the number of sign ons:
    If a user signs into the portal and then walks away, they are unable to sign in again from another workstation.  What if they want to give a demo to a user elsewhere in the company while they're still signed in at their desk?  This is really just a user-issue, but an annoying one that will almost certainly drive certain users nuts.
    What if the user's web browser crashes (an unfortunately common occurence).  They can't sign in again until their session times out.  Either that, or they call the portal admin to clear out their session (how?  I don't know).  The portal admin probably has better things to do than cleaning up orphan sessions.
    If a user can't sign in multiple times, they can always open a related browser session, thereby having multiple entry points into the portal.
    So, in short, you really can't enforce a 'sign in once' rule.  By association, you therefore can't restrict them to a maximum number of sign-ins either...
    Hope that helps you out.  Points are always good

Maybe you are looking for

  • Can I return my incredible if it has TFT?

    I'd like to know if 1. I can tell by the phone's model number if it has TFT or AMOLED? And, 2. Can I return the incredible if it has TFT, not the AMOLED it was advertised to have?

  • My 4th generation shuffle is not recognized by 'my computer' or by Itunes', what now?

    This is the second IPod shuffle I've been through with the same issue.  It's not recognized on neither Itunes or 'my computer', therefore, Im unable to load anything onto the the shuffle.  The last time this happened, those were the symptoms I experi

  • New feature in iOS 6.1 + iTunes Match + Car systems

    I'm happy to see some great new features with iOS6.1 with iTunes Match when connected to my Audi MMI (music system). Previously if you were a subscriber to Apple's iTunes Match offering, you were able to only see the music tracks that you had manuall

  • IDOC: HRSM_D01

    I maked migration from non SAP system to the SAP R3 via XI (IDOC HRMD_A07).Export file from non SAP system in .csv file. Now I need store Attendences/Absences data into IT2001 (IDOC HRSM_D01), but I dont know structure of the IDOC and I need to fill

  • How can assign a PASS/FAIL test to each element of a cluster?

    I would like to pass a cluster from Labview 8.6  to TestStand 4.1.1 and apply a pass/fail test to each boolean element of the cluster.  For elements of the cluster that are string values, I would like to apply a string value test.  For elements of th