How to Use REGION_STATIC_ID in authentication scheme

Similar Messages

• Authorization Scheme using the APEX Authentication Scheme

  How would you build an authentication scheme that is using the APEX Authorization scheme. All users are belonging to a group which could be Oracle, External or Developer and I'd like to hide certain pages from the External users.
  I am not sure if I can grab the group name from some V('..') function and make something work?
  Cheers,
  Andy

  I'll give it a try again, sorry for not being able to describe the problem better!
  I am using the APEX built in authorization and authentication to make my life simple with regards to user mgmt. So all the users are managed using the Home>Administration>Manage Application Express Users. Every user belongs to an APEX group (Home>Administration>Manage Application Express Users>User Groups). For example:
  User A belongs to Group External
  User B belongs to Group Oracle
  User C belongs to Group Admin
  Now, there are certaing pages in my application that I want to restrict from the Group External (but the Group Admin and Group Oracle can see them).
  So my question is really how would I build such an Authorization Scheme to accomplish this? Not suer about which APEX API functions I should use to get this data and how to build the function.
  I hope this makes more sense?
  Andy

• How to use (to program) a Scheme in Xcode? (novice programer needs help!)

  How to use (to program) a Scheme in Xcode?
  i have been using Aquaemacs (GNU emacs) with Guile extensions. but i really would like to do all that in Xcode. is it possible? thanks.

  I believe that Scheme is not a language natively supported by Xcode. Maybe there is a way to write a plugin for it, but I don't really think so and in particular I haven't seen one for LISP or Scheme.

• How to use CLIENT-CERT authentication?

  Hi,
  I would like to know how to use client authentication.
  I used a web application with CLIENT-CERT authentication.
  And I accessed to the application from browser, then I had the following error
  message:
  Incorrect or missing client certificate.
  I used OpenSSL to generate keys.
  Could you tell me the information of the setting?
  Especially, I don't know theentry of CertAuthenticator.
  Could you tell me?
  Regards,
  Kuniaki Hagiwara - HP Japan

  Thank you for your response.
  Yes we have added the client certificate file (.pfx) in the Firefox browser Certificate manager / Store. It's also showing the certificate in the View Certificate window. We could not resolve it yet.

• How to use a Certificate authentication to connect to a ONTAP 8.3 Cluster in Posh?

  Hi All,      I've configured my Cluster Vserver to be able to authenticate via a self signed certificate. I'm able to use Perl NMSDK to connect and it works good. I want to use Powershell cmdlets for this. How can I do this? I've tried Connect-NcCluster but I don't see any option to specify a certificate there.  I'm also open to use NMSDK for Posh if someone can guide how to use it. I've tried that too but I can't get it working. Can anyone help? sinhaa    

  Hi Sinhaa - You've discovered the key difference between the Perl API bindings in the NMSDK and the PowerShell toolkit.  The NMSDK, and with the Perl bindings in particular, easily exposes the entire SDK from basic connection methods, the lowlevel XML building mechanisms, and a single function wrapper around each individual ZAPI function call that handles both the XML building from and recoveyr into convenient Perl data structures.  The entire API is accessible including higher privilege level options and commands. The PowerShell toolkit is much more a convenience wrapper around common functions for those in a Windows environment.  It doesn't expose the entire API, it doesn't expose all the parameters of the APIs that it does wrap (for instance, you can't access or use options only available in Advanced or Diagnostic mode), and security is somewhat Windows centric in that it uses a saved credential model similar to other Windows systems. As my company tends to be more Windows centric the PowerShell toolkit tends to be the default utility used for most automation, but I drop to the Perl NMSDK bindings for almost everything I do of substance because I need the abilities it provides.  I've asked through many channels for the PowerShell toolkit to at least add Advanced mode privilige options for a number of the cmdlets it provides.  Haven't yet seen any indication that those will be forthcoming. Bob    

• Database Authentication Schema Setup

  Hi, Page 13-17 in the User Guide talks about setting up DAD credentials verification. Text is copied below
  About DAD Credentials Verification
  DAD database authentication uses the Oracle database native authentication and user
  mechanisms to authenticate users using a basic authentication scheme. To use DAD
  credentials verification:
  ■ Each application user must have a user account in the Oracle database.
  ■ You must configure a PL/SQL DAD for basic authentication (without account
  information).
  how do i setup the dad without account information ?
  - thanks
  neelesh

  nevermind, i just removed the PlsqlDatabaseUsername and Password and it worked.

• Install Sun ONE Directory Server 5,2 & how to use it for authenticate user

  Good afternoon, Excuse, are newbie in the scope I am learning and putting desire to him, this in my situation I am trying to install Sun ONE Directory Server 5,2 since I understand that this it is application LDAP for Solaris, ok I want to install it to authenticate user against the system, that is to say, to be able to acces the server entering with a created user from the data base of LDAP and make think user that his created in the system. But the documentation that I finds indicates the installation of Sun ONE Directory Server 5,2 but it not clearly about how to use it for authentication. Some one have any manual step by step of Sun ONE Directory Server 5,2 installation and how to make it for authentication systems users.
  I read the forum seeking for anwser and i get confuse
  Thanks for the help and sorry for any inconvenient
  Message was edited by:
  Aku_28
  Message was edited by:
  Aku_28

  I think that I found the Sun endorsed book locations for using LDAP accounts that don't use authentication besides "crypt". I now can use an account with a "ssha" password. It can be more than 8 characters long.
  Chapter 14 System Administration Guide: Naming and Directory Services
  Read page 201 which is the pam.conf file pam_ldap setups. I edited my "/etc/pam.conf" file to reflect this
  Chapter 7 Directory Server 5.2 2005Q4 - Administration Guide
  Read page 316-318 which has a graphical technique to specify password syntax. I set it up and then tried the password by running "su - brahms". It now requires a longer password than 8 characters and it is set up to use "ssha" for that UID entry "brahms".

• Authentication Scheme - Database Account with login user exists in table

  Hi all,
  I m new to APEX. Could anyone tell me how can i modify the authentication scheme to validate the user by Database Account DB user & password, also the username must exist in a table
  As the DB is not only designed for one application, so DB account may incl. DB users more than the users who can access the APEX application. So I must check the user name exists in a table also.
  Thx.

  Scott,
  I try to save the msg in application item and set the message by application item in process before header, it works perfect. The message display as what i want :)
  One more question is i would like to give this link to user will go let the user go to the target page and can edit the page without doing any searching b4.
  http://XXX/apex/f?p=115:3::NO:::P3_ID:82
  If the user hvnt login, system will prompt login page, after the user login it, it will direct go to the target page. I have try if the user type in a wrong username / password it still work after i retype a correct one. The page can redirect to the target page.
  However, if i type in a user name & password is correct but not exist in my define table like what i stated b4. Then i type in a correct one I can just go to page 1 instead of the target one.
  How can i do the same thing?
  Sorry for non-stop questioning, but pls help. Thanks a lot.

• How to use two different LDAP authentication for my Apex application login

  Hi,
  I have 2 user groups defined in the LDAP directory and I provided the DN string for apex authentication something like the below
  cn=%LDAP_USER%,ou=usergrp1,dc=oracle,dc=com
  cn=%LDAP_USER%,ou=usergrp2,dc=oracle,dc=com
  The problem is I couln't pointout both the groups in DN string, I am trying to allow both usergroups to access the application.
  Does anyone know how to define both the group in LDAP DN String ?.
  Thanx in advance
  Vijay.

  Vijay,
  I don't think you'll be able to use the built-in LDAP authentication scheme. Just create a new authentication scheme that has its own authentication function. In that function code your calls to dbms_ldap however you need. Search the forum for dbms_ldap.simple_bind_s to find examples.
  Scott

• How to create an database account authentication scheme in apex

  Dear
  I have an apex installation (embeded) on oracle 11g.
  I want to create a database account authentication scheme in apex. I have seen the page with different tab like name,subsription,source,session not valid, login processing, logout URL,session cookie attributes and comments.
  I want to know what are the things to be specifed on these tabs and the effects. I have gone thru the documentation 'Application Builder User’s Guide Release 4.1' , but the functionalities of these tabs are not mentioned.
  Please help.
  Dennis
  Edited by: Dennis John on Feb 28, 2012 10:57 PM

  Thanks to dear Jit
  I am new to apex.
  I have gone thru that documents but I couldn't find any detailed documentation about the database account authentication scheme configuration
  The database account authentication scheme creation interface will show tabs like name,subsription,source,session not valid, login processing, logout URL,session cookie attributes and comments.
  I want to know what are the things to be specifed on these tabs and how it will reflect in the login. The specified documentation is not giving any detail about the above mentioned tabs of authentication scheme creation iwizard.
  And also I want to know how the applciation user will be mapped to the database account?
  As per my understanding a database user (for each run time user) is required for to authenticate the apex run time login other than the applciation schema user (holds the objects of applicaiton)
  run time user means - end user who uses the applcaition, not the developer.
  Please help.
  Dennis

• How to deal with expired passwords in authentication schemes?

  IHi,
  I am trying to build an authentication scheme that deals with expired passwords. After the user has provided their valid but expired password they should be redirected to a password reset page. After they have provided a new password they should be allowed to continue to the page they would have otherwise gone to had their password not expired.
  I have written my authentication processs as follows:
  CREATE OR REPLACE FUNCTION inventory_test.inventory_authentication (
  p_username IN VARCHAR2,
  p_password IN VARCHAR2
  RETURN BOOLEAN
  IS
  r1 apex_users%ROWTYPE;
  valid_password BOOLEAN;
  BEGIN
  IF p_password IS NULL
  THEN
  RETURN FALSE;
  END IF;
  SELECT *
  INTO r1
  FROM apex_users
  WHERE UPPER (username) = UPPER (p_username);
  valid_password :=
  DBMS_OBFUSCATION_TOOLKIT.md5 (input_string => p_password
  || TO_CHAR (r1.SEED, '99999')
  ) = r1.PASSWORD;
  IF valid_password AND (r1.password_expiration_date < SYSDATE)
  THEN
  apex_util.set_session_state ('FSP_AFTER_PASSWORD_RESET_URL', v ('FSP_AFTER_LOGIN_URL')); -- My new application item
  apex_util.set_session_state ('FSP_AFTER_LOGIN_URL',
  'F?P=' || v ('APP_ID') || ':14:' || v ('APP_SESSION')
  END IF;
  RETURN valid_password;
  EXCEPTION
  WHEN NO_DATA_FOUND
  THEN
  RETURN FALSE;
  END;
  This redirects the user to the password reset page but FSP_AFTER_PASSWORD_RESET_URL is null - presumably because the login process changes the session.
  This seems the wrong approach anyway as the user, once authenticated, can change the page number in the URL and avoid the password reset. I would guess that I need to use the APEX_CUSTOM_AUTH package somehow. However, I am thoroughly confused about the relationship between the LOGIN and POST_LOGIN procedures. Also, I gather from other posts in this forum that there is some asynchronous processing that goes on as new sessions are created. Can someone point me in the right direction please?
  --Tony
  [http://tonyhasler.wordpress.com/][http://tonyhasler.wordpress.com/]

  Sorry for taking so long to acknowledge your helpful suggestions.
  Scott's proposal is a tiny tiny bit awkward as,if i understand it correctly, the user would have to reauthenticate after resetting the password.
  /dev/null's suggestion is actually not too bad for me. I already have each page being authorised and I use only a limited mumber of (once per session) authorization schemes. I think all I have to do is to place an extra line or two in each scheme to check the expiration date of the user's password and remember to call APEX_UTIL.RESET_AUTHORIZATIONS when the password is reset.
  I successfully redirected to the password reset page using owa_util.redirect_url from the post-authentication procedure but what I am still having trouble with is the deep-linking bit. It seems I have to obtain the target URL by 'editing' FSP_AFTER_LOGIN_URL to replace '|' characters by ':' characters and inserting the session id in the right place. Given the fact that FSP_AFTER_LOGIN_URL may not be set and that there may not be sufficient ':' characters in the URL this is very clunky.
  Is there an easier way to do this?
  --- Never mind. I worked out how to use regular expressions with SQL to do this. A full explanation is in my blog.
  --Tony
  http://tonyhasler.wordpress.com
  Edited by: TonyHasler on Sep 6, 2008 3:17 PM

• How to use an authenticated user for a proxy call

  Dear all,
  I am currently working on a JEE application where the user needs to authenticate (for this I have configured the web.xml).
  Now inside this application I need to do a proxy call to a PI webservice.
  I would like to use the user credentials of the already logged in user in order to call the proxy.
  What I don't want to do is to use a service user for the proxy call.
  The code I am trying to call looks something like this:
       private IntegratedConfigurationIn getPort() throws Exception{
            IntegratedConfigurationIn port = null;
            try {
                 IntegratedConfigurationInService service = null;
                 service = new IntegratedConfigurationInService();
                 port = (IntegratedConfigurationIn) service.getIntegratedConfigurationIn_Port();
                BindingProvider bp = (BindingProvider)port;
                bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, user);
                bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, password);
                if (url.length() != 0)
                     bp.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, url);
            catch (Exception ex){
                 ex.printStackTrace();
            return port;
  The examples I found to retrieve the userdata pointed to codes similar to this one:
  public HttpServletRequest getHttpRequest() throws Exception {
            // Get runtime context
            Properties props = new Properties();
            props.put("domain", "true");
            Context initialContext = new InitialContext(props);
            ApplicationWebServiceContext wsContext = (ApplicationWebServiceContext) initialContext
                      .lookup(" /wsContext/ApplicationWebServiceContext");
            HttpServletRequest req = wsContext.getHttpServletRequest();
            return req;
  com.sap.security.api.IUser sapUser = com.sap.security.api.UMFactory.getAuthenticator().getLoggedInUser(getHttpRequest(), null);
            IUser ep5User = com.sapportals.wcm.util.usermanagement.WPUMFactory.getUserFactory().getEP5User(sapUser);
  Now I don't know how to bring it togehter and how to use an authenticated user for the BindingProvider.
  I would appreciate any hints or ideas.

  Peter,
  from the first screenshot, what I understood is that, you are calling an inbound PI web service that is intended to create an integrated configuration object (this is used for whole lot of other reason completely) but not actually calling a development web service.
  For this, you would have to generate your client classes from the WSDL provided by the PI developer for that particular service. Once you get those client classes generated, you could used the method provided in the other screenshot to extract the user and password and call the intended web service.
  Vijay Konam

• How to use Basis Authentication in Sender SOAP Adapter

  We implemented one Sender SOAP Adapter and we had to implement the modified WEB.XML method to remove the security specification.  We have now asked the developer to correct this situation so we can remove this modification.  The Interface developer would like to use Basic Authentication. If you have an automated interface sending in a SOAP Message, how do you do Basic Authentication? 
  I've tried using:
  http://host:port/XISOAPAdapter/MessageServlet?channel=:<Service>:<Channel>&sap-user=xiappluser&sap-password=<Password>&sap-language=EN&sap-client=<Client>
  When I do this, I still get the Authentication Pop-Up Window.
  How does the Sending Interface either supply the ID and Password on the incoming SOAP Message or respond to the Authentication Pop-Up?
  Thanks,
  Anne

  By Defualt the web service exposed by you will use Basic Authentication mode only.
  But the way you do Basic Authentication in the web client is platfrom dependent.
  This is not the way to do Basic authentication
  http://host:port/XISOAPAdapter/MessageServlet?channel=:<Service>:<Channel>&sap-user=xiappluser&sap-password=<Password>&sap-language=EN&sap-client=<Client>
  I am providing you a code snippet on how to Basic Authentication in Java when making the Web Service Call.
  If the client is on some other platform just look for the corresponding api.
  Please award points if you find this answer useful.
  Code Snippet
  URL url = new URL(URL);
  URLConnection connection = url.openConnection();
  if( connection instanceof HttpURLConnection )
  ((HttpURLConnection)connection).setRequestMethod("POST");
       //connection.setRequestProperty("Content-Length",Integer.toString(content.length()) );
       connection.setRequestProperty("Content-Type","text/xml");
       connection.setDoOutput(true);
       String password = User + ":" + Password ;
        //Where con is a URLConnection 
       connection.setRequestProperty ("Authorization", "Basic " + encode(User + ":"+ Password));
       connection.connect();
  Encode Method
  public static String encode (String source) {
  BASE64Encoder enc = new sun.misc.BASE64Encoder();
  return(enc.encode(source.getBytes()));

• How to use a custom database authentication with APEX_AUTHENTICATION??

  i have Custom user authentication method.
  create or replace function user_check(username varchar2,password varchar2) return boolem
  is
  check_out integer;
  begin
  select count(*) into check_out from "user" where USER_EMAIL=username and USER_PASS=password;
  if check_out >0 then
  return true;
  else
  return false;
  end if;
  end;
  apex_authentication.login() how to use. And how to make apex_authentication.login() use my method Verify User Login

  You can't mix custom authentication and the internal APEX authentication functions.. So either you use the pre-built user authentication in APEX or you can build your own CUSTOM authentication...
  Many examples of custom authentication are out there...
  Thank you,
  Tony Miller
  Ruckersville, VA

• How to make use of Windows authentication from my Java application

  I have a Java application, Instead I design one more login page for my application, I want to make use of Windows Authentication.
  How should I use that windows authentication in my java application
  can any help me in suggesting a solution

  How will they be able to access your application if they aren't users of the system?