Is there a way to prevent chaging an application ID in the URL

Environment
APEX 3.1.00.09 on AIX 5.3
I had a question posed to me from our middleware person concerning changing the URL by a user.
We have an outward facing APEX application, say ID 100, that uses a reverse proxy inside the firewall to point to the actual server hosting the APEX application. When a user enters the URL given to them for this application the login screen pops up just as planned. When the user now types over the application number in the URL he is taken to the login screen of a different application hosted on that same server.
The question is: How can I do either or both of the following:
1- prevent the user from over-typing the application ID in the URL or
2- when the user does type over the application ID he/she is redirected back to the desired application, in this case ID 100
This is the only outward facing application we have at the moment but I can foresee more coming.
Thanks very much in advance for your help.
-gary

Hi Scott and others
Our Middleware Admin has some additional information and the same question. He is the expert on this project and I'm the messenger.
<b>I've also forgotten the HTML tag to retain the spacing of his output. If someone will remind me I'll go back and put it in. Thx! :-) </b>
===============
Issue: Need help in restricting access to single application URL
Background/setup:
We currently have the following setup in our environment and trying to expose a single URL to the internet.
[Internet]-à[Firewall] -à [Apache Web Server as proxy] à [OHS + Apex running on same server]
[SERVER1] [SERVER2]
I have defined a virtual host on Apache Web Server residing on [SERVER1] which communicates with a virtual host defined on OHS on [SERVER2].
When I try to access this URL ( http://servername.com/pls/apex/f?p=150:4) from outside it works fine, but if I change the number in the URL to (http://servername.com/pls/apex/f?p=160:5), it is exposing other applications. I tried to define some rewrite rules but they seem to be too restrictive or just don’t do the job.
I was hoping if someone can help with me any valuable suggestions in getting past this issue. I masked some of the IP/server name information for security reasons.
These are the error messages in the error_log which shows how the URL’s are being served:
Error_log from proxy server [SERVER1]
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(109): proxy: HTTP: canonicalising URL //test.servername.com:7781/pls/apex/wwv_flow.accept
[Fri Aug 14 13:01:03 2009] [debug] mod_proxy.c(459): Trying to run scheme_handler
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(1570): proxy: HTTP: serving URL http://test.servername.com:7781/pls/apex/wwv_flow.accept
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(228): proxy: HTTP connecting http://test.servername.com:7781/pls/apex/wwv_flow.accept to test.servername.com:7781
[Fri Aug 14 13:01:03 2009] [debug] proxy_util.c(1139): proxy: HTTP: fam 2 socket created to connect to test.servername.com
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(377): proxy: socket is connected
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(411): proxy: connection complete to 192.168.21.80:7781 (test.servername.com)
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(1396): proxy: start body send
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(1456): proxy: end body send
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(109): proxy: HTTP: canonicalising URL //test.servername.com:7781/pls/apex/f
[Fri Aug 14 13:01:03 2009] [debug] mod_proxy.c(459): Trying to run scheme_handler
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(1570): proxy: HTTP: serving URL http://test.servername.com:7781/pls/apex/f?p=150:4:815505233054690 -à I can change the highlighted value and go to a different app.
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(228): proxy: HTTP connecting http://test.servername.com:7781/pls/apex/f?p=150:4:815505233054690 to test.servername.com:7781
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(310): proxy: keepalive address match (keep original socket)
[Fri Aug 14 13:01:03 2009] [info] [client 10.126.105.20] [3087d398] SSL0240I: SSL Handshake Failed, Socket has been closed.
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(1396): proxy: start body send
[Fri Aug 14 13:01:03 2009] [debug] proxy_http.c(1456): proxy: end body send
Access_log from the OHS server when I access the URL and login[SERVER2}
10.126.105.12 - APEX_PUBLIC_USER [14/Aug/2009:13:01:03 -0400] "POST /pls/apex/wwv_flow.accept HTTP/1.1" 302 5 -à My rewrite rules seem to restrict this.
10.126.105.12 - APEX_PUBLIC_USER [14/Aug/2009:13:01:03 -0400] "GET /pls/apex/f?p=150:4:815505233054690 HTTP/1.1" 200 7812
10.126.105.12 - APEX_PUBLIC_USER [14/Aug/2009:13:01:49 -0400] "POST /pls/apex/wwv_flow.accept HTTP/1.1" 302 5à -à My rewrite rules seem to restrict this.
10.126.105.12 - APEX_PUBLIC_USER [14/Aug/2009:13:01:49 -0400] "GET /pls/apex/f?p=150:3:815505233054690::NO HTTP/1.1" 200 50109
Virtual Host Definitions:
Proxy Server:[SERVER1]
<VirtualHost *>
ServerName servername.com
ServerAlias servername
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyRequests Off
RewriteEngine on
RewriteRule ^f?p([0-9][0-9][0-9])(:*)$ /pls/apex/f?p=150:4 [R,L]
RewriteRule ^/$ /pls/apex/f?p=150:4 [R,L]
ProxyPass /pls/apex http://test.servername.com:7781/pls/apex
ProxyPassReverse /pls/apex http://test.servername.com:7781/pls/apex
ProxyPass /i http://test.servername.com:7781/i/
ProxyPassReverse /i http://test.servername.com:7781/i/
ProxyPass /apex http://test.servername.com:7781/apex/
ProxyPassReverse /apex http://test.servername.com:7781/apex/
ProxyPreserveHost on
RewriteEngine on
</VirtualHost>
OHS Server:[SERVER2]
NameVirtualHost IPADDRESS:80
<VirtualHost IPADDRESS:80>
ServerName test.servername.com
<IfModule mod_rewrite.so>
RewriteRule ^pls/apex/f?p=([0-9][0-9][0-9]):(.*)$ /pls/apex/f?p=150:4 [L,R]
</IfModule>
</VirtualHost>
=======================
</code>

Similar Messages

  • After deleting an email address from Contacts is there any way of preventing it from popping up in the To: field of Mail when one starts to type in a contact name.

    After deleting an email address from Contacts is there any way of preventing it from popping up in the To: field of Mail when one starts to type in a contact name?

    if you are not on ios 6, then all you can do is wait.  if you have deleted the address from your contact list, then it will live on for a while in your 'recently used' addresses.  as you use new addresses, those older ones fall down the list, and eventually fall off altogether  (unless you use them again).  Have patience, it will go away.
    Or do the update....

  • Is there any way to prevent non-root users from rebooting the system?

    This question seems to be addressed many times on the web, but the problem is that none of the wannabe-howtos work on my system. In particular, this doesn't work and this doesn't work either, because (1) I need to keep policykit installed for udisks and other dependencies to function and (2) renaming (or removing) the file /usr/share/polkit-1/actions/org.freedesktop.login1.policy has (again) no effect on the users' ability to reboot and shut down the system. Even more surprisingly, adding the following to /etc/polkit-1/rules.d/20-disable-shutdown.rules has no effect at all:
    polkit.addRule(function(action, subject) {
    if (
    action.id == "org.freedesktop.login1.power-off" ||
    action.id == "org.freedesktop.login1.reboot" ||
    action.id == "org.freedesktop.login1.suspend" ||
    action.id == "org.freedesktop.upower.suspend" ||
    action.id == "org.freedesktop.login1.hibernate" ||
    action.id == "org.freedesktop.upower.hibernate"
    return polkit.Result.NO;
    As a result, ordinary users (not in the wheel group and with no special permissions) can simply reboot the machine by typing reboot. I remember that a simple polkit rule (as proposed on the Fedora forum) worked fine just a few months ago, but this doesn't work nowadays. The action IDs mentioned there are no longer listed in pkaction, so it's quite obvious that some changes (and bugs) have been introduced since then. I just need to prevent the users from rebooting the machine and to keep policykit installed. Is there any way to do this?

    karol wrote:Do said users have the ability to push the Power or Reset buttons?
    No, they don't.
    But come on, access permissions are a matter of principle rather than a matter of what you can possibly do with a hammer in your hand. That makes your question somewhat irrelevant to this issue. Imagine someone asking: "How can I protect my home directory from access by other users?" You would then probably ask: "Do said users have the ability to pull out the hard drive and mount it on their computer?"
    Even if the users had physical access to the ACPI buttons, rebooting the computer by mistake (via software) would still be much more likely than pressing (or even holding) the ACPI buttons by mistake.
    If I call rm -Rf / as a normal user, nothing should happen to the system in terms of availability to other users. Only my home directory and temporary files would vanish, but that's all. This is what permissions are there for. Similarly, when I type reboot as a normal user (no matter if I'm on SSH, on a local terminal or logged into KDE), it should be possible to simply disallow rebooting.
    The idea that users logged in locally can restart the computer may be fine for laptops under certain conditions, but it is a bad idea in almost all other cases. In a "kiosk" type environment, for example, the ability to reboot and get to the bootloader can be a huge security hole, unless all your disks are encrypted, and a huge "reliability hole" in any case. Suppose you use a desktop as a home server. You want everyone to be able to log in and to connect a USB flash drive (using polkit and udisks). But you simply don't want the machine to be rebooted. Why is such a simple thing so hard to do?
    Last edited by andrej.podzimek (2014-03-10 02:15:35)

  • Is there a way I can force an application to use the GPU?

    I own a MacBook Pro 15in with retina display with integrated graphics from NVIDIA GeForce GT 750M. Currently I have my settings in the "Energy Saver" section of the System Preferences set for automatic graphics switching. I use an interior design application called Live Interior 3D Pro. This application uses a lot of 3D rendering that lags for a 2-3 seconds. I checked my activity monitor to see if the application was using the GPU, and it indicated it was not. I understand that I can uncheck the automatic graphics switching to fix the problem, but the problem is I hear it screws with the battery life. I do not want to switch off the automatic switching setting but do want this specific application to use the GPU instead of the built in Intel Iris Pro graphics thing. Is there a setting I can use to make just this application fire up the GPU when I open it? If not, do you know if switching off the automatic graphics switching setting messes with the battery at all? Also, does this mess with the performance of the machine overall since I have 16GB of RAM and only 2GB of GPU power or are those totally different and irrelevant? Thank you for your time and thank you in advanced for your help!!!!!!!!

    jspatel1011,
    your MacBook Pro’s discrete NVIDIA GPU is more powerful than its integrated Intel graphics; that power comes at the cost of increased energy consumption. There’s no setting to allow exceptions to the automatic graphics switching; you’ll have to determine whether that power vs. energy tradeoff is worth it when running Live Interior 3D Pro or not. If it is worth it, then disable the automatic graphics switching before you run Live Interior 3D Pro, and reënable it after you quit that app. (You might look into AppleScript to see if that disabling and reënabling can be automated.) If it’s not worth it, then you’ll have to live with the lagging while it does the 3D rendering.

  • Is there a way to prevent "Readers" from downloading attachments in the "View Responses" table?

    I only want Readers of the table to look, and not download other Readers attachments that are in different rows. I only want the author and the original reader to have access  to that.

    Yes, if privacy is the reason for hiding a column (which it is for me), it does no good if any viewer can just "Save as" and download all the submitted data, hidden and visible.
    I'd opt for making the download option only available to the authors, but at least there should be an option to disable the "Save as Excel / PDF" buttons - or at least only download the visible columns.

  • Is there any way to prevent fields from being overwritten when importing data via xdp-file?

    In an pdf-form designed with LCD everytime the form gets merged with an xdp-datafile content of all fields get overwritten, regardless which data-binding (normal, global, none) is assigned to the fields and regardless if the fields are exluded in the xdp-datafile. Is this normal behavior and is there any way to prevent fields from being overwritten?

    The xdp-file is first exported from Acrobat Professional 8 (export data as *.xdp) to get the complete structure. Then in the xdp-file some fields are removed manually and other fields are filled with data. When the modified xdp-file is opened again with Acrobat Professional 8 it grabs the original pdf-form and merges the manually filled fields into the form. With the merge all other fields in the form are overwritten, even if they are not defined in the xdp-file. And that is what I want to avoid. I want to merge the xdp-file into the form and keep the data in fields not defined in the xdp-file.

  • Is there a way to prevent accidentally deleting pictures?

    I am wondering if there is any sort of safety setting to keep from having my photos accidentally deleted?  My grandson likes to look at the pictures, but I am worried that he will swipe the trash can and then delete the pictures before I can stop him.  Is there any way to prevent this from happening?  (besides the obvious which would be to disallow him to look at the photo albums...a sure fire way to silence him in a restaurant or church.)

    You're welcome.
    Here's an app that might help!
    http://itunes.apple.com/us/app/wifi-photo-transfer/id380326191?mt=8
    Only thing is finding a wifi spot...
    OR maybe if you find the time, email ones to your personal account you want to keep before the viewing begins!
    Just ideas, really.
    Good lcuk!

  • Is there any way to prevent web.xml from any change ?

    hi all,
    we have a filter in web.xml. Now we want to prevent it from any change in future. I mean after making a war(EAR) no one can change the filter in web.xml. if he chaged it then he will not be able to re deploy the application.Right now it is in web.xml so one can easily change it and then he can redeploy the application.
    Is there any way to prevent web.xml from any change after making EAR(WAR)?
    One can easily make a change in web.xml and redeploy the application to get the result. Now we want to restrict the web.xml as java class for any change after making EAR(or WAR).
    Could some one help me to do this?
    thanks,
    dinesh

    I think you could use some third party software to lock the folder like FolderLock, just make sure others ppl cannot access your file should be fined.
    This is my stupid solution only,cheers.

  • Is there a way to prevent psd from being the default file extension?

    In previous versions, psd was added automatically if the document was layered. Since I don't use psd, I had to manually change to tiff.
    But I'm finding that even flat (unlayered) files that came in as jpgs have psd inserted as the default. I would have thought that, by default, a file could stay whatever it started out being. (Whether jpg or tiff, flat or layered).
    This happens when I "save as" even when I don't change the name of the file, only save it in a different location (such as a jpg file from a flashcard being saved to computer).
    Is there a way to prevent the extra step of rejecting psd? Is there a preference or something I have missed?

    Although the little camera I was using doesn't capture 16 bit, I did run the jpgs briefly through ACR to try out the shadows/highlight feature since the photos were perfect candidates. My preference there is to convert to 16 bit ProPhoto so maybe--even though the files opened as jpgs. That might be the problem: maybe bit depth is the trigger for psd assignment. Still, I wish there was a way to disable it.

  • I allow my grandchildren to play free games on my ipad that I download for them.  Is there a way to prevent them from accidentally (or otherwise) purchasing upgrades?  My 6 yr old just did so and has no idea how she did it.  Can I block this access?

    I allow my grandchildren to play free games on my ipad and iphone that I download for them.  Is there a way to prevent them from accidentally (or otherwise) purchasing upgrades?  My 6 yr old just did so and has no idea how she did it. Is there a setting that would prevent this from happening?

    Yes.  You can set restrictions.
    This is covered in the manual.
    iPhone User Guide (For iOS 5.0 Software)
    iPad User Guide (For iOS 5.0 Software)

  • Is there any way to prevent the OS from querying the Superdrive when start

    Just a random question. Whenever my MacBook Pro starts up (either from sleep or a complete/fresh start, the OS queries the drive slot to see if there is a disc present. While this may be normal behavior, it seems to slow down the start up process. (I rarely ever have a disc in the drive). Just curious if this, in fact, normal, or if there's something awry.

    Is there any way to prevent the OS from querying the Superdrive when start
    No
    he OS queries the drive slot to see if there is a disc present.
    How can you tell? Based on the noise it makes?

  • I don't want my Facebook Contacts added to my iphone Contacts as a result of this new update.  Is there a way to prevent that from happening?

    I've been told that when I apply the latest update issued by APPLE, it will add all my Facebook Friends into my Contacts on my iPhone.  Is there a way to prevent that from happening?

    Unfortunately when upgrading to iOS 6 the setting to add Facebook Contacts to your Contacts app is on by default. But once the upgrade is complete you can go to:
    Settings > Facebook > and turn off Contacts.
    That will get rid of the Facebook stuff showing up in your Contacts app.
    BTW, I also turned off Calendar on my iPhone and iPad so that Facebook events and Friend's birthdays etc. will not show in my Calendar app.

  • When I save photos or videos from my iPhone 4S to my PC they are all sideways.  Is there a way to prevent this from happening?  All are taking with the phone in portrait mode.

    When I save photos or videos from my iPhone 4S to my PC they are all sideways.  Is there a way to prevent this from happening?  All are taken with the phone in portrait mode.

    Shot videos ONLY in landscape. For photos choose what's you like. Maybe you have to rotate photos on PC. What's your operating system?

  • I'm trying to add a playlist manually to my iPhone 4. It won't let me because it's trying to delete all of the music currently on my iPhone. Is there any way to prevent this from happening in order to start manually updating it?

    I'm trying to add a playlist manually to my iPhone 4. It won't let me because it's trying to delete all of the music currently on my iPhone. Is there any way to prevent this from happening in order to start manually updating it?

    Are you leaving the box unchecked to Manually manage music & videos? You don't need to to add anything to the iPhone.
    Simply drag the playlist to the iPhone to manually add it.

  • Is there a way to prevent actions, like spaces, to only occur on one screen when using multiple monitors?, Is there a way to prevent actions, like spaces, to only occur on one screen when using multiple monitors?

    Hello, I am using my Macbook Pro, late 2012 with a second monitor, which is a TV. I am wondering if there is a way to prevent spaces from poping up in the second monitor when i want it to ocur in the primary monitor? So on one monitor, or whichever one the mouse is, I want say Spaces, or Launch pad to popup on and not interfer with the other screen. Is there a way to do this?
    Thanks,
    Harrison Howard

    I believe the answer is no.
    I have not been able to make extra monitors stick with a particular space.
    Also, there is a relevant discussion here regarding this matter.
    The last poster suggests a workaround which does not work as far as I can tell.
    Here is the discussion thread
    Best of luck

Maybe you are looking for

  • Device Payment Plans Might Be Coming around the Corner!

    According to what i read Via >> droid life Device payment plans might be Coming to Verizon!  have a look @ the Link b33 http://www.droid-life.com/2013/04/12/verizon-will-introduce-a-device-payment-plan-similar-to-t-mobiles-in-the-near-future/

  • Arrows not showing up in slideshow, cant control slideshow

    So I have a slideshow that is on one of my pages and the arrows on the two sides will not appear.  Before the pictures all load I can see the arrows behind the pictures but once they the arrows end up behind the pictures.  The pictures rotate normaly

  • Fixing ID3 tags for mac

    Hey All, Does anyone know of software that will scan the Itunes library and fix any corrupted ID3 tags? About 20% of my songs (and growing) wont import or add to Itunes. I suspect it is because of corrupt Id3 tags??? Anyone else found a solution to t

  • OC4J Preview Installation Error

    Hello, I have downloaded the OC4J Developers Preview version (10.0.3.0.0) from OTN. Now, when I start the OC4J, I always get the following error on the console. JspTagLibListener error : oracle.xml.parser.schema.XSDBuilder. build(Ljava/net/URL;)Lorac

  • Re:  Saving PDFs

    Is there a toolbar icon for the Save As option? I noticed there is one for Save.