Limit access to Apex login page

Similar Messages

• Third party system login page instead of apex login page

  Hello,
  One of my customers wants to login into an apex application using their intranet page. This page has two text fields:
  username and
  password
  and a login button.
  There is no validation done at their side. The goal is to pass this information to apex and apex needs to check if this information is correct (checking against own user tables) and let the user into the application or refuse an access. I am thinking about the best way to do that. Is there anyone out there with some similar experience?
  Denes Kubicek
  http://deneskubicek.blogspot.com/
  http://www.opal-consulting.de/training
  http://apex.oracle.com/pls/otn/f?p=31517:1
  -------------------------------------------------------------------

  Have a look SOLVED: Automatic Login but only if a user is an Oracle User
  Well I effectively do this with our Java application calling an APEX reporting application.
  The trick is to get apex to automatically submit the login page without the user having to pressing the login button.
  Once this works, the rest is fairly straightforward.
  Effectively what happens is our java application calls a procedure which populates a table with
  a username, encrypted password and a checkvalue (randomly generated), and returns the checkvalue to the calling procedure.
  We also have the bones of the URL in a properties file.
  The login page reads the value of the checkvalue from the URL in teh html header using various bits of javascript.
  We have a before header process on the apex login page which reads the information from the table
  table (and deletes it as soon as it reads it).
  It then uses the username, and password obtained from the table and just passes these values to the wwv_flow_custom_auth_std.login procedure.
  I can email you the code if you want.

• How can I add a UserGroup input in an APEX Login Page

  Hi,
  I am willing to add a UserGroup input (dropdown) in APEX Login page, but I see the default Login page supports only two parameter, i.e. Username and PWD. I see the authentication function wwv_flow_custom_auth_std.login(
  P_UNAME => :P101_USERNAME,
  P_PASSWORD => :P101_PASSWORD,
  P_SESSION_ID => v('APP_SESSION'),
  P_FLOW_PAGE => :APP_ID||':1'
  takes only username and pwd. But I need to add one more field, how can I accomplish this ?

  Hi,
  I have similar structure of the accounting like you.
  I have table users, roles, ...
  Then i use script like this:
  select nvl(1, null)
  from APEX_USER u,
  APEX_USER_ROLE r
  where u.active = 'Y'
  and r.USER_ID = U.ID
  and u.user_name = v('APP_USER')
  and r.appl_id = v('APP_ID')
  and r.is_edit = 'Y'
  and ((instr(group_name, ',NB_EOS,') > 0 and :P2_STATUS not in ('2','0'))
  or instr(group_name, ',NB_ADV_NT_ADM,') > 0 and :P2_STATUS not in ('2','5', '0')
  or instr(group_name, ',NB_CALL_ADMIN,') > 0 and :P2_STATUS not in ('2','5', '0'))
  There i have set the row for each application and user with my defined roles.
  Regards
  J :D

• Prevent Access to APEX Login

  I have installed 3.0.1 on XE using port 8095 and need to allow access to two applications via the Internet using two different domain names. I have set iptables to only allow outside access to port 80 on IP 123.123.123.123. I am using Apache to direct requests to the correct application. Here is the code that I am using:
  <VirtualHost *:80>
  ServerName domain.com
  ServerAdmin [email protected]
  RewriteEngine on
  RewriteRule ^/$ http://domain.com/apex/ [R]
  RewriteRule ^/apex/$ http://123.123.123.123:8095/apex/f?p=100:1 [P]
  RewriteRule ^/apex/(.*)$ http://123.123.123.123:8095/apex/$1 [P]
  ProxyPass / http:///123.123.123.123:8095/
  ProxyPassReverse / http:///123.123.123.123:8095/
  <Location />
  Order allow,deny
  Allow from all
  </Location>
  </VirtualHost>
  Outsiders cannot directly access 123.123.123.123:8095 and http://domain.com is directed to 123.123.123.123:8095/apex/f?p=100:1. Users will see http://domain.com/apex/f?p100:1:andalotmorehere as they browse. However, I realized that I could get to the APEX login with http://domain.com:80/apex or http://domain.com/apex/f?p=4550:1. Is there any way to prevent access to the APEX login to people outside of our local network? I would appreciate any help.
  Thank you,
  Minh

  How exactly the APEX engine forces a '404' to be returned, I am not entirely sure. Perhaps it sends back the Response with the Header Status set to 404 ?Yes, with this process on the login page.
  begin
    if not #OWNER#.wwv_flow_security.ip_check then
        #OWNER#.wwv_flow.g_unrecoverable_error := true;
        sys.owa_util.status_line(404, 'Page Not Found');
        sys.owa_util.http_header_close;
    end if;
  end;Scott

• Not able to access the portal login page and idenetity console page

  Hi all.
  I installed PS 6.1 on a new Solaris 8 Box. DNS is not configured for this box.
  I use netscape browser on the solaris boz to test my installation - everything is fine
  issue:
  When i tried to access the amconsole or amserver/UI/Login application, it bombs with the following exception.
  but i can see the default webserver page (or any static html for that matter).
  any clue?
  10/28/2003 03:22:22:776 PM EET: Thread[Thread-195,5,main]
  ERROR: Exception occured
  java.lang.Exception: Service URL not found:session
  at com.iplanet.services.naming.WebtopNaming.getServiceURL(WebtopNaming.java:180)
  at com.iplanet.dpro.session.Session.getSessionServiceURL(Session.java:686)
  at com.iplanet.dpro.session.Session.getSessionServiceURL(Session.java:668)
  at com.iplanet.dpro.session.Session.getSession(Session.java:540)
  at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:73)
  at com.iplanet.sso.SSOTokenManager.createSSOToken(SSOTokenManager.java:280)
  at com.sun.identity.authentication.service.AuthUtils.getOrigLoginURL(AuthUtils.java:1546)
  at com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:253)
  at com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:783)
  at com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:434)
  at com.iplanet.jato.ApplicationServletBase.doPost(ApplicationServletBase.java:312)
  at com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:282)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.iplanet.server.http.servlet.NSServletRunner.invokeServletService(NSServletRunner.java:919)
  at com.iplanet.server.http.servlet.WebApplication.service(WebApplication.java:1061)
  at com.iplanet.server.http.servlet.NSServletRunner.ServiceWebApp(NSServletRunner.java:981)

  I am facing the same problem. I am using Custom Authentication module. When I access the login page for this custom authentication module I got this error. I have DNS entry and added the IP Adress in the host file too. Anyone tell us, what could be the problem?

• Browser error on APEX Login Page

  Good morning,
  Version Information:
  - APEX 3.1.1
  - Database 11.1.0.6.0
  - Application Server: 10.1.3
  I'm using the APACHE install on my APP server to connect to APEX.
  When I connect to the APEX_ADMIN login page, after filling in the blanks, I get a browser error message, not an APEX error. The "caution" icon pops up on the status bar at the bottom of the browser window. When I look at the message, it says:
  Line: 34
  Char: 1
  Error: Object expected
  Code: 0
  URL: http://<myservername>:7778/pls/apex/f?p=4550:10:7817059686490562
  That URL, of course is the login page.
  When I checked the status, the install completed successfully. I am listening on port 7778 mainly because those that came before me configured the app server's http.conf with 7778.
  What am I missing?
  Thanks,
  Don.

  Thank you for your responses,
  Yes, I'm pretty sure that my image alias is correct (see my DADS.CONF listing below).
  I am NOT upgrading from 3.0, this is a new, clean install. I'm still checking other possible causes. Not sure where to go next.
  # ============================================================================ # mod_plsql DAD Configuration File # ============================================================================ # 1. Please refer to dads.README for a description of this file # ============================================================================ # Note: This file should typically be included in your plsql.conf file with # the "include" directive. # Hint: You can look at some sample DADs in the dads.README file # ============================================================================
  Alias /i/ "D:\oracle\AppServ\Apache\Apache\images/"
  AddType text/xml xbl
  AddType text/x-component htc
  <Location /pls/apex>
  Order deny,allow
  AllowOverride None
  PlsqlDocumentProcedure wwv_flow_file_mgr.process_download
  PlsqlDocumentPath docs
  PlsqlDatabaseConnectString <myservername>:portno:<servicename> ServiceNameFormat
  PlsqlNLSLanguage AMERICAN_AMERICA.AL32UTF8
  PlsqlAuthenticationMode Basic
  SetHandler pls_handler
  PlsqlDocumentTablename wwv_flow_file_objects$
  PlsqlDatabaseUsername APEX_PUBLIC_USER
  PlsqlDefaultPage apex
  PlsqlDatabasePassword <apexpassword>
  PlsqlRequestValidationFunction wwv_flow_epg_include_modules.authorize
  Allow from all
  </Location>

• Cant access router's login page

  my macbook cant access the router's login page,but i cant access the internet through this wifi
  here is some info i think may be useful
  lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
    options=3<RXCSUM,TXCSUM>
    inet6 ::1 prefixlen 128
    inet 127.0.0.1 netmask 0xff000000
    inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
    nd6 options=1<PERFORMNUD>
  gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
  stf0: flags=0<> mtu 1280
  en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    ether 80:e6:50:00:a0:c6
    inet6 fe80::82e6:50ff:fe00:a0c6%en0 prefixlen 64 scopeid 0x4
    inet 192.168.2.101 netmask 0xffffff00 broadcast 192.168.2.255
    nd6 options=1<PERFORMNUD>
    media: autoselect
    status: active
  en1: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=60<TSO4,TSO6>
    ether 72:00:04:91:16:20
    media: autoselect <full-duplex>
    status: inactive
  en2: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500
    options=60<TSO4,TSO6>
    ether 72:00:04:91:16:21
    media: autoselect <full-duplex>
    status: inactive
  bridge0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=63<RXCSUM,TXCSUM,TSO4,TSO6>
    ether 82:e6:50:00:cc:00
    Configuration:
    id 0:0:0:0:0:0 priority 0 hellotime 0 fwddelay 0
    maxage 0 holdcnt 0 proto stp maxaddr 100 timeout 1200
    root id 0:0:0:0:0:0 priority 0 ifcost 0 port 0
    ipfilter disabled flags 0x2
    member: en1 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 5 priority 0 path cost 0
    member: en2 flags=3<LEARNING,DISCOVER>
            ifmaxaddr 0 port 6 priority 0 path cost 0
    nd6 options=1<PERFORMNUD>
    media: <unknown type>
    status: inactive
  p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
    ether 02:e6:50:00:a0:c6
    media: autoselect
    status: inactive
  Internet:
  Destination        Gateway            Flags        Refs      Use   Netif Expire
  default            192.168.2.1        UGSc           28        0     en0
  127                localhost          UCS             0        0     lo0
  localhost          localhost          UH             34  2643545     lo0
  169.254            link#4             UCS             1        0     en0
  169.254.71.63      74:2f:68:73:6d:e   UHLSW           0        0     en0    281
  192.168.2          link#4             UCS             2        0     en0
  192.168.2.1        94:c:6d:30:49:de   UHLWIir        29      178     en0   1029
  192.168.2.101      localhost          UHS             0        0     lo0
  192.168.2.102      74:2f:68:73:6d:e   UHLWI           0        0     en0    290
  If some people cant help I'll really appreciate.

  What I did was a hard reset... (hold reset for 10 or 30 seconds then while holding, unplug unit then release reset button. After 10 more seconds, plug unit back in.)
  Between that and using the TFTP program, I was able to get back into my management screen. You will have to reconfigure your router after that. Be sure, if you have a dedicated ip on your computer, you temporarily set it to obtain everything automatically incase your set ip doesnt correspond to the default settings for your router. Then once everything is back up, you can change you ip settings on your PC back to what you had, if any.

• Unable to Access SSL WebVPN Login Page

  I am unable to access the SSL WebVPN login html page. I tried using FF, Chrome, and IE via https://24.43.XXX.XXX. All I get is "Page cannot be displayed". I am stumped here, any help would be greatly appreciated.
  PLAN-FW# show run
  : Saved
  ASA Version 9.1(1)
  hostname PLAN-FW
  domain-name intranet.example.com
  enable password s9HtiQv6kkqqiJhc encrypted
  xlate per-session deny tcp any4 any4
  xlate per-session deny tcp any4 any6
  xlate per-session deny tcp any6 any4
  xlate per-session deny tcp any6 any6
  xlate per-session deny udp any4 any4 eq domain
  xlate per-session deny udp any4 any6 eq domain
  xlate per-session deny udp any6 any4 eq domain
  xlate per-session deny udp any6 any6 eq domain
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  ip local pool VPN-Clients 192.168.5.2-192.168.5.220 mask 255.255.255.0
  interface GigabitEthernet0/0
   nameif outside
   security-level 0
   ip address 24.43.XXX.XXX 255.255.255.252
  interface GigabitEthernet0/1
   channel-group 1 mode active
   no nameif
   no security-level
   no ip address
  interface GigabitEthernet0/2
   channel-group 1 mode active
   no nameif
   no security-level
   no ip address
  interface GigabitEthernet0/3
   shutdown
   no nameif
   no security-level
   no ip address
  interface GigabitEthernet0/4
   shutdown
   no nameif
   no security-level
   no ip address
  interface GigabitEthernet0/5
   shutdown
   no nameif
   no security-level
   no ip address
  interface Management0/0
   management-only
   nameif Management
   security-level 100
   ip address 192.168.1.1 255.255.255.0
  interface Port-channel1
   nameif DR-01
   security-level 100
   ip address 10.0.0.1 255.255.255.252
  ftp mode passive
  dns domain-lookup outside
  dns server-group DefaultDNS
   name-server 8.8.8.8
   name-server 4.2.2.2
   domain-name intranet.example.com
  object network obj-internet
   subnet 0.0.0.0 0.0.0.0
  object network obj-vlan100
   subnet 10.0.100.0 255.255.254.0
  object network NETWORK_OBJ_192.168.5.0_24
   subnet 192.168.5.0 255.255.255.0
  pager lines 24
  mtu outside 1500
  mtu DR-01 1500
  mtu Management 1500
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-713.bin
  no asdm history enable
  arp timeout 14400
  no arp permit-nonconnected
  nat (DR-01,outside) source static any any destination static NETWORK_OBJ_192.168.5.0_24 NETWORK_OBJ_192.168.5.0_24 no-proxy-arp route-lookup
  object network obj-vlan100
   nat (DR-01,outside) dynamic interface
  route outside 0.0.0.0 0.0.0.0 24.43.XXX.XXX 1
  route DR-01 10.0.0.0 255.255.255.252 10.0.0.2 1
  route DR-01 10.0.100.0 255.255.254.0 10.0.0.2 1
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  user-identity default-domain LOCAL
  aaa authentication ssh console LOCAL
  http server enable
  http 192.168.1.0 255.255.255.0 Management
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  crypto ipsec ikev2 ipsec-proposal DES
   protocol esp encryption des
   protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal 3DES
   protocol esp encryption 3des
   protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES
   protocol esp encryption aes
   protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES192
   protocol esp encryption aes-192
   protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES256
   protocol esp encryption aes-256
   protocol esp integrity sha-1 md5
  crypto ipsec security-association pmtu-aging infinite
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto ca trustpoint SELF-TP
   enrollment self
   fqdn intranet.example.com
   subject-name CN=intranet.example.com
   keypair myrsakey
   crl configure
  crypto ca trustpool policy
  crypto ca certificate chain SELF-TP
   certificate 4fb08954
      30820203 3082016c a0030201 0202044f b0895430 0d06092a 864886f7 0d010105
      05003046 311e301c 06035504 03131569 6e747261 6e65742e 70656c61 74726f6e
      2e636f6d 31243022 06092a86 4886f70d 01090216 15696e74 72616e65 742e7065
      6c617472 6f6e2e63 6f6d301e 170d3134 31323136 31313237 32315a17 0d323431
      32313331 31323732 315a3046 311e301c 06035504 03131569 6e747261 6e65742e
      70656c61 74726f6e 2e636f6d 31243022 06092a86 4886f70d 01090216 15696e74
    quit
  crypto ikev2 policy 1
   encryption aes-256
   integrity sha
   group 5 2
   prf sha
   lifetime seconds 86400
  crypto ikev2 policy 10
   encryption aes-192
   integrity sha
   group 5 2
   prf sha
   lifetime seconds 86400
  crypto ikev2 policy 20
   encryption aes
   integrity sha
   group 5 2
   prf sha
   lifetime seconds 86400
  crypto ikev2 policy 30
   encryption 3des
   integrity sha
   group 5 2
   prf sha
   lifetime seconds 86400
  crypto ikev2 policy 40
   encryption des
   integrity sha
   group 5 2
   prf sha
   lifetime seconds 86400
  crypto ikev2 enable outside client-services port 443
  crypto ikev2 remote-access trustpoint SELF-TP
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  ssl trust-point SELF-TP outside
  webvpn
   enable outside
   anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
   anyconnect image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 2
   anyconnect profiles Example_Intranet_client_profile disk0:/Example_Intranet_client_profile.xml
   anyconnect enable
   tunnel-group-list enable
  group-policy "GroupPolicy_Example Intranet" internal
  group-policy "GroupPolicy_Example Intranet" attributes
   wins-server none
   dns-server value 8.8.8.8 4.2.2.2
   vpn-tunnel-protocol ikev2 ssl-client
   default-domain value intranet.example.com
   webvpn
    anyconnect profiles value Example_Intranet_client_profile type user
  username test1 password GxmPkeumVbHvz58J encrypted privilege 15
  username test2 password t.GxS9C3hRYHni61 encrypted
  username test3 password M9Szy/s33Cm6Crby encrypted
  username test4 password hMXxQZTu8agZnzki encrypted
  tunnel-group "Example Intranet" type remote-access
  tunnel-group "Example Intranet" general-attributes
   address-pool VPN-Clients
   default-group-policy "GroupPolicy_Example Intranet"
  tunnel-group "Example Intranet" webvpn-attributes
   group-alias "Example Intranet" enable
  class-map inspection_default
   match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
   parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
   class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect ip-options
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect skinny
    inspect esmtp
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect sip
    inspect xdmcp
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
   profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly 10
    subscribe-to-alert-group configuration periodic monthly 10
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:4976c27fbf11ae4589d27b4f16107a41
  : end
  Directory of disk0:/
  10     drwx  4096         08:15:36 Sep 19 2014  log
  20     drwx  4096         08:16:04 Sep 19 2014  crypto_archive
  21     drwx  4096         08:16:12 Sep 19 2014  coredumpinfo
  114    -rwx  37416960     08:24:28 Sep 19 2014  asa911-smp-k8.bin
  115    -rwx  18097844     08:26:28 Sep 19 2014  asdm-713.bin
  116    -rwx  69318656     08:27:50 Sep 19 2014  asacx-5500x-boot-9.1.1-1-RelWithDebInfo.x86_64.img
  117    -rwx  12998641     08:47:34 Sep 19 2014  csd_3.5.2008-k9.pkg
  118    drwx  4096         08:47:36 Sep 19 2014  sdesktop
  119    -rwx  6487517      08:47:38 Sep 19 2014  anyconnect-macosx-i386-2.5.2014-k9.pkg
  120    -rwx  6689498      08:47:40 Sep 19 2014  anyconnect-linux-2.5.2014-k9.pkg
  121    -rwx  4678691      08:47:42 Sep 19 2014  anyconnect-win-2.5.2014-k9.pkg
  122    -rwx  200          14:26:42 Dec 08 2014  upgrade_startup_errors_201412081426.log
  129    -rwx  338          11:59:35 Dec 16 2014  Example_Intranet_client_profile.xml
  8238202880 bytes total (4860497920 bytes free)
  Cisco Adaptive Security Appliance Software Version 9.1(1)
  Device Manager Version 7.1(3)
  Compiled on Wed 28-Nov-12 11:15 PST by builders
  System image file is "disk0:/asa911-smp-k8.bin"
  Config file at boot was "startup-config"
  PLAN-FW up 5 days 5 hours
  Hardware:   ASA5515, 8192 MB RAM, CPU Clarkdale 3059 MHz, 1 CPU (4 cores)
              ASA: 4096 MB RAM, 1 CPU (1 core)
  Internal ATA Compact Flash, 8192MB
  BIOS Flash MX25L6445E @ 0xffbb0000, 8192KB
  Encryption hardware device : Cisco ASA-55xx on-board accelerator (revision 0x1)
                               Boot microcode        : CNPx-MC-BOOT-2.00
                               SSL/IKE microcode     : CNPx-MC-SSL-PLUS-T020
                               IPSec microcode       : CNPx-MC-IPSEC-MAIN-0022
                               Number of accelerators: 1
  Baseboard Management Controller (revision 0x1) Firmware Version: 2.4
  Licensed features for this platform:
  Maximum Physical Interfaces       : Unlimited      perpetual
  Maximum VLANs                     : 100            perpetual
  Inside Hosts                      : Unlimited      perpetual
  Failover                          : Active/Active  perpetual
  Encryption-DES                    : Enabled        perpetual
  Encryption-3DES-AES               : Enabled        perpetual
  Security Contexts                 : 2              perpetual
  GTP/GPRS                          : Disabled       perpetual
  AnyConnect Premium Peers          : 100            perpetual
  AnyConnect Essentials             : Disabled       perpetual
  Other VPN Peers                   : 250            perpetual
  Total VPN Peers                   : 250            perpetual
  Shared License                    : Disabled       perpetual
  AnyConnect for Mobile             : Disabled       perpetual
  AnyConnect for Cisco VPN Phone    : Disabled       perpetual
  Advanced Endpoint Assessment      : Disabled       perpetual
  UC Phone Proxy Sessions           : 2              perpetual
  Total UC Proxy Sessions           : 2              perpetual
  Botnet Traffic Filter             : Disabled       perpetual
  Intercompany Media Engine         : Disabled       perpetual
  IPS Module                        : Disabled       perpetual
  Cluster                           : Disabled       perpetual
  This platform has an ASA 5515 Security Plus license.

  Hi Nathan,
  Are you using Ikev2 to connect. If not then can you please remove the following command and then try again:
  no crypto ikev2 enable outside client-services port 443
  Thanks
  Jeet Kumar

• ESS IView access to ERP - login page displayed and not access possible

  Hello Colleagues,
  we have to setup Employee Self-Service (ESS) Portal as well  ERP.
  All required steps seems to be performed but we still facing one access issue.
  If I try to enter the Link My Employees under SAP Portal > Employess Self-Service > Travel and Expenses it get an web login (ITS) from the ERP system and not direct access to the service. In addition I am not able to login with defined user an password.
  If I try the to enter the service directly (test service) at transaction SICF on the ERP (ECC) System itself it works fine as well with defined user and password.
  If both IE Browser Windows are open, then I am able to see the service (empty table) unter My Employees at portal after click again under Link SAP Portal > Employess Self-Service > Travel and Expenses > My Employees.
  So I think the general connectivity works fine but some thing still wrong with maybe IView access/permissions/roles?
  Any Ideas?
  Many thanks in advance!
  Regards,
  Jochen

  This means that your Single sign on is not working correctly.
  Things to check:
  1. From Portal System Administration - for the system object created for connecting to the backend system - try to perform the connection tests and make sure they pass.
  2. Access your portal with a Fully Qualified Domain Name (for example: myportal..mysubdomain.mydomain:port/irj/portal instead of just myportal:port/irj/portal) - this should most likely resolve your issue - since you see the error only for WD4A applications.
  3. Make sure that the host name you have configured in the portal system and the host name with which you access your portal are in the same domain.
  Also, check the SSO related profile parameters in the backend system:
  login/accept_sso2_ticket=1
  login/accept_sso2_ticket=0
  login/password_change_for_SSO=0
  Thanks,
  Shanti

• Am not able to get the Access manager 7-  login page

  I have installed Access Manager and configured it was worked. but i did the Policy agent cofiguration for Access Manager after that i couldn't login to Access manager ie /amserver while on trying http://localhost:8080/amserver/UI/Login
  am getting the following error
  exception
  javax.servlet.ServletException
       org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:300)
       org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
       java.security.AccessController.doPrivileged(Native Method)
       com.sun.mobile.filter.AMLController.doFilter(AMLController.java:163)
  root cause
  java.lang.NoClassDefFoundError
       com.sun.identity.authentication.server.AuthContextLocal.(AuthContextLocal.java:140)
       com.sun.identity.authentication.service.LoginState.createAuthContext(LoginState.java:1121)
       com.sun.identity.authentication.service.AuthUtils.getAuthContext(AuthUtils.java:310)
       com.sun.identity.authentication.service.AuthUtils.getAuthContext(AuthUtils.java:250)
       com.sun.identity.authentication.UI.LoginViewBean.forwardTo(LoginViewBean.java:325)
       com.iplanet.jato.ApplicationServletBase.dispatchRequest(ApplicationServletBase.java:981)
       com.iplanet.jato.ApplicationServletBase.processRequest(ApplicationServletBase.java:615)
       com.iplanet.jato.ApplicationServletBase.doGet(ApplicationServletBase.java:459)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:747)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:860)
       sun.reflect.GeneratedMethodAccessor115.invoke(Unknown Source)
       sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       java.lang.reflect.Method.invoke(Method.java:585)
       org.apache.catalina.security.SecurityUtil$1.run(SecurityUtil.java:249)
       java.security.AccessController.doPrivileged(Native Method)
       javax.security.auth.Subject.doAsPrivileged(Subject.java:517)
       org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:282)
       org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:165)
       java.security.AccessController.doPrivileged(Native Method)
       com.sun.mobile.filter.AMLController.doFilter(AMLController.java:163)
  please any do some need full to solve this problem
  regards
  vimalraj.s

  Guys,
  This is a common problem that I have noticed when policy agent is installed on the same DAS (Domain Admin Server of Sun java Application Server) instance where access manager is installed.
  Best solution is to deploy your application on a different DAS and configure / install policy agent for the new DAS.
  If web server is used for Access Manager, Deploy your application on a different instance.
  Alternatively, follow these instructions.
  Assume that you have policy agent binary installed on /opt/SUNWam/policyagent/ j2ee_agents/am_as81_agent.
  When policy agent is configured, it creates a new configuration folder named agent_001.
  1.     Login to DAS and remove the class path changes done by the policy agent installer.
  These are the class path to remove:
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/lib/agent.jar
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/lib/amclientsdk.jar
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/locale
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/agent_001/config
  2.     Add these to the class path to the end of the class path suffix. NOT AT THE START
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/lib/agent.jar
  /opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/lib/locale
  3.     Insert amclientsdk.jar to the classpath. Insert this before agent.jar but after am_*.jar files (am_sdk.jar,am_services.jar,am_sso_provider.jar,am_logging.jar )
  4.     open amConfig.properties . Add this line to the bottom of the file.
  com.sun.identity.agents.config.location=/opt/SUNWam/ policyagent /j2ee_agents/am_as81_agent/agent_001/config/AMAgent.properties
  Above line points to the policy agent configuration file.
  5.     last but not the least:
  a.     Make sure that an agent is created in Access manager with the same name and password as the one that you gave when installing policy agent.
  b.     Set property com.sun.identity.agents.config.filter.mode = SSO_ONLY in AMAgent.properties. This will help initial testing of the configuration.
  c.     Above configuration is for Unix. But shouldwork for other OS as well.
  Best of Luck
  KK

• Apex 4.1 Login Page 101 Branching Issue

  Branching Issue from P101 based upon P101_USERNAME value entered..Please Help!
  I'm having the following code on Page101 main 'login' process. The goal is to go to page 100 if the user is a normal V_USER or go to page 200 if the user is V_ADMIN. For the P101_USERNAME value, I'm determining whether the user or admin variable in my login process. However, I'm NOT branching correctly to the expected page.
  The function calls to determine whether V_USER or V_ADMIN work correctly in my tests outside of APEX.
  To prove the following, I hard-coded the page no. to either 100 or 200 and both of them direct to the right page, upon login, in such instances. However, when I'm determining the branching path with the below function call, the branching fails and Always goes to Page 100..I'm totally perplexed. Please help.
  The thread on the forums was helpful but the user who potentially got his answer didn't show the final example as to how it worked for him.
  Re: Apex 4.1 Redirect after login
  My login process on P101 main apex login page..
  --Page101 'login' process
  DECLARE
  v_path VARCHAR2(40);
  v_role VARCHAR2(200);
  FUNCTION getUserRole RETURN VARCHAR2
  IS
  v_ret VARCHAR2(40);
  v_user VARCHAR2(40);
  BEGIN
  IF v_ret IS NULL THEN
  BEGIN
  v_user := LTRIM(RTRIM(HTF.ESCAPE_SC(v('P101_USERNAME'))));
  --//Tested these calls outside of apex and work as expected perfectly.
            IF (my_pkg.is_user(v_user) = 'Y' AND my_pkg.is_admin(v_user) = 'N') THEN
  v_ret := 'V_USER';
  ELSIF (my_pkg.is_user(v_user) = 'N' AND my_pkg.is_admin(v_user) = 'Y') THEN
  v_ret := 'V_ADMIN';
  END IF;
  EXCEPTION WHEN OTHERS THEN NULL;
  END;
  END IF;
  RETURN (v_ret);
  EXCEPTION WHEN OTHERS THEN RETURN v_ret;
  END getUserRole;
  BEGIN
  --//Set page path for user/admin. if not use default page 100
  v_role := getUserRole;
  --//Hardcoding works as expected. but the above line getUserRole doesn't compute properly
  --//The my_pkg.is_user, my_pkg.is_admin work and return values as expectd.
  --//I'm not sure whether P101_USERNAME value is available or not in this main 'login' procedure on P101
  --//v_role := 'V_ADMIN';
  if v_role = 'V_ADMIN' then
  v_path := ':200';
  :APPVAR_ROLE := 'V_ADMIN';
  :APPVAR_LOGIN_BRANCH := '200';
  :FSP_AFTER_LOGIN_URL := NULL;
       wwv_flow_custom_auth_std.login(
  P_UNAME => :P101_USERNAME,
  P_PASSWORD => :P101_PASSWORD,
  P_SESSION_ID => v('APP_SESSION'),
  P_FLOW_PAGE => :APP_ID||v_path);
  elsif v_role = 'V_USER' then
  v_path := ':100';
  :APPVAR_ROLE := 'V_USER';
  :APPVAR_LOGIN_BRANCH := '100';
  :FSP_AFTER_LOGIN_URL := NULL;
  wwv_flow_custom_auth_std.login(
  P_UNAME => :P101_USERNAME,
  P_PASSWORD => :P101_PASSWORD,
  P_SESSION_ID => v('APP_SESSION'),
  P_FLOW_PAGE => :APP_ID||v_path);
  end if;
  end;
  --------------------

  There is a simpler method to accomplish this.
  On your home page (typically page 1) create a branch with the branch point "on load before header"
  Set the action to your desired target page.
  Create a condition based on your user's role .
  Which I see are similar instructions to those suggested in your linked message.
  Scott

• Unable to reach Workspace Login Page

  Hi,
  First some background - I am an Apex developer / administrator. I do not have a DBA background. DBAs install the Apex software and I administer the webserver (although my experience with webservers is that which I've picked up using Apex) and develop applications.
  We are currently upgrading our DEV, QA and PROD APEX installations from 2.2.1 to 3.1.1 (specifically 3.1.1.00.09).
  We are using Oracle HTTP Server from the Oracle 10.1 companion disk.
  We completed this for our DEV and QA environments without a problem. We have not done this for our PROD environment yet.
  We also installed APEXLIB 1.7 in both DEV and QA. This was working successfully in DEV. We had not tried it yet in QA.
  Both 3.1.1 upgraded environments have been running successfully for about 10 days since the upgrade.
  However our QA environment (Oracle 10.2.0.3 running on HP-UX B.11.11 ) experienced a problem yesterday - we can no longer access any Apex applications including the Workspace login pages or application login pages.
  The error we get in the browser is:
  Expecting p_company or wwv_flow_company cookie to contain security group id of application owner.
  Error ERR-7620 Could not determine workspace for application ().
  We experienced a problem with our QA environment before (prior to upgrade) and we needed to flush the shared pool a few months ago as a temporary fix for this as has been noted on this forum. The problem in question was addressed in this forum post: Re: ORA-06502:PL/SQL: numeric or value error: NULL index table key value
  However, with the current problem, flushing the shared pool has not solved the issue. It may not be related.
  When we access the workspace login page: http://our_url/apex/crmqa/f?p=4550:1, I see nothing in the Apache logs to indicate an error.
  The access_log.xxx file in the Apache logs lists this ...
  ip_address_here - apex_public_user [16/Jul/2008:15:15:15 -0500] "GET /apex/crmqa/f?p=4550:1 HTTP/1.1" 200 455
  The error_log.xxx file is empty.
  I temporarily turned on mod_plsql logging
  When I tried to access http://our_url/apex/crmqa/f?p=4550:1
  The cid1.log file contained...
  <337703562 ms>[ReqStartTime: 16/Jul/2008:15:23:43]
  <337703562 ms>Request ID ReqID:6136_1216239823
  <337703562 ms>Connecting to database with connect string : "(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=TCP)(HOST=ip_address_here)(PORT=1526)))(CONNECT_DATA=(SID=crmqa1)))"
  <337704171 ms>Doing alter session set nls_language= "AMERICAN" nls_territory= "AMERICA"
  <337704171 ms>OpenCursor
  <337704234 ms>Altered session to nls_language=AMERICAN nls_territory=AMERICA
  <337704234 ms>DeinitCursor
  <337704234 ms>OpenCursor
  <337704453 ms>DBCharSet is AMERICAN_AMERICA.WE8ISO8859P1, OWAVersion 10.1.2.0.6, 1001020006 (rc=0)
  <337704453 ms>DeinitCursor
  <337704453 ms>OpenCursor
  <337704453 ms>(wpd.c,1757) Logged in as (unknown)
  <337704453 ms>(wpx.c,559) Going to select...
  <337704453 ms>(wpx.c,613) Have been asked to execute a request
  <337704453 ms>(wppa.c,326) Building Arglist based on Parsed Content from WRB
  <337704453 ms>(wppa.c,1007) Enter ParseUrlData
  <337704453 ms>GET
  <337704453 ms>(wppa.c,1056) Getting Values from QUERY_STRING
  <337704453 ms>[headers begin]
  <337704453 ms>[headers end]
  <337704453 ms>p=4550:1
  <337704453 ms>(wppa.c,1499) indx = 1, entryCnt = 1
  <337704453 ms>(wppa.c,1849) Listing distinct actual names:
  <337704453 ms>(wppa.c,1851) p
  <337704453 ms>(wppa.c,1853) Listing actuals of array with large entries:
  <337704453 ms>(wppa.c,1858) Listing distinct actual names and values:
  <337704453 ms>(wppa.c,1890) p, type = 0, value (7) = 4550:1
  <337704453 ms>(wppa.c,421) Arglist built, 1 unique entries
  <337704453 ms>(wpx.c,620) Going to wpprodb_OciDoBlock...
  <337704453 ms>(wpd.c,2734) Cache enabled. Gathering cache information.
  <337704453 ms>(wpd.c,2752) Language for this request is en-us
  <337704453 ms>(wpd.c,2803) Using user apex_public_user for caching.
  <337704453 ms>cache: Checking for user level hit
  <337704453 ms>cache: Cache MISS user - D:\oracle\product\10.1.0\db_1/Apache/modplsql/cache\plsql\712\2063
  <337704453 ms>cache: Checking for system level hit
  <337704453 ms>cache: Cache MISS system - D:\oracle\product\10.1.0\db_1/Apache/modplsql/cache\plsql\sys\878\4773
  <337704453 ms>(wppr.c,393) start working with f
  <337704453 ms>(wppr.c,1005) The CALL block: len=503, bind_count=9
  declare
  rc__ number;
  start_time__ binary_integer;
  begin
  start_time__ := dbms_utility.get_time;
  owa.init_cgi_env(:n__,:nm__,:v__);
  htp.HTBUF_LEN := 84;
  null;
  null;
  null;
  null;
  f(p=>:p);
  if (wpg_docload.is_file_download) then
  rc__ := 1;
  wpg_docload.get_download_file(:doc_info);
  null;
  null;
  null;
  commit;
  else
  rc__ := 0;
  null;
  null;
  null;
  commit;
  owa.get_page(:data__,:ndata__);
  end if;
  :rc__ := rc__;
  :db_proc_time__ := dbms_utility.get_time - start_time__;
  end;
  <337704453 ms>(wppr.c,462) Pl/sql block parsed...
  <337704453 ms>(wpdenv.c,1495) CGI Environment has 29 vars. Max name len 128, Max Value Len 128
  <337704453 ms> PLSQL_GATEWAY(14)=(6)WebDb
  <337704453 ms> GATEWAY_IVERSION(17)=(2)2
  <337704453 ms> SERVER_SOFTWARE(16)=(59)Oracle-Application-Server-10g/9.0.4.0.0 Oracle-HTTP-Server
  <337704453 ms> GATEWAY_INTERFACE(18)=(8)CGI/1.1
  <337704453 ms> SERVER_PORT(12)=(3)80
  <337704453 ms> SERVER_NAME(12)=(12)server_name_here
  <337704453 ms> REQUEST_METHOD(15)=(4)GET
  <337704453 ms> QUERY_STRING(13)=(9)p=4550:1
  <337704453 ms> PATH_INFO(10)=(3)/f
  <337704453 ms> SCRIPT_NAME(12)=(12)/apex/crmqa
  <337704453 ms> REMOTE_ADDR(12)=(14)remote_ip_address_here
  <337704453 ms> SERVER_PROTOCOL(16)=(9)HTTP/1.1
  <337704453 ms> REQUEST_PROTOCOL(17)=(5)HTTP
  <337704453 ms> REMOTE_USER(12)=(17)apex_public_user
  <337704453 ms> HTTP_USER_AGENT(16)=(95)Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
  <337704453 ms> HTTP_HOST(10)=(12)hostname_here
  <337704453 ms> HTTP_ACCEPT(12)=(4)*/*
  <337704453 ms> HTTP_ACCEPT_ENCODING(21)=(14)gzip, deflate
  <337704453 ms> HTTP_ACCEPT_LANGUAGE(21)=(6)en-us
  <337704453 ms> HTTP_ORACLE_ECID(17)=(37)1216239823:ecid_ip_address_here??:7200:6136:1,0
  <337704453 ms> WEB_AUTHENT_PREFIX(19)=(1)
  <337704453 ms> DAD_NAME(9)=(6)crmqa
  <337704453 ms> DOC_ACCESS_PATH(16)=(5)docs
  <337704453 ms> DOCUMENT_TABLE(15)=(23)wwv_flow_file_objects$
  <337704453 ms> PATH_ALIAS(11)=(1)
  <337704453 ms> REQUEST_CHARSET(16)=(5)UTF8
  <337704453 ms> REQUEST_IANA_CHARSET(21)=(6)UTF-8
  <337704453 ms> SCRIPT_PREFIX(14)=(6)/apex
  <337704453 ms> HTTP_IV_USER(13)=(1)
  <337704453 ms>StrArrPosBind pos 2 Charset Id : 871
  <337704453 ms>StrArrPosBind pos 3 Charset Id : 871
  <337704453 ms>StrArrPosBind pos 6 Charset Id : 871
  <337704781 ms>(wpd.c,1954) Begin header parsing...
  <337704781 ms>(wpd.c,2003) Got a line (47 bytes): X-ORACLE-IGNORE: IGNORE
  <337704781 ms>(wpd.c,2021) X-ORACLE-IGNORE parsed
  <337704781 ms>(wpd.c,2003) Got a line (47 bytes): X-ORACLE-IGNORE: IGNORE
  <337704781 ms>(wpd.c,2021) X-ORACLE-IGNORE parsed
  <337704781 ms>(wpd.c,2003) Got a line (47 bytes): X-ORACLE-IGNORE: IGNORE
  <337704781 ms>(wpd.c,2021) X-ORACLE-IGNORE parsed
  <337704781 ms>(wpd.c,2003) Got a line (47 bytes): X-ORACLE-IGNORE: IGNORE
  <337704781 ms>(wpd.c,2021) X-ORACLE-IGNORE parsed
  <337704781 ms>(wpd.c,2003) Got a line (77 bytes): Content-type: text/html; charset=UTF-8
  <337704781 ms>(wpd.c,2102) Parsed header - Content-Type:text/html; charset=UTF-8
  <337704781 ms>(wpd.c,2003) Got a line (49 bytes): X-DB-Content-length: 443
  <337704781 ms>(wpd.c,2162) Parsed header - X-DB-Content-length:443
  <337704781 ms>(wpd.c,2003) Got a line (1 bytes):
  <337704781 ms>(wpd.c,2010) End of headers detected
  <337704843 ms>(wpcs.c, 76) Executed 'begin dbms_session.reset_package; end;' (rc=0)
  <337704843 ms>(wpd.c,1812) Going to close cursor
  <337704843 ms>DeinitCursor
  <337704843 ms>(wpx.c,626) Normal completion
  <337704843 ms>(wpx.c,654) Shutdown has been called
  <337704843 ms>(wpx.c,666) Going to logoff
  <337704843 ms>Logoff: Pooling this connection
  <337704843 ms>[ReqEndtime: 16/Jul/2008:15:23:44]
  <337704843 ms>[ReqExecTime: 1281 ms]
  and the 6136.log file contained...
  <337703562 ms>[ReqStartTime: 16/Jul/2008:15:23:43]
  <337703562 ms>Request ID ReqID:6136_1216239823
  <337703562 ms>(wpdenv.c,663) script_name='/apex/crmqa' path_info='/f'script_prefix='/apex' dad_name='crmqa'
  <337703562 ms>(wpdenv.c,776) User-Agent is Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
  <337703562 ms>(wpdenv.c,1388) dadname = 'crmqa', path_info = 'f'
  <337703562 ms>(wpdenv.c,1427) Service will NOT use dynamic auth
  <337703562 ms>(wpx.c,387) Initialized successfully 0
  <337703562 ms>(wpx.c,309) SetRemoteUser : Remote User set to apex_public_user for this request.
  <337703562 ms>(wpx.c,476) Auth info from .APP file is being used
  <337703562 ms>(wpd.c,1724) Attempting to logon with '(unknown)'
  <337704843 ms>Maximum memory allocated by the request is 75158 bytes
  <337704843 ms>[ReqEndtime: 16/Jul/2008:15:23:44]
  <337704843 ms>[ReqExecTime: 1281 ms]
  The DAD config file contains the following entries...
  # ============================================================================
  # mod_plsql DAD Configuration File
  # ============================================================================
  # 1. Please refer to dads.README for a description of this file
  # ============================================================================
  # /i contains version 221 images
  Alias /i "D:\oracle\product\10.1.0\db_1\Apache\Apache\images"
  Alias /i31 "D:\oracle\product\10.1.0\db_1\Apache\Apache\images311"
  <Location /apex/crmqa>
  SetHandler pls_handler
  Order deny,allow
  Allow from all
  AllowOverride None
  PlsqlCGIEnvironmentList HTTP_IV_USER
  PlsqlDatabaseUsername apex_public_user
  PlsqlDatabasePassword xxx
  PlsqlDatabaseConnectString ip_address:port_number:crmqa1
  PlsqlDefaultPage apex
  PlsqlDocumentTablename wwv_flow_file_objects$
  PlsqlDocumentPath docs
  PlsqlDocumentProcedure wwv_flow_file_mgr.process_download
  PlsqlAuthenticationMode Basic
  PlsqlNLSLanguage AMERICAN_AMERICA.UTF8
  </Location>
  <Location /apex/crmdev>
  SetHandler pls_handler
  Order deny,allow
  Allow from all
  AllowOverride None
  PlsqlCGIEnvironmentList HTTP_IV_USER
  PlsqlDatabaseUsername apex_public_user
  PlsqlDatabasePassword xxx
  PlsqlDatabaseConnectString ip_address:port_number:crmdev1
  PlsqlDefaultPage apex
  PlsqlDocumentTablename wwv_flow_file_objects$
  PlsqlDocumentPath docs
  PlsqlDocumentProcedure wwv_flow_file_mgr.process_download
  PlsqlAuthenticationMode Basic
  PlsqlNLSLanguage AMERICAN_AMERICA.UTF8
  </Location>
  The DAD entries above point to databases on which Apex is version 3.1.1 and we have modified the image prefix on these database to be a value of /i31, using the script reset_image_prefix.sql.
  This DAD file also contains DAD entries (not included above) for other database running Apex 2.2.1 which are using the default image prefix value of /i
  I can ping the database ip address from the machine on which the OHS webserver is running.
  I have installed OHS on my local laptop and have the same problems.
  I can however execute a procedure on the database using the same OHS / DAD configuration running something like http://our_url/apex/crmqa/schema_name.test_connection?v_wait=1where the proc test_connection proc sleeps for v_wait seconds before returning a simple html page confirming that it worked.
  I can login to the apex_public_user account via my SQL Developer client
  At this point I do not know what else to try to resolve this issue. I am about to start trawling through metalink for related issues if I can find anything.
  Any assistance is very much appreciated...
  Thank you.
  Alan

  I also see this post on Metalink - could it be related?
  https://metalink.oracle.com/metalink/plsql/f?p=130:14:12042222629340980284::::p14_database_id,p14_docid,p14_show_header,p14_show_help,p14_black_frame,p14_font:NOT,429261.1,1,1,1,helvetica
  Subject: After upgrading database to 10.2.0.X, getting ORA-06502: PL/SQL: numeric or value error:
  Doc ID: Note:429261.1 Type: PROBLEM
  Last Revision Date: 08-MAY-2008 Status: MODERATED
  In this Document
  Symptoms
  Changes
  Cause
  Solution
  References
  This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process, and therefore has not been subject to an independent technical review.
  Applies to:
  Oracle Application Express (formerly HTML DB) - Version: 2.0.0.0.49
  This problem can occur on any platform.
  Symptoms
  On the Application builder page, when attempting to click details to view the applications, the following error occurs:
  ORA-06502: PL/SQL: numeric or value error: NULL index table key value
  However, the problem seems to disappear after a while..
  Changes
  Upgrade of database (from any version to 10.2.0.1 or 10.2.0.2)
  Cause
  The reason is due to database Bug 4752541 Abstract: APPSST 10G: ORA-6550 AFTER UPGRADE TO 10.2.0.1. However Patch 47552541 is obsoleted and not available via metalink, it was superceded by Patch 5705795.
  This bug is fixed in patchset 10.2.0.4 and above. For current and older versions, Patch 5705795 must be applied. If the patch cannot be found for a particular version or O/S , log a service request with Oracle Support to obtain the patch.
  This is also documented in the Apex forum page: Re: wwv_flow.accept error lists the following bug as
  root cause.
  Solution
  Interim solution:
  Flush the database shared pool when the problem occurs
  Permanent solution:
  Upgrade database to 10.2.0.4 or above
  OR
  Download and apply database Patch 5705795. If the version for your database is not available , create a new Service request from metalink under product RDBMS to request for a patch
  References
  Bug 4752541 - APPSST 10G: ORA-6550 AFTER UPGRADE TO 10.2.0.1
  Keywords
  UPGRADE~DATABASE; UPGRADE~TO~10.2.0.4; UPGRADE~TO~10.2.0.1; APPLICATION~DETAILS; UPGRADE~FROM~10.2.0.2; UPGRADE~TO~10.2.0.3; VIEW~DETAILS;

• Not able to pass portal login page with valid credentials using WebDispatch

  Hi,
  We are implementing SAP BillerDirect Portal. To make BillerDirect Portal available over the internet, we Configured SAP WebDispatcher with SSL termination.  We followed the steps mentioned in SAP Help Documentaion for SAP WebDispatcher with SSL termination.
  http://help.sap.com/saphelp_nw2004s/helpdata/en/76/6d4fa247d0d647b5bd40745400d873/frameset.htm
  We created certificate  and send it to CA (TrustCenter CA). We received the CA response and we imported the certificate.
  AS mentioned in the help document, we configured the SAP Web Dispatcher profile to support SSL termination
  We tried to access our BillerDirect Portal over the internet using below link
  https://company.com/bd
  We are getting login page, once we enter correct user ID and Password, portal is not loading (not going to next page) portal remains on same login page.
  If we enter invalid credentials portal login page is giving u201CUser Authentication Failedu201D error.
  If we try to access any portal login pages which brings a pop-up for login, login gets succeeded and we are able to see next pages
  Examples
  1)     https://company.com/bd/admin/xcm/init.do
  2)     https://company.com/monitoring/SystemInfo
  All pages which bring up portal login page without pop-up, not able to pass through portal login screen.
  We Tried the ProxyMapping option on Dispatcher using Visual admin. This option also didnu2019t work for us.
  Here is the WebDispatcher Profile
  SAPSYSTEMNAME = xxx
  SAPGLOBALHOST = xxxxx
  SAPSYSTEM = 00
  INSTANCE_NAME = W00
  DIR_CT_RUN = $(DIR_EXE_ROOT)\$(OS_UNICODE)\NTI386
  DIR_EXECUTABLE = $(DIR_CT_RUN)
  Accesssability of Message Server
  rdisp/mshost = hostnameofportalserver with FQDN
  ms/http_port = 8101
  Configuration for medium scenario
  icm/max_conn = 500
  icm/max_sockets = 1024
  icm/req_queue_len = 500
  icm/min_threads = 10
  icm/max_threads = 50
  mpi/total_size_MB = 80
  SAP Web Dispatcher Ports
  icm/server_port_0 = PROT=HTTPS,PORT=443
  icm/server_port_1 = PROT=HTTP,PORT=80
  icm/HTTPS/verify_client = 0
  SAP Web Dispatcher Web Administration
  icm/HTTP/admin_0 = PREFIX=/sap/wdisp/admin,DOCROOT=D:\usr\sap\xxx\W00\data\icmanroot\admin,AUTHFILE= D:\usr\sap\xxx\SYS\global\security\data\icmauth.txt
  Parameters for the SAP Cryptographic Library
  ssl/ssl_lib = D:\usr\sap\xxxW00\sapcrypto.dll
  ssl/server_pse = D:\usr\sap\xxx\W00\sec\SAPSSLS.pse
  ssf/name = D:\usr\sap\xxx\W00\sec\SAPSSLS.pse
  ssf/ssfapi_lib =  D:\usr\sap\xxx\W00\sapcrypto.dll
  sec/libsapsecu =  D:\usr\sap\xxx\W00\sapcrypto.dll
  wdisp/ssl_cred = D:\usr\sap\xxx\W00\sec\SAPSSLC.pse
  Parameters for Using SSL to the backend server
  wdisp/ssl_encrypt = 1
  wdisp/ssl_auth = 1
  wdisp/ssl_cred = D:\usr\sap\xxxW00\sec\SAPSSLC.pse
  wdisp/ssl_certhost = hostnameofportalserver with FQDN
  wdisp/ssl_ignore_host_mismatch = true
  #ICM Parameters
  icm/HTTP/j2ee_0 = PREFIX=/, HOST =hostnameofportalserver with FQDN PORT=50000,SPORT=50001, SSLENC=1,TYPE=1, CRED =D:\usr\sap\xxx\W00\sec\SAPSSLC.pse
  We also tried below options in WebDispatcher profile but we are getting same problem.
  wdisp/add_client_protocol_header = true
  wdisp/add_clientprotocol_header = 1
  wdisp/ssl_ignore_host_mismatch = true
  #ICM Parameters
  icm/HTTPS/forward_ccert_as_header = true
  icm/HTTPS/trust_client_with_issuer = *
  icm/HTTPS/trust_client_with_subject = *
  we also tried
  wdisp/ssl_encrypt = 0
  wdisp/ssl_auth = 0
  we also tried
  wdisp/ssl_encrypt = 2
  wdisp/ssl_auth = 2
  We are not able to resolve issue. Please help us on resolving this issue.
  Thanks
  Praveen

  ' in Host Names is not allowed. Our hosname has '_'.
  http://help.sap.com/saphelp_nw70ehp1/helpdata/en/67/be9442572e1231e10000000a1550b0/frameset.htm

• XE database home page link goes to APEX home page after 3.2 upgrade

  Hi - I had Oracle XE running on Win XP all OK.
  Taking the Database home page link took me to http://127.0.0.1:8080/apex/f?p=4550: etc etc BUT it took me to the XE login page which we use for system administration - all good so far.
  I then upgraded (sucessfully) the installed APEX (V2.1) which comes with XE to the new V3.2 version.
  All went well BUT the url above takes me to APEX login page and I can't get to XE adminstration.
  Any ideas or clues how I should upgrade to keep both login pages available ?
  Regards Dave Lee

  davejlee wrote:
  All went well BUT the url above takes me to APEX login page and I can't get to XE adminstration.
  I'm not sure what you mean with this?
  In APEX Upgrade guide are listed 'Database Management Differences between Oracle APEX 2.1 and 3.2'
  http://www.oracle.com/technology/products/database/application_express/html/3.2_and_xe.html

• Https with login page

  Hi,
  How can I make the default APEX login page secure (https)? The other pages will remain http. Is this possible? or I need to make the whole application https.
  I think, in future APEX releases, it will benefit if there are options for declarative control over http/https in the same application.
  Thanks.
  Andy

  Hi Andy,
  just having HTTPS for the login page is insecure, because if you use HTTP for all other pages your session cookie can be stolen by a man-in-the-middle attack. Just remember a year or two ago when somebody released a Firebug plug-in to steal the session cookie for Facebook, Twitter, ... when those user are on the same WiFi.
  Regards
  Patrick
  My Blog: http://www.inside-oracle-apex.com
  APEX Plug-Ins: http://apex.oracle.com/plugins
  Twitter: http://www.twitter.com/patrickwolf