MapViewer integrated in Apex - Securing MapViewer Cookie Issue

Similar Messages

• OBIEE/MapViewer Integration

  Hello,
  I'm working through some example documentation to integrate OBIEE and MapViewer and I'm running into an issue.
  When trying to get an Answers report to open based on clicking a map, I'm not able to get Answers report to open in the iframe I've defined in an Answers Narrative request. Instead, its a popup (otherwise it works fine).
  The iframe in the Answers Narrative request is below
  <IFRAME src = "" name="biee" height="400" width="100%"></IFRAME>
  the code for mapclick interaction is below
  themebasedfoi.addEventListener("mouse_click", foiClick);
  function foiClick(point,foi,evt)
  var drillURL =
  "http://localhost:9704/analytics/saw.dll?GO&NQUser=obscure&NQPassword=obscure&Path=/MapViewer/MapViewer2&Options=md&Action=Navigate&P0=1&P1=eq&P2=\"COUNTIES_DIM\".COUNTY&P3="+foi.attrs[0];
  objWin = window.open(drillURL, "biee", "height=480,width=400,scrollbar=yes,resizeable=1");
  Any help is appreciated.
  Thanks

  Hi,
  Follow this links for mapviewer
  http://oraclebizint.wordpress.com/2007/09/25/oracle-bi-ee-10133-and-mapviewer-step-by-step-integration-phase1/
  http://oraclebizint.wordpress.com/2007/09/26/oracle-bi-ee-10133-and-mapviewer-step-by-step-integration-phase2-phase3/
  Regards
  naresh

• Securing mapviewer

  Hi,
  I developed an asp.net application that used to view maps stored in oracle spatial 10g using oracleAS mapviewer (Javascript).
  The problem is: when I publish the application to the internet, it’s easy for any body to copy the javascript file to his own application to connect to the mapviewer url and use our maps and themes.
  So is there any ideas about securing mapviewer to make the maps accessible through my application only or my domain? (like google maps)
  Thanks,,,

  Dear Joao,
  First of all, I would like to thank you for your quick reply.
  The section 1.8 describe the Secure Map Rendering throw an authenticated user.
  As my application is asp.net so it’s connecting to oracleAS mapviewer throw Javascript API. because of that, anybody can copy the Javascript from my application to his own one to access my maps.
  What I want is to ensure that the maps accessible through my application only that’s published on my domain? And securing the connection to mapviewer throw javascript API. like google maps.
  When you want to embed Google Maps in your own web pages. A single Maps API key is valid for a single "directory" or domain.
  [http://code.google.com/apis/maps/signup.html|http://code.google.com/apis/maps/signup.html]
  Regards,,,

• Problem in Integration of Apex with R12

  Hello,
  I followed the paper apex-ebs-extension-white-paper-345780.pdf to do Integration of Apex with R12. but stuck on one step.
  I am done with all the steps in R12. Now if i click the menu in R12, its going to my existing Apex aplication but still asking username and password.
  Can anyone help me out in what exactly I need to change in Apex Authentication scheme in Apex. Right now I am using Authentication scheme as Application Express.
  Please help me out
  Thanks in advance
  Ananya
  Edited by: Ananya on 26 Dec, 2011 8:51 PM

  Hi Mini,
  Thanks a lot for ur replies. But it is not working for me. I am not able to figure out whats going wrong.
  My Requirement is to redirect to the first page of my application without asking for the APEX login page from the EBS menu.
  So summarizing whatever I steps i have followed:-
  (1) Created Profile and function in APPS as given in "apex-ebs-extension-white-paper-345780.pdf"
  (2) I created the following package in APPS schema
       CREATE OR REPLACE PACKAGE APPS.XXAPX_SECURITY_PKG AUTHID DEFINER AS
       FUNCTION generate_hash (
       p_string IN VARCHAR2
       , p_offset IN NUMBER DEFAULT 0) RETURN VARCHAR2;
       FUNCTION validate_hash (
       p_string IN VARCHAR2
       , p_hash IN VARCHAR2
       , p_delay IN NUMBER DEFAULT 5) RETURN BOOLEAN;
       END XXAPX_SECURITY_PKG;
       CREATE OR REPLACE PACKAGE BODY APPS.XXAPX_SECURITY_PKG AS
       g_key VARCHAR2(100);
       FUNCTION generate_hash (
       p_string IN VARCHAR2
       , p_offset IN NUMBER DEFAULT 0) RETURN VARCHAR2
       IS
       BEGIN
       IF p_string IS NULL THEN RETURN NULL; END IF;
       RETURN RAWTOHEX(UTL_RAW.cast_to_raw(
       DBMS_OBFUSCATION_TOOLKIT.MD5(
            input_string=>p_string||':'||
            TO_CHAR(SYSDATE-(p_offset/24*60*60), 'YYYYMMDD HH24MISS')||g_key)));
       END generate_hash;
       FUNCTION validate_hash (
       p_string IN VARCHAR2
       , p_hash IN VARCHAR2
       , p_delay IN NUMBER DEFAULT 5) RETURN BOOLEAN
       IS
       BEGIN
       FOR i IN 0..p_delay LOOP
       IF p_hash = generate_hash (p_string, i) THEN RETURN TRUE; END IF;
       END LOOP;
       RETURN FALSE;
       END validate_hash;
       BEGIN
       SELECT encrypted_user_password INTO g_key
       FROM FND_USER WHERE user_name = 'SYSADMIN';
       END XXAPX_SECURITY_PKG;
  (3) Created a function in the APPS schema:-
       create or replace FUNCTION ebs_authenticate (
       p_username IN VARCHAR2
       , p_password IN VARCHAR2) RETURN BOOLEAN
       AS
       BEGIN
       IF apps.XXAPX_SECURITY_PKG.validate_hash (p_username, p_password) THEN RETURN TRUE; END IF;
       RETURN (apps.FND_WEB_SEC.validate_login (p_username, p_password) = 'Y');
       END ebs_authenticate;
  (4) In my authentication scheme of my apex application i have changed it to use custom authentication to use the below function
       return apps.ebs_authenticate
  (5) Created a procedure in the APPS schema:-
       create or replace PROCEDURE apps_logon
       IS
       v_username VARCHAR2(100);
       v_password VARCHAR2(32);
       BEGIN
       wfa_sec.getsession(v_username);
       v_password := xxapx_security_pkg.generate_hash(FND_GLOBAL.user_name);
       IF v_password IS NOT NULL THEN
       APEX_CUSTOM_AUTH.login(
            P_UNAME => v_username,
            P_PASSWORD => v_password,
            P_SESSION_ID => v('APP_SESSION'),
            P_APP_PAGE => apex_application.g_flow_id||':38'
       ELSE
       RAISE_APPLICATION_ERROR(-20001, 'Password is null, session id = '||icx_sec.g_session_id);
       END IF;
       END apps_logon;
  (6) In my login page, i have created a process Get Username Cookie and with the process point: onload(Before Header)
       BEGIN
       apps.apps_logon;
       EXCEPTION WHEN OTHERS THEN NULL;
       END;
  Now I am getting this error with the login page :-
  ORA-06502: PL/SQL: numeric or value error: character string buffer too small Content-type: text/html; charset=UTF-8 Set-Cookie: WWV_CUSTOM-F_1120314105059329_811=B4134623EB436033; path=/; Location: f?CallFromForm='Y'&p=811:38
  Please help me figure out the problem as I am struggling a lot with this from last few days :(
  Thanks in advance.

• Integration of apex with other applications

  hi all,
  i'm planning on integrating my apex application to a .net express application.. since some of my screens will use webforms and some will use winforms.. to state the obvious, i will use apex for my webforms and .net for my winforms.
  what i want to do is that when i login to apex, i will also be automatically logged in to the .net app whenver i open one of its forms and vice versa.
  i did some reading that apex uses wwv_flow_custom_auth_std package and it executes wwv_flow_custom_auth_std.login after successful authentication? is this right? anyways, what i don't know is how apex checks if a user is logged in so that i can probably have my .net app do the same thing.
  any thoughts?
  thanks
  allen

  Allen
  it executes wwv_flow_custom_auth_std.login after successful authentication? is this right?Not exactly. This procedure, aka "the login api" causes the steps defined in the application's authentication scheme to be followed. It's usually called from the login page and accepts the username, password, session ID and some other information as input. One of the steps in an authentication scheme is credentials verification. Normally, if this optional step succeeds, the session is then registered, i.e., the authenticated username and the current session ID are recorded in the sessions table and a cookie is sent to the browser to be used for session management for the duration of the session. Then the indicated after-login page is redirected to. This is one way to structure an authentication scheme. Another is to use the code often referred to here as the "ntlm page sentry". You can find this is you search a bit. This method causes the user's authenticated status (and identity) to be obtained from the environment, e.g., from headers set by Windows NTLM. So really an application can do authentication and session management any way the developer chooses. It's completely flexible.
  ...anyways, what i don't know is how apex checks if a user is logged inApplication Express doesn't know or care if a user is logged in. Your application can check for this in whatever way you see fit. One way is to compare the value of APP_USER with a known list of unauthenticated users, e.g., APEX_PUBLIC_USER, ANONYMOUS, and nobody.
  Scott

• Enable secure session cookie on Sun ONE Web Server 6.1

  How can I enable secure session cookie (JSESSIONID) on Sun ONE Web Server 6.1?.
  For 6.0 is <session-cookie is-secure="true"/> inside the <web-app> tags in web-apps.xml but I'm not able to find this setting for 6.1.

  There is a fix in 6.1sp5 that enables the session cookie to be marked as secure.
  See the release notes and search for 6262885 under Issues Resolved in 6.1sp5:
  http://docs.sun.com/app/docs/doc/819-2479/6n4p1bdea?a=view

• How to secure CFGLOBALS cookie

  To secure CFGLOBALS  cookie I tried the following method as I did for CFID and CFTOKEN . But its not working for CFGLOBALS . Note that this method is working fine for CFID and CFTOKEN.
  <cfset cf_ssn_cookies = {httponly='true', secure='true'}>
  <cfapplication name="ABCD" clientmanagement="Yes" sessionmanagement="Yes" setclientcookies="Yes"sessioncookie=#cf_ssn_cookies#>
  Any idea why the HTTPOnly and SECURE flags are not setting up for CFGLOBALS cookie.

  Ya .... Can you just send the summary.....
  BK ,  can you do one more help. I have posted another question here How to prevent clickjacking issue in CF. If possible can you just look into it.

• Webdynpro ABAP webservice call to external server  - Cookie issue

  Hi,
  We are experiencing cookie issue while calling webservice to Tivoli system hosted on IBM websphere.
  Steps we have done as follows:
  1. Created a ABAP Proxy class from Tivoli WSDL.
  2. Configured T-Code LPCONFIG to point to above proxy class and logical port.
  3. Configured  SM59 RFC connection to point to Tivoli server using basic authentication mechanism (User ID/Password).
  4. Called webservice method from WebDynpro ABAP program.
  After above steps, we are able to call the webservice method successfully but second time we are experiencing Cookie being adding to the request and eventually no response back to our program.
              When we investigated this cookie issue with IBM Websphere people, they says thay have enabled SSO Config instead of basic authentication and that's why a cookie is being added to the request and fails. when they disabled SSO, we are able to call webservic method sucessfully sevaral times. but now this cannot be no longer disabled as other applications are using SSO enable option. So, we are thinking, is there something that can be done in SAP ECC itself as we see the option of using SSO in SM59 instead of User Id/Password but not sure How?
  If anybody has undergone this scenario/SSO config from ECC SM59 successfully, Please reply back.
  Thanks in advance
  Praveen

  Here is the link that explains how SSO can be configured in SAP.
  http://help.sap.com/saphelp_nw70ehp1/helpdata/en/65/6a563cef658a06e10000000a11405a/frameset.htm
  Once done, under Client PSE in Tcode STRUST, you can upload the certificate obtained from the SSO enabled system and use the client PSE (Default)  in the SSL Client Certificate area of SM59
  I see Thomas has already responded to you and he has written a blog on how to set this up as well.
  KK

• Can XML Publisher 5.6.3(EBS) be integrated with APEX?

  On the following document, XMP Publisher 5.6.2 does not support integration with APEX. May I know about 5.6.3? Or is it about the product being an add-on with EBS causing the non-support to integration(meaning, even 5.6.3 is not supported)?
  http://www.oracle.com/technology/products/database/application_express/html/configure_printing.html
  Thanks,
  Rownald

  APEX integrates with the standalone version of BI Publisher. There was not a server component with the standalone 5.6.3 release. The integration relies on publisher providing a servlet for APEX to communicate with, 5.6.3 does not have this.
  If you are talking 5.6.3 under EBS then I guess you could build a servlet on the mid tier that called the BIP conversion APIs - it would all be custom work.
  The APEX integration needs 10.1.3.2 BIP to work with out of the box.
  Regards
  tim

• Cookie Issues in uzbl- uzbl-cookie-daemon

  I have two gmail accounts, one of which I rarely use. On the gmail login page, the less used account name seems to be permanently set in the Username field. Clicking the "sign in as a different user" link below that doesn't work, it brings me back to the login page with my alternate username filled in and unchangeable. I think this may be a cookies issue, and I don't see any cookies saved by uzbl anywhere, but I'd like to know how to restart the cookies daemons or clear the cookies. Again, I'm not sure what the issue is, so any suggestions are welcome.
  Last edited by soupcan (2010-07-22 03:08:43)

  So I'm still having this problem. uzbl-cookie-daemon seems to be malfunctioning somehow, but I've yet to find a way to view its output to see if I can spot the problem. Whenever I try to visit certain sites, the process "python /usr/bin/uzbl-cookie-daemon -v start" takes up a large part of my cpu and uzbl locks up. I've been unable to get more info than that, aside from the fact that killing the daemon allows me to access the sites in question.

• Weblogic 10.3 secure jsessionid cookie

  Hi,
  I am running my application on weblogic 10.3 app server. And my application is running on both HTTP and HTTPS. My questions is around the JSESSIONID cookie that App server generates and send to client. By default this cookie is non-secure, even if application runs on HTTPS. I want to know, how can Weblogic App Server create a new JSESSIONID cookie which is secure, when application moves from HTTP to HTTPS? My requirement is to run the application on secure JSESSIONID cookie when we use HTTPS.
  How can i achieve it? It's kind of critical to me.
  Any help is highly appreciated.

  I tried setting up the secure cookie by modifying the config.xml.
  But my app server is shutting down forcefully by throwing this message.
  <Aug 28, 2009 1:05:18 PM GMT+05:30> <Error> <Management> <BEA-141244> <Schema va
  lidation errors while parsing D:\bea\user_projects\domains\zendough\config\confi
  g.xml - Expected elements 'weblogic-plugin-enabled@http://www.bea.com/ns/weblogi
  c/920/domain hosts-migratable-services@http://www.bea.com/ns/weblogic/920/domain
  http-trace-support-enabled@http://www.bea.com/ns/weblogic/920/domain key-stores
  @http://www.bea.com/ns/weblogic/920/domain custom-identity-key-store-file-name@h
  ttp://www.bea.com/ns/weblogic/920/domain custom-identity-key-store-type@http://w
  ww.bea.com/ns/weblogic/920/domain custom-identity-key-store-pass-phrase-encrypte
  d@http://www.bea.com/ns/weblogic/920/domain custom-trust-key-store-file-name@htt
  p://www.bea.com/ns/weblogic/920/domain custom-trust-key-store-type@http://www.be
  a.com/ns/weblogic/920/domain custom-trust-key-store-pass-phrase-encrypted@http:/
  /www.bea.com/ns/weblogic/920/domain java-standard-trust-key-store-pass-phrase-en
  crypted@http://www.bea.com/ns/weblogic/920/domain reliable-delivery-policy@http:
  //www.bea.com/ns/weblogic/920/domain message-id-prefix-enabled@http://www.bea.co
  m/ns/weblogic/920/domain default-file-store@http://www.bea.com/ns/weblogic/920/d
  omain candidate-machine@http://www.bea.com/ns/weblogic/920/domain overload-prote
  ction@http://www.bea.com/ns/weblogic/920/domain jdbcllr-table-name@http://www.be
  a.com/ns/weblogic/920/domain jdbcllr-table-xid-column-size@http://www.bea.com/ns
  /weblogic/920/domain jdbcllr-table-pool-column-size@http://www.bea.com/ns/weblog
  ic/920/domain jdbcllr-table-record-column-size@http://www.bea.com/ns/weblogic/92
  0/domain jdbc-login-timeout-seconds@http://www.bea.com/ns/weblogic/920/domain se
  rver-diagnostic-config@http://www.bea.com/ns/weblogic/920/domain auto-jdbc-conne
  ction-close@http://www.bea.com/ns/weblogic/920/domain supported-protocol@http://
  www.bea.com/ns/weblogic/920/domain federation-services@http://www.bea.com/ns/web
  logic/920/domain single-sign-on-services@http://www.bea.com/ns/weblogic/920/doma
  in web-service@http://www.bea.com/ns/weblogic/920/domain nm-socket-create-timeou
  t-in-millis@http://www.bea.com/ns/weblogic/920/domain' instead of 'web-server@ht
  tp://www.bea.com/ns/weblogic/920/domain' here in element server@http://www.bea.c
  om/ns/weblogic/920/domain>
  Here is my config.xml
  <?xml version='1.0' encoding='UTF-8'?>
  <domain xmlns="http://www.bea.com/ns/weblogic/920/domain" xmlns:sec="http://www.bea.com/ns/weblogic/90/security" xmlns:wls="http://www.bea.com/ns/weblogic/90/security/wls" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.bea.com/ns/weblogic/90/security/wls http://www.bea.com/ns/weblogic/90/security/wls.xsd http://www.bea.com/ns/weblogic/920/domain http://www.bea.com/ns/weblogic/920/domain.xsd http://www.bea.com/ns/weblogic/90/security/xacml http://www.bea.com/ns/weblogic/90/security/xacml.xsd http://www.bea.com/ns/weblogic/90/security http://www.bea.com/ns/weblogic/90/security.xsd">
  <name>zendough</name>
  <domain-version>10.3.0.0</domain-version>
  <security-configuration>
  <name>zendough</name>
  <realm>
  <sec:authentication-provider xsi:type="wls:default-authenticatorType"></sec:authentication-provider>
  <sec:authentication-provider xsi:type="wls:default-identity-asserterType">
  <sec:active-type>AuthenticatedUser</sec:active-type>
  </sec:authentication-provider>
  <sec:role-mapper xmlns:xac="http://www.bea.com/ns/weblogic/90/security/xacml" xsi:type="xac:xacml-role-mapperType"></sec:role-mapper>
  <sec:authorizer xmlns:xac="http://www.bea.com/ns/weblogic/90/security/xacml" xsi:type="xac:xacml-authorizerType"></sec:authorizer>
  <sec:adjudicator xsi:type="wls:default-adjudicatorType"></sec:adjudicator>
  <sec:credential-mapper xsi:type="wls:default-credential-mapperType"></sec:credential-mapper>
  <sec:cert-path-provider xsi:type="wls:web-logic-cert-path-providerType"></sec:cert-path-provider>
  <sec:cert-path-builder>WebLogicCertPathProvider</sec:cert-path-builder>
  <sec:name>myrealm</sec:name>
  </realm>
  <default-realm>myrealm</default-realm>
  <credential-encrypted>uuuuuu</credential-encrypted>
  <node-manager-username>weblogic</node-manager-username>
  <node-manager-password-encrypted>kkkkk</node-manager-password-encrypted>
  </security-configuration>
  <server>
  <name>AdminServer</name>
  <ssl>
  <enabled>true</enabled>
  </ssl>
  <listen-port>7001</listen-port>
  <listen-port-enabled>true</listen-port-enabled>
  <listen-address></listen-address>
  <java-compiler>javac</java-compiler>
  <client-cert-proxy-enabled>false</client-cert-proxy-enabled>
  <web-server>
       <auth-cookie-enabled>true</auth-cookie-enabled>
  </web-server>
  </server>
  <embedded-ldap>
  <name>ttttt</name>
  <credential-encrypted>yyyyy</credential-encrypted>
  </embedded-ldap>
  <configuration-version>10.3.0.0</configuration-version>
  <app-deployment>
  <name>hybrisplatform</name>
  <target>AdminServer</target>
  <module-type>ear</module-type>
  <source-path>xxxxx</source-path>
  <deployment-order>100</deployment-order>
  <security-dd-model>DDOnly</security-dd-model>
  <staging-mode>stage</staging-mode>
  </app-deployment>
  <admin-server-name>AdminServer</admin-server-name>
  </domain>

• Web based reporting engine integrated with APEX

  Hello,
  I would like to use some completely web-based reporting solution for my application. My idea is that I will create some datasource, prepare database query and publish some data columns to end users (datamodel). They will choose from many of prepared data areas, create their own report using some intuitive web-based report designer and save it. I do not need it for any analytic purposes, no dynamic filters, graphs and other widgets, no BI. It will be all only about building text based reports with few dynamic fields (customer address, actual date etc..).
  For example: User will prepare some document (template) with few paragraphs and add some of prepared dynamic fields into it (ie. company name, customer address, repeating table with list of employees, some image). Then he will be able to generate same document for many customers etc..
  I am looking for some simple, user friendly web based application. Some external report builder for example for Jasper reports is not what I am looking for.
  I will need to integrate it with  Oracle 11g XE with APEX 4.2 so some API or URL parameters is must.
  Used reporting engine does not be completely free, but I am able to pay max. $5000 for it
  Do you have some tips?
  Thank you

  This could be a solution for APEX reports (interactive reports). But I want to create more complex reports, not only table based reports.
  I need to create for example invoice report with some dynamic fields (customer, invoice items...), another report can be for example some contract about cooperation with some dynamic fields (contract number, personal information ...).
  These reports will be mostly only text based without any table. See example bellow. How would you generate this kind of letter?
  "Hello <CUSTOMER_NAME>, we would like to offer our new product <PRODUCT_NAME> to you..."
  Where CUSTOMER_NAME a PRODUCT_NAME are prepared fields (from some database tables). It will be something very similar to Microsoft Word automatic mailings. User can generate many text based reports and save them as PDF.
  I need to find some web based product, that will be simple for users and can be integrated with APEX.

• How to install apex (and mapviewer) company wide ?

  Hi,
  Until now I've developed some applications on a laptop.
  I want to bring them to my company - in this stage as a "pilot" with a limited number of employees having access.
  What do I need: a database, apex installed and - now is coming what I want to know - application server or http-server ?
  For your information: I'm using also oracle spatial and mapviewer to present data on the map of the netherlands. Therefore I want to install spatial, and mapviewer. An pre-installed oc4j is included in that installation.
  How to combine these issues ?
  Thanks in advance for any reaction.
  Leo

  Hello Leo,
  I'm not sure these issues should be combined. You are talking about 3 different Oracle products, each with its own pre-installation requirements. Regarding oracle spatial and MapViewer, you'll need to ask your DBA (or someone with the proper experience in this forum can help you).
  As for ApEx, you'll need a db version 9.2.0.3 or higher, and you'll need the OHS (Oracle HTTP Server) which is part of the db companion CD, or can be downloaded from OTN.
  As far as I know, Oracle MapViewer is part of the Oracle Application server, just like OC4J and OHS. In this case, you can install all the needed modules of the Application Server, and then installed ApEx. The ApEx installation guide includes information on how to configure the HTTP server, as part of the Application Server.
  Hope this helps,
  Arie.
  .

• APEX Security Integration To E-Business Suite

  Hi all,
  I am reasonably new to APEX and the Forum so please excuse me if this question has been posted previously.
  I am looking at creating applications that leverage the user and organization security that is inherent within E-Biz Suite to control access and data returned within my APEX applications.
  Environment Details:
  O/S: Sun Solaris Unix
  APEX: 3.0.1
  E-Biz: 11.5.10.2 (no SSO)
  APEX and E-Biz use same Apache HTTP Server
  I plan to access the APEX application from a custom Menu item on E-Biz and automatically authenticate the E-Biz user's credentials within APEX processes to determine USER_ID, ORG_ID, SECURITY_GROUP_ID, etc for access control of the returned data queries. The APEX application will be primarily reporting on E-Biz data.
  I would prefer to utilize APEX rather than built custom modules in Application developer Framework (ADF).
  Are there any whitepapers, best practices, or individuals experiences available on this subject that you could share with me please.
  Many thanks :-)
  Kind Regards,
  Gary.

  Hi Gary,
  maybe get in contact with Scott Spendolini from Sumner Technologies (http://sumnertechnologies.com/), I think these guys have some experience integrating APEX with eBusiness Suite.
  Patrick
  My APEX Blog: http://inside-apex.blogspot.com
  The ApexLib Framework: http://apexlib.sourceforge.net
  The APEX Builder Plugin: http://sourceforge.net/projects/apexplugin/

• APEX Security: Multiple session cookies in one browser

  Hi all,
  I use mozilla firefox as web browser. When I open a new tab and enter the APEX application url I will be redirected to the login page. After successfully login I receive the session id and the browser the session cookie WWV_CUSTOM-F....
  When I now open the next browser tab and enter the APEX application url I will be redirected to the login page. After successfully login I receive the new session id and the browser the session cookie WWV_CUSTOM-F... with new content. My session from the first browser tab will be killed, because the session cookie for this session was deleted/replaced by the session cookie from the second tab.
  Is it possible to have multiple APEX sessions opened in one browser in multiple tabs?
  Regards

  Hi PaulP,
  it's simple.
  Unzip bsApex2 http://www.betasoftware.it/codice/bsApex2.zip
  If not installed, install Microsoft .NET Framework 4 Client Profile.
  Configure bsApex.exe.config
  <?xml version="1.0" encoding="utf-8" ?>
  <configuration>
    <appSettings>
      <!-- Application Title -->
      <add key="aTitolo" value="Apex Desktop by Beta Software snc" />
      <!-- Short application title -->
      <add key="aTitoloBreve" value="Apex Desktop" />
      <!-- Window height -->   
      <add key="aAltezza" value="960" />
      <!-- Window width-->
      <add key="aLarghezza" value="1200" />
      <!-- Close botton text -->
      <add key="aChiudi" value="Close" />
      <!-- Print botton text -->
      <add key="aStampa" value="Print" />
      <!-- Application icon-->
      <add key="aIcona" value="bsApex.ico" />
      <!-- Client -->
      <add key="aCliente" value="Apex Community" />
      <!-- Application address -->
      <add key="aIndirizzo" value="http://apex.oracle.com/pls/otn/f?p=23873:1" />
    </appSettings>
  </configuration>Run bsApex.exe, that's all.
  Regards,
  Gianluigi