Prevent Access to APEX Login

Similar Messages

• Limit access to Apex login page

  Hi,
  We are deploying an application to our users. I need to limit access to Apex login page f?p=4550 to some predefined Ip adresses. Any ideas on this?
  Best regards,
  Onur.

  How exactly the APEX engine forces a '404' to be returned, I am not entirely sure. Perhaps it sends back the Response with the Header Status set to 404 ?Yes, with this process on the login page.
  begin
    if not #OWNER#.wwv_flow_security.ip_check then
        #OWNER#.wwv_flow.g_unrecoverable_error := true;
        sys.owa_util.status_line(404, 'Page Not Found');
        sys.owa_util.http_header_close;
    end if;
  end;Scott

• Database up but cannot access Enterprise Manager or APEX Login

  Newbie here so sorry if this is straightforward.
  I've already searched the forums and have tried to do what is recommended and still have an issue.
  I'm running 10.2 Enterprise on a windows XP virtual machine. It has been working ok for some time.
  I rebooted the VM without shutting down the DB. When it rebooted the database is up and I can run queries using SQLplus. However I can't load any services through a web page eg. Enterprise Manager, APEX login.. I also can't make a connection using SQL Developer. These were all working fine before.
  I've searched these forums already and some people have had similar issues when running 10.2 on a virtual machine and it was the listener that was an issue...
  I deleted and reinstalled the listener using Net Configuration Assitant and restarted the DB but that didn't help.
  Below are the results when i use tnsping. Any advice would be really appreciated! Thanks!
  C:\Documents and Settings\XPMUser>tnsping orcl
  TNS Ping Utility for 32-bit Windows: Version 10.2.0.3.0 - Production on 18-APR-2
  010 01:07:18
  Copyright (c) 1997, 2006, Oracle. All rights reserved.
  Used parameter files:
  C:\oracle\product\10.2.0\db_1\network\admin\sqlnet.ora
  Used TNSNAMES adapter to resolve the alias
  Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = localhos
  t)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = orcl)))
  OK (20 msec)

  This was done AFTER i already have access to APEX....
  Microsoft Windows XP [Version 5.1.2600]
  (C) Copyright 1985-2001 Microsoft Corp.
  C:\Documents and Settings\XPMUser>emctl status dbconsole
  Environment variable ORACLE_SID not defined. Please define it.
  C:\Documents and Settings\XPMUser>emctl start dbconsole
  Environment variable ORACLE_SID not defined. Please define it.
  C:\Documents and Settings\XPMUser>set ORACLE_SID=ORCL
  C:\Documents and Settings\XPMUser>emctl start dbconsole
  OC4J Configuration issue. C:\oracle\product\10.2.0\db_1/oc4j/j2ee/OC4J_DBConsole
  VirtualXP-54269ORCL not found.

• Third party system login page instead of apex login page

  Hello,
  One of my customers wants to login into an apex application using their intranet page. This page has two text fields:
  username and
  password
  and a login button.
  There is no validation done at their side. The goal is to pass this information to apex and apex needs to check if this information is correct (checking against own user tables) and let the user into the application or refuse an access. I am thinking about the best way to do that. Is there anyone out there with some similar experience?
  Denes Kubicek
  http://deneskubicek.blogspot.com/
  http://www.opal-consulting.de/training
  http://apex.oracle.com/pls/otn/f?p=31517:1
  -------------------------------------------------------------------

  Have a look SOLVED: Automatic Login but only if a user is an Oracle User
  Well I effectively do this with our Java application calling an APEX reporting application.
  The trick is to get apex to automatically submit the login page without the user having to pressing the login button.
  Once this works, the rest is fairly straightforward.
  Effectively what happens is our java application calls a procedure which populates a table with
  a username, encrypted password and a checkvalue (randomly generated), and returns the checkvalue to the calling procedure.
  We also have the bones of the URL in a properties file.
  The login page reads the value of the checkvalue from the URL in teh html header using various bits of javascript.
  We have a before header process on the apex login page which reads the information from the table
  table (and deletes it as soon as it reads it).
  It then uses the username, and password obtained from the table and just passes these values to the wwv_flow_custom_auth_std.login procedure.
  I can email you the code if you want.

• SBS2011 Exchange Migration (Server configuration change is temporarily preventing access)

  Greetings,
  I 've begun an exchange migration from SBS2011 (Exch 2010) to 2013 Exchange.  I am on this step of the deployment assistant, for reference,  http://technet.microsoft.com/en-us/exdeploy2013/Checklist?state=2419-W-EQBEAgAAQAAAAQEAAQAAAAg~
  I can login and access any users mailbox with the respective credentials if their mailbox is on the SBS exchange server.
  Ive migrated a couple test users, and while I can access their owa box if I browse to the localhost of the 2013 server, I cannot access their mailbox internally nor externally if I go to the external FQDN of the owa site.  All other users with mailboxes
  still on the 2010 exchange work.
  I get this message for those with mailboxes on the new server: A server configuration change is temporarily preventing access to your account. Please close all Web browser windows and try again in a few minutes. If the problem continues, contact your helpdesk.
  Any ideas?
  Thanks!

  Hi,
  On current situation, please check if you move mailboxes to the new Database properly. Please refer to Olaf’s
  solution in following thread and check if can help you.
  OWA
  not working after SBS2008 to SBS 2011 Migration
  If any update, please feel free to let me know.
  Hope this helps.
  Best regards,
  Justin Gu

• How to access Sap portal login user in ejb web service

  Hi,
  I wnt to access SAP Portal login user in my ejb application which resides on the same server.
  I am using following code
  try {
       IUser user =null;                         IWDClientUser wdUser = WDClientUser.getCurrentUser();
                                user = wdUser.getSAPUser();
                           } catch (WDUMException e) {
                                // TODO Auto-generated catch block
                                e.printStackTrace();
  Some additional jar files are required for this?
  The same code works fine with webDynpro but not with ejb.
  Thanks in advance     
  Best regards,
  Nilesh

  Thanks for reply.
  I have already added com.sap.security.api in my EJB module project classpath. How to add the same in EJB application Project (application-j2ee-engine.xml)?
  Best regards,
  Nilesh

• Prevent the same user login on multiple computers at the same time

  prevent the same user login on multiple computers at the same time

  Is there any way (currently running 2012 Servers) that we can prevent users from logging into multiple domain computers simultaneously with the same username?
  We still want them to log into those computers, just not simultaneously?
  LimitLogin utility not work in Windows 2012 server.
  Thanks.
  Babu
  Unfortunately Windows has never offered this feature as a built-in feature, but there are several possibilities discussed in these articles:
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/0103b5e7-0db5-4fb4-bfe7-d7132983880a/limit-concurrent-logins-on-a-ws-2008-environment
  http://www.edugeek.net/forums/windows-server-2008-r2/61216-multiple-logins.html
  http://windowsitpro.com/windows/prevent-multiple-logons-gpos
  Don
  (Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
  This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!)

• How can I add a UserGroup input in an APEX Login Page

  Hi,
  I am willing to add a UserGroup input (dropdown) in APEX Login page, but I see the default Login page supports only two parameter, i.e. Username and PWD. I see the authentication function wwv_flow_custom_auth_std.login(
  P_UNAME => :P101_USERNAME,
  P_PASSWORD => :P101_PASSWORD,
  P_SESSION_ID => v('APP_SESSION'),
  P_FLOW_PAGE => :APP_ID||':1'
  takes only username and pwd. But I need to add one more field, how can I accomplish this ?

  Hi,
  I have similar structure of the accounting like you.
  I have table users, roles, ...
  Then i use script like this:
  select nvl(1, null)
  from APEX_USER u,
  APEX_USER_ROLE r
  where u.active = 'Y'
  and r.USER_ID = U.ID
  and u.user_name = v('APP_USER')
  and r.appl_id = v('APP_ID')
  and r.is_edit = 'Y'
  and ((instr(group_name, ',NB_EOS,') > 0 and :P2_STATUS not in ('2','0'))
  or instr(group_name, ',NB_ADV_NT_ADM,') > 0 and :P2_STATUS not in ('2','5', '0')
  or instr(group_name, ',NB_CALL_ADMIN,') > 0 and :P2_STATUS not in ('2','5', '0'))
  There i have set the row for each application and user with my defined roles.
  Regards
  J :D

• Is there an alternative to prevent access to a transaction?

  Hello Everyone!
  Is there an alternative to prevent access to a standard transaction when a user has the S_TCODE value already? A custom program was created through batch input recording and there are transaction calls made to the standard transaction. I had to give the S_TCODE value for the program to run for the user, but one requirement was to force the user to use the custom t-code and not use the standard one. Unfortunately, I have provided the user access to the standard t-code as demanded by the program. Is there a way around this? I assume this has to be manipulated in the program.
  Thanks!

  If no further intervention is needed, then you can execute the processing as a batch job with the SYSTEM type jobsstep user?
  If the dialog user is processing the session in SM35 themselves or the job is executed in their name, then must also have been able to process the data manually.
  In the stead of Batch Input, you should also consider redesigning the process to call a BAPI locally or via a group to process the data. This way they typically need the application authorizations but do not need an entry point to them such as S_TCODE or S_RFC.
  Or reconsider the transaction code used in the Batch Input call?
  Or reconsider the person (job function) who executes this processing?
  Or give the originator of the data a webservice to process the data real time?
  Lots of options...
  Cheers,
  Julius

• Web Service posting via SOAP.request - Security settings prevent access...

  I'm trying to call a web service via the SOAP.request object in javascript embedded into my Interactive Form.  I've successfully done this with SAP NetWeaver 7.0 trial version however now I'm having this issue on a production setup.  The PDF generates fine and I can fill out the form and everything.  I checked the properties of both PDF documents (one that works from the trial and one that doesn't from the prod box) and they are the same, expect the one that works is PDF Version 1.6, and the one that doesn't is PDF Version 1.7.
  Here's the client-side error:
  Acrobat EScript Built-in Functions Version 8.0
  Acrobat Annotations / Collaboration Built-in Functions Version 8.0
  Acrobat Annotations / Collaboration Built-in Wizard Functions Version 8.0
  Acrobat Multimedia Version 8.0
  Acrobat SOAP 8.0
  NotAllowedError: Security settings prevent access to this property or method.
  SOAP.request:31:XFA:data[0]:mainform[0]:btnRelease[0]:click
  Here's the snippet of JavaScript code:
  var response = SOAP.request();
  Here are the security properties of the malfunctioning PDF:
  Security Method: No Security
  Can be Opened By: All versions of Acrobat
  Printing: Allowed
  Document Assembly: Not Allowed
  Content Copying: Allowed
  Content Copying for Accessibility: Allowed
  Page Extraction: Not Allowed
  Commenting: Allowed
  Filling of form fields: Allowed
  Signing: Allowed
  Creation of Template Pages: Allowed
  How do I determine what the culprit is?

  Michael,
  PDF Version 1.6 means Adobe Reader 7.0.x family and PDF version 1.7 means Adobe Reader 8.0.x or 9.0.x if I am not wrong.
  Also if you check LiveCycle Designer Help (Using LiveCycle Designer ES > Working with Data Sources > About data sources > Working with data connections) it clearly says that with LiveCycle Designer 8.0 secured web services are not supported and there are additional security settings for Reader 8.0 onwards, that may be causing the issue.
  Chintan

• SaveAs - Security settings prevent access to this property or method.

  Hi,
  This question seems to have been dealt with in this forum on a few occasions but I am still have trouble with it:
  I have written a script to add a footer containing the file name to a PDF and then save the PDF:
  app.addMenuItem( { cName: "newdoc", cUser: "Add Footer", cParent:
  "File", cExec: "AddFooter()", nPos: 0 } );
  function AddFooter()
  for (var p = 0; p < this.numPages; p++)
  var fd = this.addField("Date", "text", p, [10,5, 300,28]);
  fd.textSize=10;
  fd.value = this.path  ;
  var SaveFile = app.trustedFunction(function()
    app.beginPriv();
    this.saveAs(this.path);
    app.endPriv();
  When I try to execute this script I receive an error:
  Security settings prevent access to this property or method.
  Any assistance would be much appreciated.
  eddiec :-)

  At which line do you get the error message? Do you use Adobe Acrobat?

• Page rotate script not working(not allowed error security settings prevent access to this property)

  HI,
  I am using a script to rotate each pages in pdf file when clicking a button. I have added a script to rotate file in the rotate button's click event as a javascript.It is working in acrobat but not in adobe reader. Pleae see the script
  nStart = 0;
  nEnd = this.numPages - 1;
  nRotate = 90;
  try
  if (this.numPages > 0)
             this.setPageRotations(nStart , nEnd , nRotate)
  catch(e)
  app.alert("Processing error: "+e)
  But I'm getting this  error in adobe reader not in acrobat.'not allowed error security settings prevent access to this property or method'. What is the problem. Please anybody tell me.

  OK, so here's what you do:
  - Create a new file in a plain-text editor (I recommend Notepad++), and paste this code into it:
  safeExecMenuItem = app.trustPropagatorFunction(function(code){
      app.beginPriv();
      app.execMenuItem(code);
      app.endPriv();
  mySafeExecMenuItem = app.trustedFunction(function(code){
      app.beginPriv();
      safeExecMenuItem(code);
      app.endPriv();
  Close Reader if it was open and then save this file as "MyScripts.js" and place it in the following directory (this is for Windows):
  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Javascripts
  If you want it to work in Acrobat as well place the file also under:
  C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Javascripts
  Now to rotate the pages clockwise attach this code to your button (in Acrobat, of course):
  mySafeExecMenuItem("RotateCW");
  And to rotate them counter-clockwise, use this code:
  mySafeExecMenuItem("RotateCCW");
  Open your file in Reader and the buttons should rotate the pages when clicked...

• WHY is Adobe Corporation discriminating against lower-income people by preventing access to Flash?

  Please Help! -- I tried to upgrade FLASH PLAYER, but I have an older MAC laptop OS X 10.4 = Version 4.1.3 (4533.19.4). 
  I need to UPGRADE Flash Player; however it's not available -- Recently, I cannot watch some videos or access particular websites.
  I'm a teacher, and CAN'T AFFORD to buy  a new computer at this time.
  > Can Adobe Corp. please help by offering an expanded range of UPGRADE support ??
  WHY IS ADOBE CORP. DISCRIMINATING AGAINST LOWER-INCOME PEOPLE, APPLE USERS and PRIOR COMPUTER VERSIONS -- by preventing access to Flash ???

  How many times are you going to post the same thing??

• Prevent access .flv after burning

  Greetings,
  in my last post i wanted to have a window where i could load a .swf file but i'm thinking that i'm complicating what can be simple.
  My objective is to protect files from being used by the users after putting them on a CD/DVD. In order to do this i was thinking on
  a mechanism based on "localConnection". This way i could create a connection between Director and Lingo and somehow create a
  loader with director. But i'm finding this somehow complicated, i really think that there must be an easier way to do this.
  A portion of code imbued on flv file for example that could prevent the access from users after the cd/dvd is burned.
  Any idea or any example of code that you can help me?
  Thanks for the time spent reading this post and any help that you can give.

  Hi,
  Thanks for your posting.
  > To add some clarity to this, I can access items under Accessories and manually create shortcuts
  > to the location when logged in as user. These shortcuts live under
  > C:\ProgramData\Microsoft\Windows\StartMenu\Programs\Accessories.
  > However, it is the 'Search' on the Start Menu that gets broken
  > The difference after 'Prevent Access to Drives' policy is enabled is we have to type the full name of the executable for the Start Menu search to find
  it
  What do you mean here, that make me confusion. Do you mean your current question is need to type full name to search files or can’t search files under “C:\ProgramData\Microsoft\Windows\StartMenu”?
  After do a test in a real environment, I need take back my first posting. I did set “Prevent access to drives from My Computer” for c driver. But I can search files in both “c:\Windows\system32” and “C:\ProgramData\Microsoft\Windows\StartMenu\Programs\Accessories.”
  Also I can search file by type the full name Snipping Tool or Snip.
  The registry item I found to control “Prevent access to drives from My Computer” is HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewOnDrive
  Refer to NoViewOnDrive
  http://technet.microsoft.com/en-us/library/cc738949(v=WS.10).aspx
  Lawrence
  TechNet Community Support

• Is there a list of global vars somewhere i can access in apex

  is there a list of global vars somewhere i can access in apex
  also can i have the http address in a var in apex

  Hi,
  See the section on Substitution Strings here: http://download.oracle.com/docs/cd/E10513_01/doc/appdev.310/e10499/index.htm#S - this details the available global variables (eg, APP_USER).
  You can define your own substitution strings - these are set on the Shared Components, Definition page - so you could put your url in there. There are other methods as well, such as Application Items or a SQL table (which may be better if you need to get the url value outside of an application)
  Andy