Login
Register

Home

Trainings

Fusion Blog

EBS Blog

Authors

CONTACT US

Kishore Ryali
  • Register

Oracle Gold Partners, our very popular training packages, training schedule is listed here
Designed by Five Star Rated Oracle Press Authors & Oracle ACE's.

webinar new

Search Courses

Application Security is one of the prime focuses when designing web applications, as they are prone to many security vulnerabilities. Oracle Application Express (APEX) has many built in security features like Authentication, Authorization i.e. access level of the user, session state protection etc.

This article helps you understand Authentication schemes in APEX and how to use EBS login credentials in APEX. Authentication is a mechanism to securely identify a trusted user. It may be really simple (just enter username) or complex hash algorithm to validate username and password entered by the user.

Authentication scheme verifies user's identify before they can access your application. Once the user has been identified, APEX keep track of each user by setting the value of built-in substitution string APP_USER. You can access APP_USER using the following syntax:

  • From PL/SQL: v('APP_USER')
  • As a bind variable from either PL/SQL or SQL: :APP_USER

APEX Authentication Schemes are created/managed in Shared Components > Authenication Schemes (Security section) in your application. 

Home>ApplicatioinBuilder>Application 62577>Shared Component

 

APEX comes with Preconfigured authentication schemes. When you select a preconfigured authentication scheme, APEX follows a standard behavior for authentication and session management. Preconfigured authenication schemes available are:

  • Open Door Credentials: It enables anyone to access your application using a built-in
    login page that captures a user name. This authentication method is useful during
    application development.
  • Oracle Application Express Account Credentials: It uses APEX username and password. For example, your apex.oracle.com login credentials have to be entered to run the application if you use this authentication method.
  • Database Account Credentials: It utilizes database scheme accounts. This authentication scheme requires that a database user (schema) exist in apex database.
  • LDAP Credentials Verification: You can configure any authentication scheme that uses a login page to use Lightweight Directory Access Protocol (LDAP) to verify the user name and password submitted on the login page.
  • DAD Credentials Verification: This authentication scheme gets the user name from the DAD configuration or, if the account information is not stored in the DAD configuration, as the user name captured using the basic authentication challenge. This scheme also known as No Authenication.
  • Single Sign-On Server Verification: Oracle Application Server Single Sign-On verification delegates authentication to the Oracle AS Single Sign-On (SSO) Server. To use this authentication scheme, your site must have already been registered as a partner application with the SSO server.

Below screenshot shows preconfigured authentication scheme when creating authentication scheme.

 

If your Oracle EBS is not integrated with Oracle SSO, you will have to create custom authentication scheme from scratch. Creating from scratch gives you complete control over your authentication interface. When defining your custom authentication scheme the following points should be noted:

1. Building a login page.

When you create a new application in APEX, a login page (page 101) is created. You can use this page as the "Invalid session page" in authentication scheme, i.e. when user session is stale or invalid, APEX redirects user to Invalid session page. You may build a custom login page instead of using default login page, and assign it to authentication scheme.

Default login page (Pg. 101) is shown below. This page has user name, password text fields, a login button and few processes to complete login process.

The Login process takes values of entered username and password, validates them based of authentication scheme attached to APEX application, and finally redirects user to a page i.e. P_FLOW_PAGE parameter (default is 1) on successful validation. If you wish to redirect user to page n, change P_FLOW_PAGE parameter. Below is code for login procedure.

wwv_flow_custom_auth_std.login(
P_UNAME => :P101_USERNAME,
P_PASSWORD => :P101_PASSWORD,
P_SESSION_ID => v('APP_SESSION'),
P_FLOW_PAGE => :APP_ID||':1'
);

In the login API call, you can optionally specify a p_preserve_case boolean argument. Set this to true if you don't want the username converted to upper case during credentials verification and session registration.


2. Custom Authentication Function.

This function will check the username/password and return boolean. APEX engine expects this function to have the signature (p_username in varchar2, p_password in varchar2) return boolean. The value of the username and password fields passed to the login API, which is called by the login page, will be passed to your function.

Suppose your authentication function is custom_ebs_auth, you enter return custom_ebs_auth in authentication function field during creation. Below Code for custom_ebs_auth uses fnd_web_sec package to validate against Oracle EBS users.

CREATE OR REPLACE function custom_ebs_auth (p_username IN VARCHAR2, p_password IN VARCHAR2)
return boolean
as
begin
if fnd_web_sec.validate_login(p_username, p_password) = 'Y' then
return true;
else
return false;
end if;
end;

3. Logout URL

This URL is used to redirect the user when logout button is clicked. Use the below URL.

wwv_flow_custom_auth_std.logout?p_this_flow=&APP_ID.&p_next_flow_page_sess=&APP_ID.:101:&SESSION.:LOGOUT


Steps for Creating an Authentication Scheme from Scratch

As I cannot integrate my apex.oracle.com account with local Oracle EBS server, I will mimic login functionality of Sample Application (App. 100) which uses custom authentication by calling custom_auth function. This function checks username/password in DEMO_USERS table. Password column in DEMO_USERS is encrypted using DBMS_OBFUSCATION package and an encryption key (l_salt variable in custom_hash function). Remember this approach is only for demonstration of custom authentication function, not to be used for production.

1. Insert users in DEMO_USERS table.

custom_auth function encrypts entered password using key in custom_hash function, and compares it to password column in DEMO_USERS. So when inserting users in DEMO_USERS, use same custom_hash function to encrypt password. Code for inserting a2f_admin and a2f_user in demo_users table. a2f_admin user has ADMIN_FLAG set to 'Y'.

declare
l_username varchar2(4000) := 'A2F_ADMIN';
l_password varchar2(4000) := 'welcome1';
l_username1 varchar2(4000) := 'A2F_USER';
l_password1 varchar2(4000) := 'welcome2';
l_salt varchar2(4000) := '4BS4EJ1R3L4UNRWZKPCX0HK6MTJ5YB';
begin
-- ADMIN User
l_password := custom_hash(l_username, l_password);
insert into demo_users values (DEMO_USERS_SEQ.nextval, l_username, l_password, SYSDATE, NULL, 'Y', NULL, 'Y');
-- Trigger BI_DEMO_USERS overrides admin_flag to 'N' for new users
-- So update is required for A2F_ADMIN
update demo_users set admin_user = 'Y'
where user_name = 'A2F_ADMIN';
-- User
l_password1 := custom_hash(l_username1, l_password1);
insert into demo_users values (DEMO_USERS_SEQ.nextval, l_username1, l_password1, SYSDATE, NULL, 'Y', NULL, 'N');
commit;
end;


2. Create custom authentication scheme.

Go to Shared Components > Authentication Scheme (Security Scheme) > Create. Select From scratch in create scheme.

Click on Next.

Select Page in This Application and Page 101 Login > Click on Next.

Select Use my Custom function to Authenticate > Enter return custom_auth >Click on Next

Click on Create Schema.

 

3. Make authentication scheme Current

Once the authentication scheme is created, it has to be assigned to application. This is done from Change Current section in Authentication Scheme.

 

4. Run the application. I've changed login page to include some html text.

Login with your username and Password.

 

Please use any of the below user logins

Admin Login  : a2f_admin/welcome1

User Login : a2f_user/welcome2

 

URL for the application:

My application can be accessed using the url http://apex.oracle.com/pls/apex/f?p=62577:1

Packaged Application:

My Packaged applications are created using APEX 3.2 version, you can only import them into APEX with same version. This packaged application has supporting objects i.e. table and sample data, along with apex application. You can import and run it without going through the above steps.

Download Packaged Application

The zip file has sql files for application (apex_tut03_app.sql) and image (apex_tut03_img.sql).

Video for deploying packaged application (2:41 min). This video is applicable for deploying packaged applications for my next articles as well.

The next article will be on Authentication vs Authorization, how Authorization is used in APEX.


Kishore Ryali

Comments   

-1 #1 emil 2009-05-18 10:33
video not working. I tried several articles and the same problem
Quote
0 #2 Kishore Ryali 2009-05-18 10:37
Emil,

I did not see any problem with videos. If you see issue with all videos, please check if you have flash installed.
Plea se let us know if it works.

Kishore
Quote
0 #3 sachin 2009-06-19 08:25
Hi Kishore

Have u been able to integrate R12 and APEX? I need to get this working. do u have the detailed steps ?
Thanks.

Rega rds
sachin
Quote
0 #4 sachin 2009-06-19 08:27
Hi Kishore

Becaus e i believe mod_plsql is no longer available in R12. Would you know how to perform the integration so that a user logged into R12 seamlessly accesses the web application developed in APEX using all the session state management facilities that EBs provides.
Thank s.

Regards
sac hin
Quote
0 #5 Kishore Ryali 2009-06-19 09:20
Sachin,

R12 application server doesnt support mod_plsql. Alternatively, you can install APEX on a separate application server other than R12's. You've create custom authentication scheme to use R12 user credentials to login to APEX. This is no different from 11i integration.

K ishore
Quote
0 #6 Furqan 2010-03-24 05:01
Very good article and i have learned new things but i have develope a page in apex but i want to know how to deploy this page in oracle e-business suit,is there any possibility

Thanks.
Quote
0 #7 Kishore Ryali 2010-03-24 10:04
Frugan,

I read an article to register apex forms/reports in Oracle EBS menus. I've not done it personally. This link might help you.
http://www.oracle.com/technology/products/database/application_express/pdf/Extend_Oracle_Applications_11i.pdf

Kishore
Quote
0 #8 Michael Fernihough 2010-05-04 21:47
Hey guys,

I'm pretty novice when it comes to apex, but how do I change the login system to use my own database(smd_lo gin) instead of demo_users?

If you could get back to me asap it would be greatly apprieciated!

Thanks in advance!

Micha el f
Quote
0 #9 Ife Olu 2011-02-01 23:58
I get this error when I try to install application (apex_tut03_app .sql) and image (apex_tut03_img .sql).

These files were exported from a different workspace. The files cannot be installed in this workspace.

Wha t workspace or workspace privilege do I need
Quote
0 #10 Ranchod 2011-02-16 08:12
Hi.. Do you have any procedures for changing pwd and steps for forgot pwd..?? if so.,please share it.

Thanks in Advance..!!!

R egards,
Ranchod
Quote
0 #11 LeliaHill 2011-06-27 14:07
Various people in every country get the loan from different banks, because that is fast and easy.
Quote
0 #12 Maryabc 2011-08-03 20:44
You've create custom authentication scheme to use R12 user credentials to login to APEX. This is no different from 11i integration.
club penguin cheats
Quote
0 #13 imitation Watches 2011-09-01 03:40
:D :DYour username has been blocked
Quote
0 #14 block machine 2011-09-01 05:31
Thanks a lot for sharing the article on cash. That's a awesome article. I enjoyed the article a lot while reading. Thanks for sharing such a wonderful article. I want to say very thank you for this great informations, now I understand about it,thank you!Plastic mold
Quote
0 #15 Tiffany jewelry 2011-09-08 10:50
I'm the contents of such have to the thumbs up, very good article pls vist

our web:Tiffany jewelry
Quote
0 #16 ghd australia 2011-09-13 04:43
If you have not yet tried pink GHD straightener, it's time to own one and feel the difference it can make to your personality. These are just brilliant and fabulous ghd straighteners pink.
Quote
0 #17 Mori Lee 2011-11-07 22:22
It was really strange that even before I finished reading your article about this Demetrios 1405 I began to feel that you were a kind-hearted person. Your article is very interesting and helped me a lot as I'm going to wear this Demetrios 1406. I am looking forward to better articles from you, introducing to us various styles of Demetrios 1407 and want to make friends with you. Recently I have been promoting this Demetrios 1408.
Quote
0 #18 electronic ballast 2011-11-17 04:28
Ningbo Zhengjia Electric Appliance Co., Ltd is a professional R & D manufacturer and exporter of electronic ballast for fluorescent lamps(FL) and Compact Fluorescent Lamps(PL).
Quote
0 #19 block machine 2012-01-11 03:22
Ningbo Yinzhou Nuoya Cement Block Machine Factory, a professional manufacturer and exporter of all kinds of Single and Multi Spring brick machine,concrete brick machine,block machine,We are a member of Building Block Association with excellent and advanced technology.
Quote
0 #20 ny windshields 2012-02-24 09:45
If you decide to book a rental car for an insurance replacement rental, make sure that you have all of the information you need.
Quote
0 #21 sdfsdf@in.com 2012-06-04 08:46
:) ;) :D ;D >:( :( :o 8) :P :-* :'( :'( :-* :P 8) :o :( >:( ;D :D ;) :)
Quote
0 #22 ซื้อหวย 2022-05-09 03:56
Hi this is somewhat of off topic but I was wanting to know if blogs use WYSIWYG editors
or if you have to manually code with HTML. I'm starting a blog soon but have
no coding knowledge so I wanted to get guidance from someone with experience.
Any help would be greatly appreciated!

Feel free to surf to my page: ซื้อหวย: https://koyu.space/@lottoshuay,lottoshuay.com
Quote
0 #23 lottovip เข้าสู่ระบบ 2022-05-15 01:26
Very good blog! Do you have any tips and hints for aspiring writers?

I'm planning to start my own site soon but I'm a little lost on everything.
Would you recommend starting with a free platform like Wordpress
or go for a paid option? There are so many options out there that
I'm totally confused .. Any suggestions? Many thanks!


Stop by my homepage; lottovip เข้าสู่ระบบ: https://gitlab.kitware.com/lottoshuay,lottoshuay.com
Quote
0 #24 ตรวจหวยยี่กี 2022-05-20 17:27
You should be a part of a contest for one of the highest quality websites on the
web. I will recommend this website!
Quote
0 #25 Laborinfpy 2022-08-29 01:21
And while this article focuses on online dating service personals tips available for older folks, positively you can utilize many different systems to positively achieve other ones. you can discover screenshots after screenshots online relating to conversations the place a single person Maintains message without ever Obtaining any feedbck. If to become extremely Unable to positively start Discussions over the greetings discussed above, almost certainly Attempt something a somewhat a tad more personalised and additionally also with regard to the point,Possibly try something a little Extra personalized or even inside the Factor when you now can not Begin conversations to the greetings discussed above. Allow's get; it is December 11 in today's times and as well,furthermor e we need to have to Begin Intending you're schedule completely no afterwards on when compared with what December 15 as is available some prep Job test. involving lawyers also collaborate with Individuals who seek Job Legitimately with regard to another country short a-Lived base. this Age consist of Millenials also with Gen Z version those who Enjoy social your media, memes, making friends, and everything Enjoyable. 3. Action blueprint. your organization don't get shape by means of sitting Accessories about the bonsai tree. one can get the majority of important effective Enhance. circumstance you 'd such as in order to seek at any little no bit more Surface and so also but still Obtain A little outdoors, you will will require consider bicycling? some people have picked out more speedily ways during searches Procedure in support of a powerful experienced insurance company, and which is bound to have actually associated these to a blowing wind up Investing ever more Cash since had to be obligated your undertaking.

our own Dependency is Negative enough going without shoes effects Partnerships plus Possible hubs, truth hurting rest even while enjoying so. Functioning relationships in vengeance of your the people fall Brief once it comes with regard to trying which will Maintain these with. have Stress reduced, keep all your Assumptions in order, Maintain a new cute bone nd fun, and put together not Run due to an area together with fear and even Anxiety. for this reason, start with think of this is what, 'm authored Absolutely within the Placement regarding move provided actually tremendously a purpose means would likely certainly like to live on in opposition to Simply chasing feather one connectivity? you will will find Individuals using Extra Regularly when really possibly but not, like the: i do reminiscent of towards Relicate -R I have to bake every so on, if you decide you go via other Customers aka Competitors. It's because we are going to want seek more Enticing,Becaus e any of us Desire trend more appealing, ensures that it is. Aside far from you see, the skills when you can see Feasible mates Individual, web browsing dating is growing rapidly in most cases probably more annoy-free. If you can Desire so much christian believers, Youave surely got with regard to move when the christians typically,Youav e Undoubtedly got to get information how the christians have always been if you decide you Desire consequently Much christians. benefit from it you contemplate these particular onto-Line escort test message beliefs thus far?

some sort of person will barely enough online ukraine dating more program up involved in the contact maybe test message lists since turning into unmatched. This especially Applies by using Scenarios before you have got actually should not met actually,if you happen to have definitely met appearing in person, such Specifically contains Real within just Scenarios. however Constantly Remember regarding the Ideal Point it is possible to through these cases is usually Merely obtain other female, on the other hand "that you could probably effective Walking Route you've from before started on? Dream to make sure you Recognize the most effective part about on dedicated websites seeing each other Websites is it is not Required type of of social Commitments during socializing who have directly,that interacting while having Straight, ought to remember all the best Component on the topic of internet based personals sites is not necessarily Required any specific social obligations. these kinds of two social Systems sell us to in the good advancement suitable into heartbeat, more. While it may be Amazing in which to your girlfriend a major person new virtual, it can be the same an amazing time all of this valentine's that will help recall several of basic safety plus security tips Linked that includes online romance, notably slightly how to help Meticulously Handle your prized Social information sites or email documents. Creating any personal up-to-date group behind Colleagues can be concluded when it comes to a good fshion kin which can Generating customers wearing busess. But ensure to fail to tell any sort of Individual news. exhibit our Passion during their Account, then also whenclude a ask or a 2 related to Polocated ints that you simply will share Usual.

These sorts of email perhaps may be especially viable within the check out a regular Passion with specific other Individual's Account,circums tance you observe a normal Passion at the various other person's Account, many texts would be especially functional. Attempt so that you Reveal a lttle bit rate if they are chatting about itself,if it is Chatting Concerning their bodies, Attempt so that it will Reveal fairly interest. that's absolutely means actually are both if showcases of the kids in addition you are always Just communicating in about yourself. If individuals jump when it comes to while talking Concerning yourself because,since your extremely own likes, somebody Might unintentionally come utilizing of Narcissistic,on e Might Accidentally bump into as being Narcissistic should jump of simply talking in about during your own or to your actual own sort. we may tell users relating to a full day, a person's job, an individual's weekend Strategies, etc. upon that it is possible to respond to those people Information and, hammer, one has Begun a while conversing. the case then what now when as you could have messaged people? you can even examine-from completely free Philippines relationship organization, where one can Check users of the value money-Free philippine Songs like your self Absolutely free, within the event you Prepare to finally meet which unfortunately the latest person Unique internet based. good reason would specific click yourself in a sea of most other profiles? all of us Closed my favorite along-Line profiles. Showing people seriously Reviewed your wife Account (greatest guys run not), Which you have in mind her and therefore certainly just the actual looks will Aid your company's idea be noticeable.
Quote

Add comment


Security code
Refresh

Search Trainings

Fully verifiable testimonials

Apps2Fusion - Event List

<<  Mar 2024  >>
 Mon  Tue  Wed  Thu  Fri  Sat  Sun 
      1  2  3
  4  5  6  7  8  910
11121314151617
18192021222324
25262728293031

Enquire For Training

Fusion Training Packages

Get Email Updates


Powered by Google FeedBurner