Home » Developer & Programmer » Application Express, ORDS & MOD_PLSQL » How to authenticate users using mod_plsql? (Oracle Apps Server v 9.0.3 and Oracle Database v 9.2.0.5)
How to authenticate users using mod_plsql? [message #311094] Thu, 03 April 2008 07:04 Go to next message
m@verick
Messages: 2
Registered: April 2008
Location: Silicon Valley
Junior Member
Problem:

How to authenticate users using mod_plsql?

We have application which is using Oracle Apps Server v 9.0.3 and Oracle Database v 9.2.0.5. This application using mod_plsql cartridges to connect to Oracle database and display the data on the browser. Currently the authentication is done by Basic mode i.e whenever user tries to login, a window pops up by Apps Server and the user has to key in the database user/password.

Now on top of this we are adding a new module to reset the password if the 3 failure attempts have been made. In order to reset the password, we are unable to connect to the database via mod_plsql code.

Would request your help and advice as to how to proceed with this?

Many Thanks in advance,

Report message to a moderator

Re: How to authenticate users using mod_plsql? [message #311220 is a reply to message #311094] Thu, 03 April 2008 14:31 Go to previous messageGo to next message
andrew again
Messages: 2577
Registered: March 2000
Senior Member
The pop up you refer to sounds like a property of the DAD. Verify from the DAD admin page or in the ...Apache/modplsql/conf/dads.conf (if that's the file for 9.0.3).

You can preset the passwd on the DAD, and then when any call comes in to the database, you verify that the user's been authenticated before allowing them to proceed. Check the docs for the easiest way to do this. I had something like this:

Schema A and B. A owns schema objects & packages. Some packages are just security wrappers. These packages are executable by schema B. Schema B is the one you use in the DAD.

Security wrapper retrieves cookie from users browsers to see if they're logged in. If not, redirect to login page. Once authenticated, set cookie in user's browser to expire after say 30 min. After each successful transaction, refresh the cookie to 30 min again.

Cookies work fine as long as you don't jump around across hosts (a cookie can only be retrieved by the domain that set it type of idea...)

Report message to a moderator

Re: How to authenticate users using mod_plsql? [message #311361 is a reply to message #311220] Fri, 04 April 2008 04:46 Go to previous messageGo to next message
m@verick
Messages: 2
Registered: April 2008
Location: Silicon Valley
Junior Member
Hi

I am beginner in Oracle APPS server, would you please help with an example source code as to how to programmatically authenticate users by using mod_plsql.


Many Thanks

Report message to a moderator

Re: How to authenticate users using mod_plsql? [message #312004 is a reply to message #311361] Mon, 07 April 2008 13:51 Go to previous message
andrew again
Messages: 2577
Registered: March 2000
Senior Member
One way is to authenticate externally against an LDAP server. That's what I did. Search this forum and site for LDAP.

Report message to a moderator

Previous Topic: APEX limitations
Next Topic: How to change the Password expiry time?
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Apr 18 09:31:37 CDT 2024
.:: Forum Home :: Blogger Home :: Wiki Home :: Contact :: Privacy ::.