Home > Uncategorized > Creating your own authentication method in Apex

Creating your own authentication method in Apex

With this operation, you can do your own login page instead of default apex login page.

Firstly, you need to create a package that deal with user login operations. PKG_APP_SECURITY package name is appropriate for this need.


CREATE OR REPLACE PACKAGE BODY PKG_APP_SECURITY
AS

PROCEDURE login

(p_uname IN VARCHAR2,
p_password IN VARCHAR2,
p_session_id IN VARCHAR2,
p_flow_page IN VARCHAR2)
IS
BEGIN
-- THIS PROVIDES AUTHENTICATION
wwv_flow_custom_auth_std.login (
p_uname => p_uname,
p_password => p_password,
p_session_id => p_session_id,
p_flow_page => p_flow_page || ':' || 1);

EXCEPTION
WHEN OTHERS
THEN RAISE;
END login;

PROCEDURE add_user (p_username IN VARCHAR2, p_password IN VARCHAR2)
AS
BEGIN
INSERT INTO P_USERS (username, PASSWORD)
VALUES (UPPER (p_username),
get_hash (TRIM (p_username), p_password));

COMMIT;
EXCEPTION
WHEN OTHERS
THEN ROLLBACK; RAISE;
END add_user;

FUNCTION get_hash (p_username IN VARCHAR2, p_password IN VARCHAR2)
RETURN VARCHAR2
AS
BEGIN
RETURN DBMS_OBFUSCATION_TOOLKIT.md5 (
input_string => UPPER (p_username) || '/' || UPPER (p_password));
END get_hash;

PROCEDURE valid_user2 (p_username IN VARCHAR2, p_password IN VARCHAR2)
AS
v_dummy VARCHAR2 (1);

BEGIN

SELECT '1' INTO v_dummy
FROM P_USERS
WHERE UPPER (username) = UPPER (p_username)
AND PASSWORD = get_hash (p_username, p_password);

EXCEPTION
WHEN NO_DATA_FOUND
THEN raise_application_error (-20000, 'Invalid username / password.');
END valid_user2;

FUNCTION valid_user (p_username IN VARCHAR2, p_password IN VARCHAR2)
RETURN BOOLEAN
AS
BEGIN
valid_user2 (UPPER (p_username), p_password);
RETURN TRUE;
EXCEPTION
WHEN OTHERS
THEN RETURN FALSE;
END valid_user;

END PKG_APP_SECURITY;

The P_USERS table has two columns, types of both columns are varchar2 and first of them is username and second of them is password.

Secondly, you should use an authentication schema. To perform this, in Shared Components, click Authentication Schemas. Then Create Button.

1-> Click “Create Schema” Button.
2-> Write your own authentication schema name, such as “MY AUTH METHOD”.
3-> Then “Create Scheme” button.
4-> After scheme is created, click your authentication schema icon in authentication schemas page.
5-> Then Login Processing tab, in “Authentication Function” textarea, type this:
“RETURN PKG_APP_SECURITY.valid_user”
6-> If this method return false in application the authentication is not successfullied.
7-> Don’t forget, you should set your own authentication schema to as current used.

Last thing we need to do, edit your login page (genrally page 101). Then, in processes tab ( in page processing tab ), click login process. And, type this to process textarea in source tab:
“pkg_app_security.login (P_UNAME => :P101_USERNAME, P_PASSWORD => :P101_PASSWORD, P_SESSION_ID => v(‘APP_SESSION’), P_FLOW_PAGE => :APP_ID );”.

After performed these 3 steps, you can use your own login page with your own user tables in Apex Applications.

Advertisements
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: