APEX

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Authorization Schemes with AD Groups - need help

700739Mar 27 2012 — edited Mar 28 2012

Hi,

i have an application in apex with serveral pages.
To explain lets take the Page6

Authentification is LDAP (only checks if user is in LDAP and password is correct)

In Page 6 i have to restrict access to some elements (items/buttons) to different Users
The Users are in three AD Groups

I created three authorization schemes like:

--------------------------------------------------------------------------------------------------------------------------
DECLARE
v_ldap_group VARCHAR2(256) := 'CN=<group_name>';
i_ret BOOLEAN;

BEGIN

i_ret := chkauth_user_group(:P101_USERNAME, :P101_PASSWORD, v_ldap_group);

IF i_ret THEN

RETURN TRUE;

ELSE

RETURN FALSE;

END IF;

EXCEPTION
WHEN OTHERS THEN
RETURN FALSE;
END;
-------------------------------------

But my problem is, that P101_username and P101_Password is empty as it is purged automatically after the login process
P101_Username could be substituted by v('APP_USER'), but the password not.

My function chkauth_user_group does a simple_bind_s to search for the groups - which works on the database - but needs a password of the user.

Is it possible to search for group_membership without user password? I searched a lot (dmbs_ldap_utl and check_membership) but i get no solution...

Thanks!

regards,
Matthias

This post has been answered by Tom Petrus on Mar 27 2012

Jump to Answer

Locked Post

New comments cannot be posted to this locked post.

Locked on Apr 25 2012

Added on Mar 27 2012

#apex-discussions

6 comments

745 views