Thanks for any help offered.
We have a requirement to implement SSO by using a token. We are on version 21. Our code is in a database package so it can be referenced in authentication schemes of various APEX apps. Page Sentry function looks for valid token to Define_User_Session, so far good.
We also have a requirement to populate ACL's (roles) for a given user during session creation. We created a post authentication procedure to populate these ACL's using APEX_ACL.ADD_USER_ROLE. referenced that function in the authentication scheme of post authentication field but was not working. So, we called APEX_CUSTOM_AUTH.POST_LOGIN in page sentry in the end, it creates roles but also creates new session every time this post login is called. sessions are piling up and only clean up is through idle timeout setting, which is not good.
Another issue is, whenever APEX session times out, post_login is throw session is not current error. Even though define user session is executed before. Only option is to clear out the cookie from browser.
Any suggestions on how to resolve the 2 problems ? not create extra session and not having to keep clearing the apex cookies from browser manually.
-SK