Skip to Main Content
Forums

APEX

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Searching LDAP attributes after Authentication

patfmndJun 27 2011 — edited Jun 28 2011
All,
Thanks to Tyler Muth's blog posting on Secure LDAP, I have been able to get authentication working with our SunOne LDAP using a custom authentication scheme. Apex does not natively support SSL authentication where you have to use a secure bind to LDAP with a service DN (which has its own service userID and password) before passing on username, password of the actual user.

Now I am trying to retrieve attributes on that authenticated user -- attributes that are in the LDAP directory like, department, title, etc. Does anyone have some suggestions -- code examples would be great? I looked at the example in Pro Application Express book but what confuses me is how do you pass the username that you already have from the authentication back to a function call to do the 'dbms_ldap.search'. The authentication function closes the LDAP session once the user is authenticated. So now I am in the application with that 'APP_USER'. I believe I now have to do the following steps but not sure how to accomplish them:

1.) I need to re-open an LDAP session ( I assume I still will need to re-bind with LDAP using my service Dn and service password as in the custom Auth that was just done).
2.) I need to pass to the LDAP search the current 'APP_USER and start retrieving the other attributes-- our LDAP admin says that I can perform the search on that 'UID" as it is in our LDAP store.
3.) There is code on a custom LDAPQuery function (built on dbms_ldap.search) in "Pro Oracle App Express" but it sends the data to a table and then does a query on the table to retrieve attributes.

The code in "Pro App Express" does not require that initial Service DN (service username, password) secure bind (assigned to me by our LDAP admin). It looks like it is assuming the binding user is the user whose attributes are sent in the LDAPQuery function call (user and password parameters), but that is not the case in my situation. I want to query based on the currently logged in 'APP_USER' and retrieve attribute data into Form input items on the page the user has just authenticated into.

Any help would be appreciated -- especially if you have done this already and have some sample code!

Thanks,
Pat
This post has been answered by 828941 on Jun 28 2011
Jump to Answer
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Jul 26 2011
Added on Jun 27 2011
#apex, #apex-discussions, #ldap, #plsql
5 comments
1,200 views