session/cookie in an app without login page
137621Dec 12 2006 — edited Dec 15 2006Hi,
I know there are several threads about setting a cookie, checking session etc. But none seem to address my issue. Here's my problem:
- I don't have a login page in my apex app. My user logs in from an external program and his userid is captured in the HTTP header variable 'remote_user'.
- I added some PL/SQL code in the 'page sentry function' to check if this user is in the database(basically check if he is in one of the tables) and if he is not, show him the page without the create/edit/delete buttons. If he is in our database, show the same pages with all types of buttons.
- Putting this code in page sentry function seems to work, but I am unable to logout since there is no cookie set! If I try to set a cookie in the page sentry function, it is breaking at the redirect line. Also, I don't think page sentry is the right place to set a cookie since it executes at every page.
- Putting the above code in any other block (session verify function, pre-authentication, authentication, post-authentication etc) does not even execute. I put a simple 'insert' query to see if it executes, but it does not!
Given this, what is the best way and place to set/check cookie in my app? I tried to enhance Scott's session timeout utility, but my app does not have a login function as I explained above, so I am unable to do that. Any help is appreciated!
Thanks.
Shuba