APEX

I am just trying to do my own auhentification scheme, I copied the HTML_DB authentification scheme and replaced the login function with my own to control the set of users. Other parameters are all default as of now.

And ran into a question. Most of the clients I have worked with require a session timeout (so that when a user is idle for more than n minutes, clicking a link or pressing a button gets them back to login page), mostly even configurable by them to some precise time.

I didn't see that setting anywhere in auhtentification scheme definition (it would be nice though, because I have seen session timeout at work in HTML_DB - when I was logged in all weekend and at monday had to log in again after first click). So I tried to do it by myself - quessed, that a good place (decided by its description) would be a Page Sentry Function, that would verify that the user haven't idled too long between touches and save a new touch time for the user. But as it seems to be, at the time of Page Sentry Function calling, the :APP_USER variable isn't set yet so I cannot set touch time for any particular user.

I could of course do the verification and set new time in application-level process (or even worse, on every page as a conditional branching), but then it wouldn't be tied to the authentification scheme and I haven't found a way to branch to a page after some process (I haven't searched much yet, too). So I thought I better ask, whether there is some better place for such logic. And the other question of when exactly is the APP_USER set?