Skip to Main Content

Application Development Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Trying unsuccessfully to get client info through WebLogic

Scott MorrowDec 4 2024

We have a screen in our app that displays all of the existing “Blocking” and “non-blocking” database lockers. It was originally written for Dev6i, and therefore no longer works in Forms 12C with Weblogic. I've been researching for days to try to replace this function with something from WebUtil (which we use in every form) unsuccessfully - All other WebUtil functions we're using work fine.

Most results return the name of the server (instead of the user's machine name), the machine name of the server, etc. I am trying to find a way to rewrite this into something that provides the same output but via WebUtil. Each time I try, it gives me SYSTEM/Server details rather than client details.

as before (as per the code block below) Any suggestions as to how I can migrate this block of code to use WebUtil to return the Oracle Username, OS Username, Client computer name/Client IP address? (Even with the WebUtil functions, it returns Oracle Username: <correct>, OS User: SYSTEM, Client computer name: Weblogic SERVER name, etc.)

(SELECT vs.username                     oracle_user,
        vs.osuser                       os_user,
        vs.machine                      machine,
        objs.object_name                object_name,
        ROUND (locks.ctime / 60, 2)     lock_time_in_minutes,
        vs.serial#
   FROM v$session    vs,
        v$lock       locks,
        DBA_OBJECTS  objs,
        DBA_TABLES   tbls
  WHERE     locks.id1 = objs.object_id
        AND vs.SID = locks.SID
        AND objs.owner = tbls.owner
        AND tbls.owner = 'ADAM'
        AND objs.object_name = tbls.table_name
        AND INSTR (tbls.table_name, 'TRN') = 0
        AND objs.owner != 'SYS'
        AND locks.TYPE = 'TM')

Comments

thatJeffSmith-Oracle Feb 13 2025

Your ENTRA users will get authenticated via JSON Web Tokens, and their Entra roles will determine which ORDS REST APIs they can hit.

When they hit an endpoint, it'll execute code in the database as the database user that owns the schema where the REST API is defined, not as Entra defiend end user. In fact, the Entra users won't have accounts in the database (they could, but wont' need to).

The :current_user field as far as ords is concerned would be the corresponding oauth2 client or JWT issued for the authorizied session.

Your prehook should be able to alter the session to set the context that would put your RLS/VPD security policy in play.

1 - 1

Post Details

Added on Dec 4 2024
0 comments
54 views