You can use the APEX_CUSTOM_AUTH
package to perform various operations related to authentication and session management.
This function checks for the existence of page-level item within the current page of an application. This function requires the parameter p_item_name
. This function returns a Boolean value (true or false).
APEX_CUSTOM_AUTH.APPLICATION_PAGE_ITEM_EXISTS( p_item_name IN VARCHAR2) RETURN BOOLEAN;
Table 6-1 describes the parameters available in the APPLICATION_PAGE_ITEM_EXISTS function.
Table 6-1 APPLICATION_PAGE_ITEM_EXISTS Parameters
Parameter | Description |
---|---|
|
The name of the page-level item. |
The following example checks for the existence of a page-level item, ITEM_NAME
, within the current page of the application.
DECLARE L_VAL BOOLEAN; BEGIN VAL := APEX_CUSTOM_AUTH.APPLICATION_PAGE_ITEM_EXISTS(:ITEM_NAME); IF L_VAL THEN htp.p('Item Exists'); ELSE htp.p('Does not Exist'); END IF; END;
APEX_CUSTOM_AUTH.CURRENT_PAGE_IS_PUBLIC RETURN BOOLEAN;
The following example checks whether the current page in an application is public.
DECLARE L_VAL BOOLEAN; BEGIN L_VAL := APEX_CUSTOM_AUTH.CURRENT_PAGE_IS_PUBLIC; IF L_VAL THEN htp.p('Page is Public'); ELSE htp.p('Page is not Public'); END IF; END;
This procedure combines the SET_USER
and SET_SESSION_ID
procedures to create one call.
APEX_CUSTOM_AUTH.DEFINE_USER_SESSION( p_user IN VARCHAR2, p_session_id IN NUMBER);
Table 6-2 describes the parameters available in the DEFINE_USER_SESSION
procedure.
Table 6-2 DEFINE_USER_SESSION Parameters
Parameter | Description |
---|---|
|
Login name of the user. |
|
The session ID. |
In the following example, a new session ID is generated and registered along with the current application user.
APEX_CUSTOM_AUTH.DEFINE_USER_SESSION ( :APP_USER, APEX_CUSTOM_AUTH.GET_NEXT_SESSION_ID);
This procedure obtains the properties of the session cookie used in the current authentication scheme for the specified application. These properties can be viewed directly in the Application Builder by viewing the authentication scheme cookie attributes.
APEX_CUSTOM_AUTH.GET_COOKIE_PROPS( p_app_id IN NUMBER, p_cookie_name OUT VARCHAR2, p_cookie_path OUT VARCHAR2, p_cookie_domain OUT VARCHAR2 p_secure OUT BOOLEAN);
Table 6-3 describes the parameters available in the GET_COOKIE_PROPS
procedure.
Table 6-3 GET_COOKIE_PROPS Parameters
Parameter | Description |
---|---|
|
An application ID in the current workspace. |
|
The cookie name. |
|
The cookie path. |
|
The cookie domain. |
|
Flag to set secure property of cookie. |
The following example retrieves the session cookie values used by the authentication scheme of the current application.
DECLARE l_cookie_name varchar2(256); l_cookie_path varchar2(256); l_cookie_domain varchar2(256); l_secure boolean; BEGIN APEX_CUSTOM_AUTH.GET_COOKIE_PROPS( p_app_id => 2918, p_cookie_name => l_cookie_name, p_cookie_path => l_cookie_path, p_cookie_domain => l_cookie_domain, p_secure => l_secure); END;
This procedure obtains the LDAP attributes of the current authentication scheme for the current application. These properties can be viewed directly in Application Builder by viewing the authentication scheme attributes.
APEX_CUSTOM_AUTH.GET_LDAP_PROPS( p_ldap_host OUT VARCHAR2, p_ldap_port OUT INTEGER, p_use_ssl OUT VARCHAR2, p_use_exact_dn OUT VARCHAR2, p_search_filter OUT VARCHAR2, p_ldap_dn OUT VARCHAR2, p_ldap_edit_function OUT VARCHAR2);
Table 6-4 describes the parameters available in the GET_LDAP_PROPS
procedure.
Table 6-4 GET_LDAP_PROPS Parameters
Parameter | Description |
---|---|
|
LDAP host name. |
|
LDAP port number. |
|
Whether SSL is used. |
|
Whether exact distinguished names are used. |
|
The search filter used if exact DN is not used. |
|
LDAP DN string. |
|
LDAP edit function name. |
The following example retrieves the LDAP attributes associated with the current application.
DECLARE l_ldap_host VARCHAR2(256); l_ldap_port INTEGER; l_use_ssl VARCHAR2(1); l_use_exact_dn VARCHAR2(1); l_search_filter VARCHAR2(256); l_ldap_dn VARCHAR2(256); l_ldap_edit_function VARCHAR2(256); BEGIN APEX_CUSTOM_AUTH.GET_LDAP_PROPS ( p_ldap_host => l_ldap_host, p_ldap_port => l_ldap_port, p_use_ssl => l_use_ssl, p_use_exact_dn => l_use_exact_dn, p_search_filter => l_search_filter, p_ldap_dn => l_ldap_dn, p_ldap_edit_function => l_ldap_edit_function); END;
This function generates the next session ID from the Oracle Application Express sequence generator. This function returns a number.
APEX_CUSTOM_AUTH.GET_NEXT_SESSION_ID RETURN NUMBER;
The following example generates the next session ID and stores it into a variable.
DECLARE VAL NUMBER; BEGIN VAL := APEX_CUSTOM_AUTH.GET_NEXT_SESSION_ID; END;
This function returns a number with the value of the security group ID that identifies the workspace of the current user.
APEX_CUSTOM_AUTH.GET_SECURITY_GROUP_ID RETURN NUMBER;
The following example retrieves the Security Group ID for the current user.
DECLARE VAL NUMBER; BEGIN VAL := APEX_CUSTOM_AUTH.GET_SECURITY_GROUP_ID; END;
This function returns APEX_APPLICATION
.G_INSTANCE
global variable. GET_SESSION_ID
returns a number.
APEX_CUSTOM_AUTH.GET_SESSION_ID RETURN NUMBER;
The following example retrieves the session ID for the current user.
DECLARE VAL NUMBER; BEGIN VAL := APEX_CUSTOM_AUTH.GET_SESSION_ID; END;
This function returns the Oracle Application Express session ID located by the session cookie in a page request in the current browser session.
APEX_CUSTOM_AUTH.GET_SESSION_ID_FROM_COOKIE RETURN NUMBER;
The following example retrieves the session ID from the current session cookie.
DECLARE VAL NUMBER; BEGIN VAL := APEX_CUSTOM_AUTH.GET_SESSION_ID_FROM_COOKIE; END;
This function returns the APEX_APPLICATION
.G_USER
global variable (VARCHAR2
).
APEX_CUSTOM_AUTH.GET_USER RETURN VARCHAR2;
The following example retrieves the username associated with the current session.
DECLARE VAL VARCHAR2(256); BEGIN VAL := APEX_CUSTOM_AUTH.GET_USER; END;
This function returns user name registered with the current Oracle Application Express session in the internal sessions table. This user name is usually the same as the authenticated user running the current page.
APEX_CUSTOM_AUTH.GET_USERNAME RETURN VARCHAR2;
The following example retrieves the username registered with the current application session.
DECLARE VAL VARCHAR2(256); BEGIN VAL := APEX_CUSTOM_AUTH.GET_USERNAME; END;
This function is a Boolean result obtained from executing the current application's authentication scheme to determine if a valid session exists. This function returns the Boolean result of the authentication scheme's page sentry.
APEX_CUSTOM_AUTH.IS_SESSION_VALID RETURN BOOLEAN;
The following example verifies whether the current session is valid.
DECLARE L_VAL BOOLEAN; BEGIN L_VAL := APEX_CUSTOM_AUTH.IS_SESSION_VALID; IF L_VAL THEN htp.p('Valid'); ELSE htp.p('Invalid'); END IF; END;
Also referred to as the "Login API," this procedure performs authentication and session registration.
APEX_CUSTOM_AUTH.LOGIN( p_uname IN VARCHAR2 DEFAULT NULL, p_password IN VARCHAR2 DEFAULT NULL, p_session_id IN VARCHAR2 DEFAULT NULL, p_app_page IN VARCHAR2 DEFAULT NULL, p_entry_point IN VARCHAR2 DEFAULT NULL, p_preserve_case IN BOOLEAN DEFAULT FALSE);
Table 6-5 describes the parameters available in the LOGIN
procedure.
Parameter | Description |
---|---|
|
Login name of the user. |
|
Clear text user password. |
|
Current Oracle Application Express session ID. |
|
Current application ID. After login page separated by a colon (:). |
|
Internal use only. |
|
If true, do not upper |
The following example performs the user authentication and session registration.
BEGIN APEX_CUSTOM_AUTH.LOGIN ( p_uname => 'FRANK', p_password => 'secret99', p_session_id => V('APP_SESSION'), p_app_page => :APP_ID||':1'); END;
Note:
Do not use bind variable notations forp_session_id
argument.This procedure causes a logout from the current session by unsetting the session cookie and redirecting to a new location.
APEX_CUSTOM_AUTH.LOGOUT( p_this_app IN VARCHAR2 DEFAULT NULL, p_next_app_page_sess IN VARCHAR2 DEFAULT NULL, p_next_url IN VARCHAR2 DEFAULT NULL);
Table 6-6 describes the parameters available in the LOGOUT
procedure.
Parameter | Description |
---|---|
|
Current application ID. |
|
Application and page number to redirect to. Separate multiple pages using a colon (:) and optionally followed by a colon (:) and the session ID (if control over the session ID is desired). |
|
URL to redirect to (use this instead of |
The following example causes a logout from the current session and redirects to page 99
of application 1000
.
BEGIN APEX_CUSTOM_AUTH.LOGOUT ( p_this_app => '1000', p_next_app_page_sess => '1000:99'); END;
This procedure performs session registration, assuming the authentication step has been completed. It can be called only from within an Oracle Application Express application page context.
APEX_CUSTOM_AUTH.POST_LOGIN( p_uname IN VARCHAR2 DEFAULT NULL, p_session_id IN VARCHAR2 DEFAULT NULL, p_app_page IN VARCHAR2 DEFAULT NULL, p_preserve_case IN BOOLEAN DEFAULT FALSE);
Table 6-7 describes the parameters available in the POST_LOGIN
procedure.
Table 6-7 POST_LOGIN Parameters
Parameter | Description |
---|---|
|
Login name of user. |
|
Current Oracle Application Express session ID. |
|
Current application ID and after login page separated by a colon (:). |
|
If true, do not include |
The following example performs the session registration following a successful authentication.
BEGIN APEX_CUSTOM_AUTH.POST_LOGIN ( p_uname => 'FRANK', p_session_id => V('APP_SESSION'), p_app_page => :APP_ID||':1'); END;
This function returns a Boolean result based on the global package variable containing the current Oracle Application Express session ID. Returns true if the result is a positive number and returns false if the result is a negative number.
APEX_CUSTOM_AUTH.SESSION_ID_EXISTS RETURN BOOLEAN;
The following example checks whether the current session ID is valid and exists.
DECLARE L_VAL BOOLEAN; BEGIN L_VAL := APEX_CUSTOM_AUTH.SESSION_ID_EXISTS; IF VAL THEN htp.p('Exists'); ELSE htp.p('Does not exist'); END IF; END;
This procedure sets APEX_APPLICATION
.G_INSTANCE
global variable. This procedure requires the parameter P_SESSION_ID
(NUMBER
) which specifies a session ID.
APEX_CUSTOM_AUTH.SET_SESSION_ID( p_session_id IN NUMBER);
Table 6-8 describes the parameters available in the SET_SESSION_ID
procedure.
Table 6-8 SET_SESSION_ID Parameters
Parameter | Description |
---|---|
|
The session ID to be registered. |
In the following example, the session ID value registered is retrieved from the browser cookie.
APEX_CUSTOM_AUTH.SET_SESSION_ID(APEX_CUSTOM_AUTH.GET_SESSION_ID_FROM_COOKIE);
This procedure combines the operation of GET_NEXT_SESSION_ID
and SET_SESSION_ID
in one call.
APEX_CUSTOM_AUTH.SET_SESSION_ID_TO_NEXT_VALUE;
In the following example, if the current session is not valid, a new session ID is generated and registered.
IF NOT APEX_CUSTOM_AUTH.SESSION_ID_EXISTS THEN APEX_CUSTOM_AUTH.SET_SESSION_ID_TO_NEXT_VALUE; END IF;
This procedure sets the APEX_APPLICATION
.G_USER
global variable. SET_USER
requires the parameter P_USER
(VARCHAR2
) which defines a user ID.
APEX_CUSTOM_AUTH.SET_USER( p_user IN VARCHAR2);
Table 6-9 describes the parameters available in the SET_USER
procedure.
In the following example, if the current application user is NOBODY, then JOHN.DOE is registered as the application user.
IF V('APP_USER') = 'NOBODY' THEN APEX_CUSTOM_AUTH.SET_USER('JOHN.DOE'); END IF;