I am using Oracle Apex v5.1 and application is using LDAP authentication.
I have a separate 'Create new user' form in application which is inserting user details such as NT-IDs, privilege into a user table.
Whenever user is logging to application, login password is been taken care by LDAP directory.
I want to know that is there any way to get user details such as full name, email address etc from LDAP directory instead of manual insertion into my user table?
What query I can use, so that User name/Email id will automatically inserted into table once user has created in that Oracle Apex form.
Please help. Thank you.
You can connect to LDAP using PL/SQL APIs, as described by Tim
You could then construct a pipelined function around this to allow you to query using SQL.
For performance, you could create a materialised view on this query.
This technique was also described in a chapter of an APEX book co-authored with John Scott.
Related
I have the following business problem to solve in a big legacy application written in PL/SQL and Oracle Forms 6i:
Not allow users to log in using their database accounts.
The whole application has around 50 users who use their database accounts. The audit department doesn’t allow that users know their database accounts passwords.
Rewriting the application to use a new user rights logic (using a table like USERS, only 1 database user, etc.) is out of the question as it’s too much work.
I thought about the following solution to use the existing database users:
Create a table USERS with usernames and new passwords, and somehow use a proxy user. In a package the application will check if the provided password is in line with the table USERS, and then connect as 1 of the 50 database users – so all application logic and user rights can stay the same.
But there is one problem with this workaround – you can’t use „connect” in a package. So I can’t use it.
begin
IF
p_in_user == USER2 AND p_in_pass == XXX
THEN
EXECUTE IMMEDIATE 'conn USER2/Password123'; -- doesn't work, using a proxy neither
END IF;
END;
Does anyone has any ideas?
The audit department doesn’t allow that users know their database accounts passwords
You can use encripted passwords.
Oracle allow to use encripted passwords through profile settings.
You can use a function to encript a clear password:
the clear password is given to end user
and on oracle database the user account is created/changed with the encripted password.
The user use his/her clear password to login and during login Oracle conver this to a encripted password for authentication.
Please confirm is this solution is ok, so I can post an example.
I'm using Laravel 5. I see Laravel uses .env to connect databases for example DB_USERNAME and DB_PASSWORD, but i want to log in and use my username and password from my form to connect with those values from withim my oracle database with a table name "dba_users" which has the user and password and some others fields
i want to do that becauses each user has their own granted permissions(roles) to certain tables, thus Oracle would managed the user login permissions and not the .env DB_USERNAME.
Any ideas?
Thanks
The real term or question title for this would be "Dynamic Laravel Database Connections" on multi-tenant application. If you google about it you will find a lot of code like this: https://laracasts.com/discuss/channels/tips/set-up-dynamic-database-connection-globally
We use the IdentityServer3 as our central authentication provider. Now I have a general question about the IdenityServer in an enterprise environment. I try to explain it with the following example:
If a user was successfully authenticated, he get a token from the provider. The token includes the unique ID of the user.
The authenticated user send a request to a WebApi, to create a new item (e.g a new product).
The WebApi extract the unique ID from the token and creates the new product in the database. Additionally the new product was linked with the unique user ID (e.g as creationUserId).
An other user send a request to the WebApi to get all available products.
The WebApi create a database query to retrieve all products. Additionally the WebApi wants to convert the creationUserId of each product to the correlating username. But that is not possible, because username is stored in the identity database which is an other database one than the application database (e.g for the products). Are there some best practices to solve this requirement?
Many thanks for your help!
Regards
Thank you for your answers. I see only one way to realize my requirements:
--> I store the username with the userId in the application database, because a API for translating is to slow.
is it possible to create a Oracle Apex Create Registration Page Using default Users which is accessible as a public page. Without creating a custom authentication.
Yes,
You can use the APEX_UTIL.CREATE_USER procedure to create users in PL/SQL when they sign up.
To use APEX_UTIL.CREATE_USER, you need administrator privilege which is most likely new user won't have it because it is the first time they sign up.
I have an exisiting database which I used to create a Model usign the Database first approach. Please refer to the database diagram.
In my solution file, I have a Class Library of the model which has an ADO.NET connection to the database & and I a ASP.NET MVC 3 web application.
The funcitonality that I'm trying to get here is that - the information displayed once a user logs in is different for every user. How do I link the user login page to the 'user' table of the database? Is it directly using the connection string or do I need to go through the model that I created using the Database?
Add a field to your User table called "ProviderUserKey" or MembershipUserID, or something similar of type uniqueidentifier. You then call Membership.GetUser().ProviderUserKey and use that in your where clause of your User Table to select the correct User record based on the logged in user.