background preloader

Security

Facebook Twitter

Oracle APEX - Person Details Tutorial 03 (Create and Update Person) Email Details Category: Kishore Ryali Created: 14 April 2009 Written by Kishore Ryali This is the last part of video series to implement Anil's OA Framework Person Details Tutorials in Oracle Application Express. Objective: Implement Create and Update Person capabilities on my Tutorial02 application. Implementation Steps: A brief overview of steps followed: Create new page 'Create Person' of type 'Form on a Table or View'.

CREATE OR REPLACE TRIGGER "XX_PERSON_DETAILS_T1" BEFORE INSERT OR UPDATE ON xx_person_details FOR EACH ROWBEGIN :NEW.last_update_date := SYSDATE; :NEW.last_update_login := -1; :NEW.last_updated_by := 71690; IF INSERTING THEN :NEW.creation_date := SYSDATE; :NEW.created_by := 71690; END IF;END; In Search Page (1), Create a button named 'Create' at the bottom of the region to branch to Create Person Page (4). In Search Page (1), change the report query to add a NULL column 'EDIT_ICON' for Edit. In Create Person Page (4), add a hidden field 'P4_REPORT_TITLE'.

Video: Security | Inside Oracle APEX by Patrick Wolf. You have upgraded to Oracle APEX 3.2 and are getting kicked out of your Oracle APEX Builder each time you are going back to your browser window after you have worked on something else for some time? For the last few days I had this problem quite often and it annoyed me a little bit. Being sure that this behavior is configurable, I asked Anthony Rayner during a chat where I can change that. Continue reading Ok, they are not brand new anymore, they have already been released last month. But in case you are not reading David Peake’s blog or checking regularly the Oracle APEX website on OTN, the APEX team has published the following two new whitepapers: Check them out!

Most users are lacy and don’t want to enter login credentials each time they start up an Oracle APEX application. “Hey I have already logged in into my computer, can’t you use that information for the APEX application?”. Instructions on how to integrate mod_ntlm have been around for quite some time. Continue reading. Authorization and user roles. Apex security. How to login to APEX with EBS login credentials (Authentication Scheme) Email Details Category: Kishore Ryali Created: 24 April 2009 Written by Kishore Ryali Application Security is one of the prime focuses when designing web applications, as they are prone to many security vulnerabilities. Oracle Application Express (APEX) has many built in security features like Authentication, Authorization i.e. access level of the user, session state protection etc. This article helps you understand Authentication schemes in APEX and how to use EBS login credentials in APEX.

Authentication scheme verifies user's identify before they can access your application. From PL/SQL: v('APP_USER')As a bind variable from either PL/SQL or SQL: :APP_USER APEX Authentication Schemes are created/managed in Shared Components > Authenication Schemes (Security section) in your application. APEX comes with Preconfigured authentication schemes. Open Door Credentials: It enables anyone to access your application using a built-inlogin page that captures a user name. 1. 2. 3. 1. 2. 3. 4.

Security using Authorization in APEX. Email Details Category: Kishore Ryali Created: 06 May 2009 Written by Kishore Ryali Authorization is a process of determining whether an authenticated/identified person is permitted to access a resource or do an operation. How is Authorization different from Authentication? Authentication determines Who are you? How to implement Authorization in APEX? To understand APEX Authorization, I will illustrate a simple example in Person Details Demo application. My scenario is a2f_admin can create,delete,edit and view persons.a2f_user can only view persons and does not have privilege to create/delete/edit them. Steps to implement the above scenario: Go to Shared Components > Authorization Schemes (Security section).

Enter name for authorization scheme. Select 1 from demo_userswhere user_name = v('APP_USER')and admin_user = 'Y' Error Message has to be entered. Once the authorization scheme is created, it can be specified to a page or region or page item. Apply Changes. URL for the application: Adding Security to your Application.