This discussion is archived
6 Replies Latest reply: Apr 28, 2012 2:55 AM by Jan Vervecken RSS

User Self Registration and Authentication

913253 Newbie
Currently Being Moderated
I'm building a web application that requires users to self register and we will be storing those users in our database. Can you use the JAAS (SQLAuthenication) with weblogic to achieve this? Is there a way to call the SQLAuthenication, when I'm creating the user account from the ADF BC layer?
  • 1. Re: User Self Registration and Authentication
    Frank Nimphius Employee ACE
    Currently Being Moderated
    Hi,

    SQL authenticator does not have a self provisioning API in OPSS. This means you need to directly update the database with the new user data. You can then follow the programmatic authentication explained in the ADF Fusion Middleware developer guide to authenticate the user for ADF Security

    Frank
  • 2. Re: User Self Registration and Authentication
    913253 Newbie
    Currently Being Moderated
    So when a user registers from the adf faces layer, it goes to the adf bc layer and writes to the database. At the point when the user needs to log in I can use SQL authenticator? How do I make when i directly update the database with the new user data to hash it the same way that SQL authenticator can read? Also, can you point me to the programmatic authentication documentation ?
  • 3. Re: User Self Registration and Authentication
    Chris Muir Employee ACE
    Currently Being Moderated
    When referring to "user data to hash" do you mean the password? Is yes see:

    http://one-size-doesnt-fit-all.blogspot.com.au/2009/10/part-i-working-with-wls-1031.html
    http://one-size-doesnt-fit-all.blogspot.com.au/2009/10/part-ii-working-with-wls-1031.html

    Regarding your question on "programmatic authentication documentation" see:

    http://docs.oracle.com/cd/E24382_01/web.1112/e16182/adding_security.htm#BGBFJJJH

    Note that the documentation refers to the 11.1.2.1.0 Fusion Developer's Guide. As you haven't posted which specific version of JDeveloper you're using, you might find the previous link gives you code that wont compile because of missing APIs. As such please take the opportunity to refer to the correct manual for your version.

    CM.
  • 4. Re: User Self Registration and Authentication
    913253 Newbie
    Currently Being Moderated
    Yes I meant password. From the article below, when I create the new user in ADF BC, I will have to call the oracle crypto package hash it to SHA-1 then write it to the database table. That way when I use SQLauthenticator set it to SHA-1 the hashed passwords would match up. How would I call the dbms_crypto package from ADF BC? I'm using jdeveloper 11g

    http://one-size-doesnt-fit-all.blogspot.com.au/2009/10/part-i-working-with-wls-1031.html
    http://one-size-doesnt-fit-all.blogspot.com.au/2009/10/part-ii-working-with-wls-1031.html
       
                ViewObject userVO = this.getUserInfoView1();
                //Create user information
                UserInfoViewRowImpl currentRow = (UserInfoViewRowImpl)userVO.createRow();
                currentRow.setUserId(emailAddress);
                //Call oracle_dbms crypto package with disgestPW() method
                currentRow.setUserCurrentPwd(digestPW(password));
                currentRow.setUserFname(firstName);
                currentRow.setUserMi(middleInitial);
                currentRow.setUserLname(lastName);
                userVO.insertRow(currentRow);
                getDBTransaction().commit();  
        
    private String digestPW(String pwd){
               //How would do call the dbms_crpyto package here?
        }
  • 5. Re: User Self Registration and Authentication
    Chris Muir Employee ACE
    Currently Being Moderated
    My 2nd blog post was from the perspective that you're creating the record via a call in the database, not indirectly from the middletier/Java. In your case I suggest you Google solutions for a Java API that provides the hash solution you want "java hash sha1". One that may be applicable: http://www.mkyong.com/java/java-sha-hashing-example/

    CM.
  • 6. Re: User Self Registration and Authentication
    Jan Vervecken Journeyer
    Currently Being Moderated
    fyi
    910250 wrote:
    ... I can use SQL authenticator? ...
    Be wary when using ADF Security (OPSS) with a SQLAuthenticator.

    This is feedback I got in SR 3-4124753004 :

    "If the you want to use DB as the identity store, then the supported way is to buy OVD server license and configure DB adapter in OVD and then configure an OVD authenticator in Weblogic. SQLAuthenticator will not be used as identity store. And, we do not recommend to use LibOVD for DB identity store. OVD server is the recommended and supported way."

    related bugs are :
    - bug 13876651, "FMW CONTROL SHOULD NOT ALLOW MANAGING USERS GROUPS FROM SQL AUTHENTICATOR"
    - enhancement request 12864498, "OPSS : ADDMEMBERSTOAPPLICATIONROLE : THE SEARCH FOR ROLE FAILED"

    related forum threads are :
    - "ADF Security : identity store : tables in a SQL database"
    - "OPSS : addMembersToApplicationRole : The search for role failed"

    regards
    Jan Vervecken

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points