13 Replies Latest reply on Jun 19, 2012 9:38 PM by Marc Ramos

    Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1

    Avhsu-Oracle
      Hi all,

      We recently migrate from APEX 3.2 to 4.1. The deep link (FSP_AFTER_LOGIN_URL) does not work.

      We have two applications, say 100 and 200. Application 100 is the central login application. Application 200 refers to application 100 for authentication. Both applications share the same cookie name.

      When accessing via http://..../f?p=200:1, the request is redirected to application 100 login page. This is the expected behavior. However, after login, the APEX doesn't take us back to 200:1. It goes to the app 100 home page.

      Do any of you have the same issue?

      Thanks,
      Avon
        • 1. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
          Phil Broughton
          I have just ventured into merging many apps into a single authentication app as you describe and have the exact same problem. There are no papers I can find that explain how to resolve this problem which has become a real negative feature to what we thought would be a great SSO win.

          If anyone has any way forward (to be able post authentication to return to the originally requested app/page) that would be fantastic.
          • 2. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
            Earl Lewis
            The FSP_AFTER_LOGIN_URL item is an application level item that you should find in all of your apps, unless you removed it. Each of these is distinct to it's own application. One doesn't know about the other, so there's no way, out of the box, for your applications to know that you want deep linking to work across multiple applications.

            I had to deal with this and what I did was try to set the FSP_AFTER_LOGIN_URL in the authentication app to the value from the source app, via the Login navigation link. This is what my Login link looks like for all my apps.

            f?p=970:101:&SESSION.::&DEBUG.::FSP_AFTER_LOGIN_URL:f?p=&APP_ID.|&APP_PAGE_ID.||||||

            Earl
            • 3. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
              Patrick Wolf-Oracle
              Hi,

              with the 4.1.1 patch set this should be fixed. In the patch set we changed the behavior of FSP_AFTER_LOGIN to by a session wide variable. This should fix the above problem where the login app doesn't see the value unless you set it as Earl does.

              Regards
              Patrick
              -----------
              My Blog: http://www.inside-oracle-apex.com
              APEX Plug-Ins: http://apex.oracle.com/plugins
              Twitter: http://www.twitter.com/patrickwolf
              • 4. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
                Earl Lewis
                Patrick Wolf wrote:
                Hi,

                with the 4.1.1 patch set this should be fixed. In the patch set we changed the behavior of FSP_AFTER_LOGIN to by a session wide variable. This should fix the above problem where the login app doesn't see the value unless you set it as Earl does.
                That's great news. Glad to hear. It's something people have been wanting for a while.

                Earl
                • 5. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
                  user13413951
                  Looking forward to 4.1.1 !

                  In the meantime, the solution above seems to work just fine when the deep link includes just a App ID, APP PAGE ID, even a clear cache set of pages.

                  What would be the best method for also putting into the Login Link Item Values that are passed from deep link as I don't think they get set from the URL.


                  In your example, if the link also contained item name/value combinations I don't think the following will work.

                  Original URL : f?p=300:3::::::P3_ITEM1,P3_ITEM2:123,ABC

                  and the Login URL is:

                  f?p=970:101:&SESSION.::&DEBUG.::FSP_AFTER_LOGIN_URL:/f?p=&APP_ID.|&APP_PAGE_ID.||NO||P3_ITEM1,P3_ITEM2|&P3_ITEM1.,&P3_ITEM2./

                  Final URL: f?p=970:101:<session#>.::NO::FSP_AFTER_LOGIN_URL:/f?p=300|3||NO||P3_ITEM1,P3_ITEM2|, < No Values here>

                  as P3_ITEM1 and P3_ITEM2 don't get set to pass them along to the authentication application.

                  Any thoughts?

                  --Andy                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                  • 6. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
                    Earl Lewis
                    Andy,

                    You should be able to pass those page parameters in the link just fine. Are you sure you have your item/value parameters in the correct location? It appears that you have your item names in the 5th position and they need to go in the 7th position, as seen in this example from the Apex help.
                    Using f?p Syntax to Link Pages
                    
                    You can create links between pages in your application using the following syntax:
                    
                    f?p=App:Page:Session:Request:Debug:ClearCache:itemNames:itemValues:PrinterFriendly
                    Earl
                    • 7. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
                      Phil Broughton
                      Following up from my merging of apex apps to a single authentication mechanism as noted here :

                      http://apps2fusion.com/at/64-kr/413-maintaining-authentication-between-apex-applications

                      I then followed advise above adding just two entries to each of the apps sharing the same cookie

                      Under "Shared Components" > "Security Attributes" > "Login URL" field :

                      f?p=&APP_ID.:LOGIN:&SESSION.::&DEBUG.::FSP_AFTER_LOGIN_URL:f?p=&APP_ID.|&APP_PAGE_ID.

                      On the 101 login page for the shared app, which is not executed, but has a redirect process executed "Before Header" :

                      DECLARE
                      /* launchpad is the name of our custom auth app for all common secured apps */
                      l_redirect_url VARCHAR2(1000) := 'f?p=launchpad:101:'||:SESSION||'::'||:DEBUG||'::FSP_AFTER_LOGIN_URL:'||:FSP_AFTER_LOGIN_URL ||
                      '|&SESSION.|||||' ;
                      BEGIN
                      htp.init();
                      owa_util.redirect_url(l_redirect_url); --- Redirect
                      apex_application.g_unrecoverable_error := true; --- stops all further page processing
                      END;

                      After all of the above, I have a seemless capability to provide users with a URL to a report in any given secured app where they no longer get redirected to page 1 and then dont know how to navigate to the page they first wanted...

                      The version I am using was 4.1.0 (not the 4.1.1 patch) and its fine.

                      Deep Linking in Apex needs more documentation oracle (I never found any manual references or use cases for the FSP_* setting, I'm usually pretty good at finding this stuff !), it shouldn't have been made something that burns our time trying to figure out an optimal method over and over...

                      Hope this helps and thanks earl for setting me down the correct path (Like the pun ?)

                      ==========
                      Next issue I face is one where the user has browser tabs with many apex pages open. If the user re-enters login details, then one page may have the current session_id and all others no longer have this. When you click on a tab/page with the old session_id, you are presented with a login, which in turn sets another session_id rendering all other user browser page/tabs useless and you go around in circles having to login more times than necessary or closing everything and starting over which is most annoying.
                      Clearly we need to be able to fetch the latest "considered current" session id rather than present a login screen again.... Any idea's on this one ?
                      • 8. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
                        450313
                        Hi,

                        I got it working like this:
                        - in your login application (100) create application item APP_ID_FROM
                        - in other apps (200) in authentication schemes set your "Session not valid URL" to: "f?p=100:LOGIN:&SESSION.::::APP_ID_FROM:&APP_ID.". This will set the APP_ID_FROM to the value of current application (200).
                        - create a procedure which you will use in login application (100) as your "Post-Authentication Procedure" in the authentication scheme, like this (note: you should put it into a package):
                        procedure apex_post_auth is
                          v_app_from varchar2(4000);
                          v_after_login_url varchar2(4000);
                        begin
                          -- Find the application from which we were redirected to login
                          v_app_from := apex_util.get_session_state(p_item => 'APP_ID_FROM');
                          if v_app_from is null then
                            return;
                          end if;
                          
                          -- Find value of FSP_AFTER_LOGIN_URL in application from which we were redirected to login
                          v_after_login_url := apex_util.fetch_app_item(p_item    => 'FSP_AFTER_LOGIN_URL'
                                                                       ,p_app     => v_app_from
                                                                       ,p_session => v('SESSION')
                                                                       );
                          -- Override FSP_AFTER_LOGIN_URL in current (login) application
                          if v_after_login_url is not null then
                            apex_util.set_session_state(p_name  => 'FSP_AFTER_LOGIN_URL'
                                                       ,p_value => v_after_login_url
                                                       );
                          end if;
                        end;
                        Since each app has FSP_AFTER_LOGIN_URL item you can get it's value with apex_util.get_session_state(). I noticed that the item's value is implicitly set by APEX engine before redirecting to "Session not valid URL". We can then override the value of FSP_AFTER_LOGIN_URL in login app with the value from application from which we were redirected to login application.

                        Regards,
                        Jure
                        • 9. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
                          Phil Broughton
                          I can see this method works well for the original problem, thanks. However it does not resolve my issue where a user with multiple tabs in a browser has different session_id's in them which cause a domino effect of login requirements as each is unable to update its neighbouring session_id without the apex service somehow telling the browser session about its new/current session_id that should be used.

                          We have users in multiple apps in a single browser/multi tab(ie lots of pages in parallel) that effectively shoot each other in the head with session id conflicts that I think should be relatively easy to rectify, but cannot fathom out how.
                          • 10. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
                            Earl Lewis
                            broughp wrote:
                            Hope this helps and thanks earl for setting me down the correct path (Like the pun ?)
                            broughp,

                            Glad I could help. Please remember to mark helpful or correct answers here on the forum. Those that pitch in really appreciate it. Thanks!

                            Earl
                            • 11. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
                              413144
                              Hi Patrick,

                              The deep link does not seem to work after installing patch set 4.1.1.
                              Is there something else we need to configure?

                              Kind regards,
                              Guido Zeelen
                              • 12. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
                                396969
                                FSP_AFTER_LOGIN_URL also stopped working for us when we migrated to 4.1.

                                Does the patch set 4.1.1 fix the FSP_AFTER_LOGIN_URL issue?

                                We have this item declared as an application item in every application but how does it get set? I don't see it in the authentication scheme? Does it get set automatically?

                                Thanks, Andy
                                • 13. Re: Deep Link (FSP_AFTER_LOGIN_URL) Not Working in APEX 4.1
                                  Marc Ramos
                                  Hello Andy,

                                  Did you resolve the item value problem? I'm trying to accomplish setting the item value but the resulting URL does not contain the value. My link is something like: http://dcfsapx.co.la.ca.us/pls/apext/f?p=495:101:::::::FSP_AFTER_LOGIN_URL:f?p=113:7:NO::::P7_REFERRAL_NO:4006565

                                  The referral_no value does not get passed on/gets lost once the user logs in to application 113. If you have any suggestions, I would surely appreciate it.

                                  Here is my post link:
                                  maintain variable value from url link