3 Replies Latest reply: Jan 4, 2013 8:45 AM by Earl Lewis RSS

    apex_util.create_user / RESTful Web Services

    Gemma
      Hi,

      I have an apex application in development which we are planning on using the Listener RESTful OAuth 2.0 functionality. We are currently using Apex Authentication.

      What I need to achieve is as follows:

      1. User navigates to public apex page, enters name, e-mail, password etc and signs up for a new account.
      2. Once signed up user, logs onto apex application using credentials entered in step 1.
      3. User credentials created above are integrated with OAuth 2.0 listener functionality for offline device connectivity to Oracle (which will be written in JQuery Mobile/Phone Gap).

      My issue/questions (given the understandable lack of documentation for Listener 2,.0 at this stage):

      1. Step 1 above cannot simply call apex_util.create_user as public page with no admin privileges. As a result, I am thinking I will need to implement custom authentication - Is there any secure workaround to this or is custom auth the way to go?
      2. However, how will custom authentication in Apex integrate with OAuth2.0/Apex Listener. Will this cause an issue/does it only support Apex Authentication.

      Is any documentation for OAuth2.0 and REST APIs available yet?

      Thanks so much for your help.
        • 1. Re: apex_util.create_user / RESTful Web Services
          Gemma
          Can anyone at Oracle help with this?

          Thanks so much.
          • 2. Re: apex_util.create_user / RESTful Web Services
            Colm Divilly
            Hi Gemma,
            unfortunately at the moment you are caught between a rock and a hard place:

            - As you point out there is no way in APEX for a user to self-register themselves, short of developing your own table to store users and configuring APEX custom auth to authenticate against that table
            - Listener can only authenticate against the the APEX user repository, it cannot integrate with custom APEX authentication.

            There may be other options though, by leveraging the authentication capabilities in the JRE and/or WebLogic/GlassFish application servers. We're interested in addressing this use case, so if you wish to investigate further please send me an email ( colm <dot> divilly <at> oracle <dot> com).

            Thanks,

            Colm Divilly
            • 3. Re: apex_util.create_user / RESTful Web Services
              Earl Lewis
              >
              Hi Gemma,
              -- text removed
              - As you point out there is no way in APEX for a user to self-register themselves, short of developing your own table to store users and configuring APEX custom auth to authenticate against that table
              - Listener can only authenticate against the the APEX user repository, it cannot integrate with custom APEX authentication.
              ---text removed---
              Colm Divilly
              Am I correct in my understanding of your statement, that if the Apex Listener is used for the application server, that it doesn't support any sort of custom authentication scheme?

              Earl