14 Replies Latest reply: Jan 11, 2013 11:21 AM by mobra RSS

    Authentication Schemes in apex4.2

    shadab550
      Hi apex dignitaries and all user,

      i m Very New in apex ,i m seeking some help in creating custom Authentication

      I m using APEX4.2 with WLS and DATABASE ORACLE 11g

      I m trying to create a login handler or Authentication for a application
      i m trying to stop a user to login multiple time with same user id

      i mean to say EX: if a user login with some username and pswd he is successfully logged in now again he is trying to login in another browser with same username and password but here i want to stop the user by saying ur already logged in with this user name in confirm pop box and if  want to proceed  click ok to log out from first browser

      Please help me in this

      Thanks and regards
      Shada
        • 1. Re: Authentication Schemes in apex4.2
          TexasApexDeveloper
          How about this..

          Build a authentication scheme that is table based. when they login you set a flag in the table that shows them logged in, when they try with the same user name and password, you check the table/row to see if that item is set, if so then the user can NOT login in again. When they logout of the application, you go and reset that status flag.

          Ask away if you have further questions..

          Thank you,

          Tony Miller
          Ruckersville, VA
          • 2. Re: Authentication Schemes in apex4.2
            fac586
            shadab550 wrote:

            I m trying to create a login handler or Authentication for a application
            i m trying to stop a user to login multiple time with same user id
            Why?

            Anywhere I've ever come across such a short-sighted restriction it has rapidly become apparent that administration and trouble-shooting are much easier where multiple logins are possible.
            • 3. Re: Authentication Schemes in apex4.2
              TexasApexDeveloper
              Paul,
              Sometimes you have to provide this functionality due to politics. People don't seem to get the idea of web based applications and want to restrict their access similar to a server based application... Not saying its right, but you have to play by their rules...

              Thank you,

              Tony Miller
              Ruckersville, VA
              • 4. Re: Authentication Schemes in apex4.2
                shadab550
                Hi Tony Miller,

                Thanks for your quick response

                i did the same think i have created the a procedure to insert a row with session id into a table and i have a indicator in it if he login the indicator will be set N and when i click log out the the indicator will be updated to Y But when he try to open the application from other browser i want to give a confirmation like do u want to login click OK if not click cancel
                but i dnt know how to kill the previous session by clicking on ok button and allowing him to login here and i dnt know javascript

                Please Guide me sir

                Thanks & Best Regards
                Shadab

                Edited by: shadab550 on Jan 3, 2013 10:33 PM
                • 5. Re: Authentication Schemes in apex4.2
                  shadab550
                  Hi Tony Miller,

                  Thanks for your quick response

                  i did the same think i have created the a procedure to insert a row with session id into a table and i have a indicator in it if he login the indicator will be set N and when i click log out the the indicator will be updated to Y But when he try to open the application from other browser i want to give a confirmation like do u want to login click OK if not click cancel
                  but i dnt know how to kill the previous session by clicking on ok button and allowing him to login here and i dnt know javascript

                  Please Guide me sir

                  Thanks & Best Regards
                  Shadab
                  • 6. Re: Authentication Schemes in apex4.2
                    fac586
                    shadab550 wrote:

                    i did the same think i have created the a procedure to insert a row with session id into a table and i have a indicator in it if he login the indicator will be set N and when i click log out the the indicator will be updated to Y But when he try to open the application from other browser i want to give a confirmation like do u want to login click OK if not click cancel
                    but i dnt know how to kill the previous session by clicking on ok button and allowing him to login here and i dnt know javascript
                    And what happens when the user doesn't end the session by clicking logout? What if they close the current browser tab? Or the entire browser window? Or press Cmd-Q? Or click a bookmark for a different location? Or type "p0rn" into the Search box? Or switch to another window and spend the rest of the morning reading Twitter? Or shutdown the machine? Or run out of battery power? Or lose their wifi connection? Or get timed-out during the fire drill? Or go home for the night after locking their PC with everything still running? Or...

                    You'll just end up with a lot of users who know that they're not logged in getting this stupid message. Half of them will panic and swamp the help desk with unnecessary calls. The other half will ignore it and mechanically click through every time it appears, until one time it's not crying wolf and they lose important work in the killed session. Then they call the help desk and demand that their lost data be restored.
                    • 7. Re: Authentication Schemes in apex4.2
                      shadab550
                      Hi fac,

                      yes your correct,

                      see the following scenario.

                      example : i have a application called it as X application ,i have sell one user for this application to a client but 10 users accessing the same user id

                      how to restrict others can u guide me can u give me a solution for this scenario please

                      Thanks & regards
                      Shadab
                      • 8. Re: Authentication Schemes in apex4.2
                        mobra
                        example : i have a application called it as X application ,i have sell one user for this application to a client but 10 users accessing the same user id

                        how to restrict others can u guide me can u give me a solution for this scenario please
                        Query apex_workspace_activity_log and/or apex_workspace_access_log, look at the username/session/IP address/date and time, and send them an additional invoice for x10 users.


                        - Morten

                        http://ora-00001.blogspot.com
                        • 9. Re: Authentication Schemes in apex4.2
                          shadab550
                          hi Morten Braten ,

                          yours profile pic is awesome you look dashing with flute,

                          i had been following your blog for apex tips,

                          sorry to divert the topic i m trying to use google translate i had seen ur blog for translate can u please help me becoz i m unable to create acl for https

                          thanks
                          shadab
                          • 10. Re: Authentication Schemes in apex4.2
                            shadab550
                            hi all

                            can any one guide me on this

                            thanks
                            shadab
                            • 11. Re: Authentication Schemes in apex4.2
                              TexasApexDeveloper
                              How can we help further? Have you TRIED any of the suggestions? The one I suggested will work, as long as what Paul (FAC) pointed out does NOT happen..

                              Build a table with all the users names and ID with passwords in it along with a last logged in column (date with time column)
                              build a CUSTOM authentication function/plugin that will check that the password user name combo is correct and also that the user logged in column for that row is NOT set.
                              if it is not set, set it with the current date/time and let them login, if not deny the login.
                              When they log out normally through application, null out the logged in column

                              Does that help?

                              Thank you,

                              Tony Miller
                              Ruckersville, VA
                              • 12. Re: Authentication Schemes in apex4.2
                                shadab550
                                Hi tony sir,

                                yes ,i have done the same think i m able to restric the user i m raising the eror with oracle when the other user is trying to login yes it was helpful sir
                                but i want to clear the login cookie and that error i want raise as confirmation box sir is that possible when the user other user click ok on confirm box the other user session should be closed and new user should be able to login


                                Thanks
                                Shadab

                                Edited by: shadab550 on Jan 6, 2013 7:30 PM
                                • 13. Re: Authentication Schemes in apex4.2
                                  TexasApexDeveloper
                                  Try reviewing this thread:APEX 4.1 Login page kills existing session cookie It might show you what ar elooking for..

                                  Thank you,

                                  Tony Miller
                                  Ruckersville, VA
                                  • 14. Re: Authentication Schemes in apex4.2
                                    mobra
                                    shadab550 wrote:
                                    hi Morten Braten ,

                                    yours profile pic is awesome you look dashing with flute,

                                    i had been following your blog for apex tips,

                                    sorry to divert the topic i m trying to use google translate i had seen ur blog for translate can u please help me becoz i m unable to create acl for https
                                    I assume you are referring to this blog post:

                                    http://ora-00001.blogspot.no/2009/12/using-google-translate-from-plsql.html

                                    Never mind, because Google no longer offers the Translate API for free: "Google Translate API v1 is no longer available as of December 1, 2011 and has been replaced by Google Translate API v2. Google Translate API v1 was officially deprecated on May 26, 2011. The decision to deprecate the API and replace it with the paid service was made due to the substantial economic burden caused by extensive abuse".

                                    I've updated my blog post to reflect this. The code should still be useful as an example of calling a remote web API from PL/SQL.

                                    - Morten

                                    http://ora-00001.blogspot.com