This content has been marked as final. Show 1 reply
if you want 2 applications share the same session you should give them the same login cookie name in the authentication scheme.
1. convey relevant values from the custom auth app (these cannot be one app)
Setup a database context to share values between the applications.
Or use apex_util.fetch_app_item http://docs.oracle.com/cd/E37097_01/doc/doc.42/e35127/apex_util.htm#BABIBAID
2. make certain that users don't just bookmark the target app and bypass my authentication/authorization outcomes -- something here with session ID?
Set the URL for the "session not valid" section of the authentication scheme to the login page of your custom auth app