3 Replies Latest reply: Apr 2, 2014 1:32 AM by Hippy Steve RSS

    Problem with  wwv_flow_custom_auth_std.login after 4.2 upgrade.

    Hippy Steve

      Yesterday, the code below worked.  Today I upgraded my dev box to 4.2.4.00.08 and the code doesn't work...

       

      It's a modified login page which looks to a local table to check encrypted passwords before logging in as a default user to apex.  If the user is designated as sysadmin in the local table then they have an apex account and the password is passed directly to wwv_flow_custom_auth_std.login.

      My debugging shows that the code is getting as far as the call to wwv_flow_custom_auth_std.login...

       

      Anybody else seen this?  Have I been incredibly stupid and missed something?

       

      Thanks for any advice...

       

       

      Declare vUser varchar2(30);

       

      vUID int;

      vAccess_group varchar(50);

      vUserCode varchar(100);

      vOK integer :=0;

      vStoredRaw raw(2000);

      vPassCheck varchar(200);

      vPassExpires date;

      vNextPage varchar(10) :=':10';

         decrypted_raw      RAW (2000);             -- stores decrypted binary text

         num_key_bytes      NUMBER := 256/8;        -- key length 256 bits (32 bytes)

         key_bytes_raw      RAW (32);               -- stores 256-bit encryption key

         encryption_type    PLS_INTEGER :=          -- total encryption type

                                  DBMS_CRYPTO.ENCRYPT_AES256

                                + DBMS_CRYPTO.CHAIN_CBC

                                + DBMS_CRYPTO.PAD_PKCS5;

       

      begin

      -- check role, etc

      :F120_ERROR :=null;

      :F120_LOCAL_USER := :P101_USERNAME;

      select  role_desc, pwd_encrypt, pass_expires, USERID into

      vAccess_group, vStoredRaw, vPassExpires, vUID

      from icdb520_users where UPPER(user_code) = UPPER(:P101_USERNAME);

       

       

      :F120_LOCALUID:=vUID;

      :F120_READ_ONLY := instr( vAccess_group,'READ');

      :F120_ACCESS_CODE := vAccess_group;

       

      if upper(vAccess_group) ='SYSADMIN' then

          vOK := 1;

          vUserCode:= :P101_USERNAME;

       

      else

      --  check password before passing default user to APEX

       

         key_bytes_raw :=UTL_I18N.STRING_TO_RAW ('thisisanencryptionkeymyloverdear',  'AL32UTF8');

         decrypted_raw := sys.DBMS_CRYPTO.DECRYPT

            (

               src => vStoredRaw,

               typ => encryption_type,

               key => key_bytes_raw

            );

         vPassCheck := UTL_I18N.RAW_TO_CHAR (decrypted_raw, 'AL32UTF8');

       

          if trim(:P101_PASSWORD) = trim(vPassCheck) then

             vOK:=1;

             vUserCode :='ICDB_USER';

             :P101_PASSWORD := 'icdb.user2010';

          end if;

         --  CHECK FOR EXPIRED...

         if vpassExpires < trunc(sysdate) then

             :FSP_AFTER_LOGIN_URL := 'f?p=&APP_ID.:102';

             vNextPage :=':102';

             :F120_ERROR := 'Pass Expired, NEXT PAGE = ' || vNextPage;

            

         end if;

       

      end if;

       

      if vOK=1 then

       

        wwv_flow_custom_auth_std.login(

          P_UNAME       => vUserCode, 

          P_PASSWORD    => :P101_PASSWORD,

          P_SESSION_ID  => v('APP_SESSION'),

          P_FLOW_PAGE   => :APP_ID|| vNextPage

          );

      end if;

       

      end;