1 2 Previous Next 15 Replies Latest reply on Mar 18, 2009 5:47 PM by 617057

    Session 0 and authentication scheme

    512663
      Hello,

      I came across the next thing: I have an application with all public pages and an Authentication Scheme current to Application Express. When I try to use session 0 in my url I always get the next error while branching (using one level tab) :

      Not Found
      The requested URL /pls/apexsaas2/wwv_flow.accept was not found on this server.
      So actually a 404 Not Found error.

      If I use a redirect then I don't get any error. If I change my Authentication Scheme to Database then it works without any problem.

      So I could resolve my problem but I still don't know why it would not work if my pages are public. Can anyone point me in the right direction? Will the authenticaton schema always be checked even if the page is public, maybe that is my problem?

      Kind regards,
      Oli
        • 1. Re: Session 0 and authentication scheme
          60437
          Oli - Can you please create a small demo of this on apex.oracle.com?

          Scott
          • 2. Re: Session 0 and authentication scheme
            512663
            Thx for the reply scott,

            http://apex.oracle.com/pls/otn/f?p=11887:1:0::NO
            Try going to the other tab.

            I can always send you my workspace credentials.

            Kind regards,
            Oli
            • 3. Re: Session 0 and authentication scheme
              60437
              Oli - Thanks, that is very helpful.I have identified the bug which we should be able to fix in the next patch release. Until then, I think the only thing you can do is create at least as many tabs (perhaps with conditions that prevent them from showing) as there are public pages. This may not be convenient to do.

              Scott
              • 4. Re: Session 0 and authentication scheme
                reggieh
                Hi,

                I have a problem with the Session 0 and I am not sure if that patch you released will fix this problem. So here's the thing, it appears that if I have a link using the session 0, it resets the value of my application items or perhaps just my item containing the language preference because I came across that with translation applications.

                Here's an example:

                http://apex.oracle.com/pls/otn/f?p=43805:1:::NO:::

                This application is in french, if you use the "English" link in the navigation bar, you will be in the app in english. On that page, there are two links to the same page. One using the current session (&APP_SESSION.) and the other one using "0". When you click on the first link, you see a text in english, but when you click on the second link it goes back to french.

                My item containing the language preference is FSP_LANGUAGE_PREFERENCE. Maybe there is something I am not doing correctly, but if that is really a bug within Apex, it might cause some problems in translated applications where there's some links to public pages using session 0.

                Reginald
                • 5. Re: Session 0 and authentication scheme
                  60437
                  Reginald,

                  Thanks for that example. I think this is what is to be expected. When a user first uses a link with a zero session ID a new session is created. There is no way during the clicking of the link that the application can know that it was clicked in the context of an existing session. Perhaps upon entry to the application, where you also set the language preference, you should redirect to a link containing a zero session ID and cause that preference to be set in the resultant session. Then all links throughout the application could use the zero session ID without the possibility that the session ID will change.

                  Scott
                  • 6. Re: Session 0 and authentication scheme
                    FMignault
                    Hi Scott,

                    Thanks for your help.

                    If I enter the application with session 0 (http://apex.oracle.com/pls/otn/f?p=43805:1:0) and navigate with the second link that uses session 0 , it works fine.

                    But when I click on the 'English' link that does a BRANCH_TO_PAGE to switch the language of the application in the navbar (top right corner), then I loose the session 0 . Even if the link contains session 0 :
                    http://apex.oracle.com/pls/otn/f?p=43805:2:0:BRANCH_TO_PAGE_ACCEPT:NO::LANG_PAGE:1

                    That causes us problems since we loose the current session and the session state.



                    Francis.
                    http://insum-apex.blogspot.com/
                    • 7. Re: Session 0 and authentication scheme
                      reggieh
                      Thanks Scott,

                      what you said does solve a part of the problem. But like Francis pointed out, the BRANCH_TO_PAGE_ACCEPT seems to assign a new session ID when the current session equals 0, therefore we lose the session 0 but we keep the value of the applications items containing the language. But by losing the session 0, when we click the link with the session 0, we then lose the session state like you said.


                      Reginald
                      • 8. Re: Session 0 and authentication scheme
                        reggieh
                        Hi Scott

                        I'm bumping this thread because I didn't want to make a new one. In regard to my last post.
                        reggieh wrote:
                        Thanks Scott,

                        what you said does solve a part of the problem. But like Francis pointed out, the BRANCH_TO_PAGE_ACCEPT seems to assign a new session ID when the current session equals 0, therefore we lose the session 0 but we keep the value of the applications items containing the language. But by losing the session 0, when we click the link with the session 0, we then lose the session state like you said.


                        Reginald
                        Is there a reason why the BRANCH_TO_PAGE_ACCEPT doesn't use the session 0 and creates a new one instead EVEN if in the link of the language we specify the Session 0?
                        • 9. Re: Session 0 and authentication scheme
                          60437
                          Reggie,

                          If you set up an example on apex.oracle.com, I'll try to get it to do what you want.

                          Scott
                          • 10. Re: Session 0 and authentication scheme
                            reggieh
                            Hi Scott, here's an example:

                            http://apex.oracle.com/pls/otn/f?p=31842:1:0::NO:::

                            The link "English" in the navigation bar using BRANCH_TO_PAGE_ACCEPT contains the 0 session. Yet, when you click it another session is created instead of using the current one.

                            I would like that, when I with the 0 Session that when I click the "English" link it keeps the 0 session too.

                            Thanks
                            • 11. Re: Session 0 and authentication scheme
                              60437
                              Thanks very much for that example. Seems like we have a bug in branch_to_page_accept with the zero session ID feature. We'll get that fixed.

                              In the meantime, see if the changes I made to your application solve the problem.

                              Scott
                              • 12. Re: Session 0 and authentication scheme
                                reggieh
                                Thanks Scott for that workaround. It is doing what I want, I will make some test in my real environment just to make sure but I think it's what I'm looking for.

                                One more thing, what is that line for :

                                apex_application.g_unrecoverable_error := true;

                                Thanks
                                • 13. Re: Session 0 and authentication scheme
                                  60437
                                  Setting that tells the apex engine to quit rendering or processing the page so it doesn't give you any error messages after that point.

                                  Scott
                                  • 14. Re: Session 0 and authentication scheme
                                    reggieh
                                    Oh alright, thanks a lot Scott.
                                    1 2 Previous Next