Discussions
Categories
- 385.5K All Categories
- 5.1K Data
- 2.5K Big Data Appliance
- 2.5K Data Science
- 453.4K Databases
- 223.2K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 47 Multilingual Engine
- 606 MySQL Community Space
- 486 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3.2K ORDS, SODA & JSON in the Database
- 585 SQLcl
- 4K SQL Developer Data Modeler
- 188K SQL & PL/SQL
- 21.5K SQL Developer
- 46 Data Integration
- 46 GoldenGate
- 298.4K Development
- 4 Application Development
- 20 Developer Projects
- 166 Programming Languages
- 295K Development Tools
- 150 DevOps
- 3.1K QA/Testing
- 646.7K Java
- 37 Java Learning Subscription
- 37.1K Database Connectivity
- 201 Java Community Process
- 108 Java 25
- 22.2K Java APIs
- 138.3K Java Development Tools
- 165.4K Java EE (Java Enterprise Edition)
- 22 Java Essentials
- 176 Java 8 Questions
- 86K Java Programming
- 82 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.3K Java SE
- 13.8K Java Security
- 208 Java User Groups
- 25 JavaScript - Nashorn
- Programs
- 667 LiveLabs
- 41 Workshops
- 10.3K Software
- 6.7K Berkeley DB Family
- 3.6K JHeadstart
- 6K Other Languages
- 2.3K Chinese
- 207 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 474 Portuguese
public_check_authorization deprecated??
Peeteba
Member Posts: 73
Hello experts,
While debugging an APEX 4.2 application today, I noticed a debug line
Can anyone explain why this line appears?
The documentation doesn't point out that this function is deprecated or is going to be this in the near future.
Thanks in advance for the explanation!
Regards,
Bart
While debugging an APEX 4.2 application today, I noticed a debug line
DEPRECATED: public_check_authorizationwhen using APEX_UTIL.public_check_authorization in a before header PL/SQL process.
Can anyone explain why this line appears?
The documentation doesn't point out that this function is deprecated or is going to be this in the near future.
Thanks in advance for the explanation!
Regards,
Bart
Best Answer
-
Hi Bart,
we have a newer API, it's called apex_authorization.is_authorized. Unfortunately, the documentation for this package didn't make it into 4.2.
Even in later releases, there are no plans to actually remove existing documented APIs. We just want to provide better encapsulated APIs and encourage people to use these, because apex_util is a bit unwieldy.
Regards,
Christian
Answers
-
Let's bring this one up again.
Anyone having an idea?
APEX development team maybe? Patrick Wolf? ...
I use this function very often so if I shouldn't do this anymore, it would be nice to know this.
Regards,
Bart -
Hi Bart,
we have a newer API, it's called apex_authorization.is_authorized. Unfortunately, the documentation for this package didn't make it into 4.2.
Even in later releases, there are no plans to actually remove existing documented APIs. We just want to provide better encapsulated APIs and encourage people to use these, because apex_util is a bit unwieldy.
Regards,
Christian -
Christian - Huh, didn't realize a new API had snuck into the distribution. apex_authorization looks very useful. Question about apex_authorization.reset_cache - Does including the APP keyword in the clear cache position of the f?p= URL do this as well? Or is using this new API the only way?
-
Hi Vikas,
the APP keyword only resets session state, not the cached authorizations. Can you give a use case where this should also reset authorizations?
Regards,
Christian -
Well, the APEX Builder has several declarative methods where we fill in various components of the f?p= URL and the engine constructs the f?p= URL. The use cases that come to mind are in apps that involve some sort of "emulate user" function which would basically do a "logout/login as some other user" but without actually logging out. In these cases, it would be handy if the APP keyword were to clear cached authorizations as well. Of course, there is almost always a page submit involved so it is just as easy to stick a call to apex_authorization.reset_cache in a after-submit component but I thought I would ask.
So, if I understand you correctly, using this new (in 4.x?) API is the only way to reset cached authorizations? -
For "emulate user", I would use apex_authentication.post_login. This overwrites the user in the session and automatically resets authorizations. I guess it does not hurt to also reset on an APP clear cache request, but I would have to test this.
In releases before 4.2, the reset cached authorizations feature was already present via apex_util.reset_authorizations.
Regards,
Christian -
Thanks Christian for the reply.
This explains the debug line. Maybe it would be less confusing to point out to the new API instead of just mentioning the used function is deprecated.
I took a quick look into the package specification and I'll start using the new API instead of APEX_UTIL.
Regards,
Bart -
Are there any more undocumented API's which people are encouraged to use, or is this the only one?
-
Hi,
the deprecation messages were a bit premature, as I tried to explain above. They should not have been added without proper documentation of the newer APIs and you can just ignore them for now. Maybe we will include a reference to the newer APIs in the messages in 5.0, that sounds convenient.
Regards,
Christian -
My concern wasn't about premature deprication, but about your current advise to use undocumented API's
This discussion has been closed.