Forum Stats

  • 3,853,622 Users
  • 2,264,246 Discussions
  • 7,905,418 Comments

Discussions

Setting home page in post authentication process (SSO)

Elena Ivanova
Elena Ivanova Member Posts: 6
edited Nov 20, 2019 7:17PM in APEX Discussions

Hi Everyone,

Oracle 11 g

APEX 4.2.2

The application is designed for users of different departments / locations of the company, e.g. Australia, New Zealand and Head Office. I'm trying to dynamically set up a home page based on where the user belongs to. The authentication type is SSO, so I've defined the following code in PL/SQL section (see below) and calling the procedure in section. This solution is not working unfortunately... Please, let me know what I'm doing wrong.

PROCEDURE set_home_page AS   v_user_home_page VARCHAR2(3);BEGIN        v_user_home_page :=     CASE         WHEN APEX_UTIL.PUBLIC_CHECK_AUTHORIZATION ('Head Office')             THEN '1'        WHEN APEX_UTIL.PUBLIC_CHECK_AUTHORIZATION ('Australia')            THEN '2'                WHEN APEX_UTIL.PUBLIC_CHECK_AUTHORIZATION ('New Zealand')            THEN '3'        ELSE '1'    END;-- Not sure about this bit ??? --    APEX_APPLICATION.G_HOME_LINK := v_user_home_page;END;
Tagged:
Elena Ivanova

Best Answer

  • fac586
    fac586 Senior Technical Architect Member Posts: 21,216 Red Diamond
    edited Nov 20, 2019 4:02AM Answer ✓
    Elena Ivanova wrote:Scott Wesley wrote:I personally like defining these as pre-rendering branches on the home page. Here you can associate your authorisation scheme declaratively.The thing is that the home page is the "Head Office" page as per current settings, and not all users have access to it. So, I'm not sure pre-rendering will be working for unauthorised users.

    Before Header branches are executed before any page content is sent to the browser so there is no risk of data leakage if the branch logic covers all eventualities before page rendering begins. In this case, page 1 Before Header branches to page 2 associated with the "Australia" authorisation scheme, and to page 3 for the "New Zealand" scheme would be equivalent to the logic defined in the code posted above, where the default behaviour for "unauthorised users" is for them to land on page 1.

    A frequently used technique is to create a home page without any content whatsoever, simply using it as a junction to route users to the appropriate starting page based on the authorisation and condition logic of the pre-rendering components. That is fail safe (providing all of the logic is correct) as should a user fall through without triggering any of the branches or processes they end up harmlessly being shown a blank page (or more likely a basic "Something went wrong. Contact your administrator" message).

    Elena Ivanova

Answers

  • Scott Wesley
    Scott Wesley Member Posts: 6,260 Gold Crown
    edited Nov 19, 2019 8:19PM

    I personally like defining these as pre-rendering branches on the home page. Here you can associate your authorisation scheme declaratively.

    Elena IvanovaElena Ivanova
  • Elena Ivanova
    Elena Ivanova Member Posts: 6
    edited Nov 19, 2019 9:34PM
    Scott Wesley wrote:I personally like defining these as pre-rendering branches on the home page. Here you can associate your authorisation scheme declaratively.

    Scott,

    The thing is that the home page is the "Head Office" page as per current settings, and not all users have access to it. So, I'm not sure pre-rendering will be working for unauthorised users.

  • fac586
    fac586 Senior Technical Architect Member Posts: 21,216 Red Diamond
    edited Nov 20, 2019 4:02AM Answer ✓
    Elena Ivanova wrote:Scott Wesley wrote:I personally like defining these as pre-rendering branches on the home page. Here you can associate your authorisation scheme declaratively.The thing is that the home page is the "Head Office" page as per current settings, and not all users have access to it. So, I'm not sure pre-rendering will be working for unauthorised users.

    Before Header branches are executed before any page content is sent to the browser so there is no risk of data leakage if the branch logic covers all eventualities before page rendering begins. In this case, page 1 Before Header branches to page 2 associated with the "Australia" authorisation scheme, and to page 3 for the "New Zealand" scheme would be equivalent to the logic defined in the code posted above, where the default behaviour for "unauthorised users" is for them to land on page 1.

    A frequently used technique is to create a home page without any content whatsoever, simply using it as a junction to route users to the appropriate starting page based on the authorisation and condition logic of the pre-rendering components. That is fail safe (providing all of the logic is correct) as should a user fall through without triggering any of the branches or processes they end up harmlessly being shown a blank page (or more likely a basic "Something went wrong. Contact your administrator" message).

    Elena Ivanova
  • Elena Ivanova
    Elena Ivanova Member Posts: 6
    edited Nov 20, 2019 7:17PM

    Thanks for the detailed response! All works perfectly!