Forum Stats

  • 3,826,326 Users
  • 2,260,624 Discussions
  • 7,896,896 Comments

Discussions

workspace login using http header variable authentication

gernot
gernot Member Posts: 2 Red Ribbon
edited Feb 22, 2022 4:44PM in APEX Discussions

I have a problem using http header variable authentication for workspace login.

As instance admin I did following: manage instance => security => authentication control ==> HTTP Header Variable ==> I edited field "HTTP Header Variable Name(Value Required)" to APXUID (which ist the http header field which contains username) and I changed "Action if Username is Empty" to "Display Error" and edited error message ==> Apply Changes and "Make Current Schema"

calling APEX http://server:port/ords ==> then I get the error message entered in "Action if Username is Empty"

to verify that APXUID is set correctly I am using Tomcat valve

<Valve className = "org.apache.catalina.valves.ExtendedAccessLogValve" pattern = "date time c-ip cs(APXUID) sc-status time-taken cs-uri" />

and in the Tomcat logs I can see that APXUID is set correctly.

I am using custom HTTP header varaiable authentication for my applications and there I do not have any problems

But I like to use HTTP header varaiable authentication for workspace login (to use APEX developement environment) which is not working.

Do you have any suggestions?

Did I miss some configuration steps?

Is there a way to debug or configure extended logging?


Thanks

Answers

  • gernot
    gernot Member Posts: 2 Red Ribbon

    Instance debugging (d0.sql) shows that HTTP header variable is found and its value is correct. But the sentry function still fails - see attachment

    Which additional conditions are checked in the sentry function (in HTTP header variable authentication scheme to login in APEX itself)?

    (user exists and is open)

    Thanks

  • user12097829
    user12097829 Member Posts: 14 Blue Ribbon

    Hi,

    I've the same problem here (using Apex 21.2 and Apex 22.1):

    HTTP header variable is set by Apache and found by Apex. But the sentry function still fails.

    Using the Oracle provided "HTTP header variable" authentication scheme, there's no possibility to specify a custom sentry function, but obviously there must be an internal sentry function.

    Which additional conditions are checked in the internal sentry function?

    Thanks

  • user12097829
    user12097829 Member Posts: 14 Blue Ribbon

    Hi,

    found a solution for my problem with "HTTP header variable":

    Following several tutorials I had set "Verify Username" to "After Login" for my authentication scheme.

    After changing setting "Verify Username" from "After Login" to "Each Request" everything works fine.

    Thanks