This content has been marked as final. Show 2 replies
It sounds like you've followed the installation steps pretty closely, but can I just ask whether you carried out step *3.3.6 Configure APEX_PUBLIC_USER Account* - http://docs.oracle.com/cd/E37097_01/doc/install.42/e35123/otn_install.htm#BABDEEIH in the installation guide? As part of that step, you're required to unlock the APEX_PUBLIC_USER account, and change the password for the account. This step should be carried out before configuring the Listener, as you will be prompted to enter the password for that account during the configuration. So maybe there's a chance the account hasn't been locked? It might just be worth double-checking that all installation steps have been carried out for configuration against the APEX Listener: http://docs.oracle.com/cd/E37097_01/doc/install.42/e35123/otn_install.htm#BABJJAGF. Please let me know whether this resolves your issue.
Thank you for your reply.
I had another look at the problem this morning and noticed that the parsing schema for the example ApEx application was set to a Db account that was locked. Unlocking this Db account resolved the problem.
I find this interesting behaviour given that typically the ApEx connection to the Db is via the APEX_PUBLIC_USER account and the parsing schema is used to establish privileges.
The error ORA-28000 error message I've experienced suggests that when a request is made to a RESTful service a Db connection is established using the parsing schema. From a security perspective you may wish to use a separate Db account with the minimum privileges necessary to facilitate the RESTful request.
As I said in my original message, I've not been able to find any documentation that describes how Apex RESTful services are functioning from a Db connection perspective. Is this something that you could explain, or could you possibly post a link to some documentation that describes the Apex RESTful architecture from a connection, authentication and security perspective?