1 2 Previous Next 18 Replies Latest reply: Apr 19, 2013 5:16 AM by Luis RSS

    How to use HTTP header in APex too?

    vyuvaraj
      we developed a tool using Oracle apex and integrated with Single Sign-on for login.

      Here are the details:

      http://sldn8019vdor.ldn.swissbank.com:8500/apex/f?p=dpprtool - Single Signon (http://sldn8019vdor.ldn.swissbank.com:8500/apex/f?p=111:1: application alias )

      ProxyPass / http://xldn4750vdor.ldn.swissbank.com:8081/
      ProxyPassReverse / http://xldn4750vdor.ldn.swissbank.com:8081/

      we've few questions and need Oracle support:

      1. How can we pass user information from single-signon to Apex Tool (http://xldn4750vdor.ldn.swissbank.com:8081/ )?
      2. How can we protect the apex URL from directly accessing it?
      3. How can use Cookie in Apex tool?

      QQ 3 is v.critical for us. How to use HTTP header to retrieve user info?

           
      http header has got all token information.

      I get the below information when I type javascript:document.cookie on browser:

      SSO_User=99926341; GCB_USER_LOCALE=en; LtpaToken=5qPCIBk3zkVWREbmfu1EAHDGvvG/SYZzPokZ

      how to get this details in Apex ? How to get cookie or http header information?


      Can someone help us?
        • 1. Re: How to use HTTP header in APex too?
          Ramesh P, Oracle APEX Developer
          DECLARE
          v_username VARCHAR2(255);
          v_url VARCHAR2(1000);
          BEGIN
               --Get the REMOTE_USER value from CGI variables
               v_username := TRIM(UPPER(owa_util.get_cgi_env('REMOTE_USER')));
               v_url := owa_util.get_cgi_env('QUERY_STRING');
               --Making sure the logged in person is not a null entry or APEX_PUBLIC_USER
               --If any of them then they are redirected to login page
               IF     (v_username IS NULL OR v_username = 'APEX_PUBLIC_USER') THEN
                    --This is our login page which validates the user
                    owa_util.redirect_url('/LoginPage/admins_test/test_apex.jsp?'||v_url);
                    log_this_proc( 'After username check'
                                                  ,1
                                                  ,105
                                                  ,0
                                                  ,''
                                                  ,'HTTP HEADER AUTHENTICATION APPLICATION PROCESS'
                                                  ,'Initial Log'
                                                  ,:APP_USER
               );          
               END IF;     
          END;
          • 2. Re: How to use HTTP header in APex too?
            TexasApexDeveloper
            HTTP Header variable authentication:

            Re: How to get username from HTTP request headers in APEX

            Thank you,

            Tony Miller
            Ruckersville, VA
            • 3. Re: How to use HTTP header in APex too?
              vyuvaraj
              Where should I enter the plsql block?
              • 4. Re: How to use HTTP header in APex too?
                TexasApexDeveloper
                Did you read the article provided?? The authentication scheme will get the value based upon the NAME Of the http variable, so what block do you intend to use?

                Here is a link to the manual showing this further: http://docs.oracle.com/cd/E37097_01/doc/doc.42/e35125/sec_authentication.htm#CIHEBJEH


                Thank you,

                Tony Miller
                Ruckersville, VA
                • 5. Re: How to use HTTP header in APex too?
                  vyuvaraj
                  1) As soon as you have configured OHS (Oracle HTTP Server) to pass through the HTTP header variable (see the document linked in the blog posting) you just have to
                  2) switch your application authentication scheme to "HTTP Header Variable".
                  3) If your header variable is not named REMOTE_USER, you have to enter it into the attribute "HTTP Header Variable Name" of your authentication.

                  Where can I get the variable name?
                  • 6. Re: How to use HTTP header in APex too?
                    TexasApexDeveloper
                    Normally it should be REMOTE_USER, if not then you can evaluate the header and determine the variable name..

                    Thank you,

                    Tony Miller
                    Ruckersville, VA
                    • 7. Re: How to use HTTP header in APex too?
                      vyuvaraj
                      Thanks, How can find the header name?
                      • 8. Re: How to use HTTP header in APex too?
                        TexasApexDeveloper
                        create a pl/sql region, for its region source use the following:
                        print_cgi_env;
                        This will display ALL the cgi variables defined, you should be able to see the header variable and contents there..

                        Thank you,

                        Tony Miller
                        Ruckersville, VA
                        • 9. Re: How to use HTTP header in APex too?
                          vyuvaraj
                          Thanks Tony

                          I created a region with type PL/SQL(anonymous block ) and added "print_cgi_env;" source (region source) . I am not able to save it. I get the below error message:

                          •ORA-06550: line 2, column 1: PLS-00201: identifier 'PRINT_CGI_ENV' must be declared ORA-06550: line 2, column 1: PL/SQL: Statement ignored

                          Can you please help me?
                          • 10. Re: How to use HTTP header in APex too?
                            vyuvaraj
                            Error during rendering of region "REgion".

                            ORA-06550: line 1, column 7: PLS-00201: identifier 'PRINT_CGI_ENV' must be declared ORA-06550: line 1, column 7: PL/SQL: Statement ignored

                            Technical Info (only visible for developers)
                            •is_internal_error: true
                            •apex_error_code: APEX.REGION.UNHANDLED_ERROR
                            •ora_sqlcode: -6550
                            •ora_sqlerrm: ORA-06550: line 1, column 7: PLS-00201: identifier 'PRINT_CGI_ENV' must be declared ORA-06550: line 1, column 7: PL/SQL: Statement ignored
                            •component.type: APEX_APPLICATION_PAGE_REGIONS
                            •component.id: 4901717154403599
                            •component.name: REgion
                            •error_backtrace:
                            ORA-06512: at "SYS.DBMS_SYS_SQL", line 1325
                            ORA-06512: at "SYS.WWV_DBMS_SQL", line 930
                            ORA-06512: at "APEX_040200.WWV_FLOW_DISP_PAGE_PLUGS", line 4608
                            ORA-06512: at "APEX_040200.WWV_FLOW_DISP_PAGE_PLUGS", line 3216
                            • 11. Re: How to use HTTP header in APex too?
                              vyuvaraj
                              I got the information using below code:

                              BEGIN
                              OWA_UTIL.PRINT_CGI_ENV();
                              END;

                              Checking it now.
                              • 12. Re: How to use HTTP header in APex too?
                                vyuvaraj
                                How can I pass a value from HTTP_COOKIE to an item in the region?

                                e.g WebSSO_username=varadhyu; ORA_WWV_APP_111=AB08B2E8F80AE6C02E941FF45E9A18BE

                                I want to find WebSSO_username value and pass that information to an item in the form region.

                                Can someone help me please?
                                • 13. Re: How to use HTTP header in APex too?
                                  vyuvaraj
                                  PLSQL_GATEWAY = WebDb
                                  GATEWAY_IVERSION = 2
                                  SERVER_SOFTWARE = Oracle Embedded PL/SQL Gateway/11.2.0.2.0
                                  GATEWAY_INTERFACE = CGI/1.1
                                  SERVER_PORT = 8081
                                  SERVER_NAME = XDB HTTP Server
                                  REQUEST_METHOD = GET
                                  QUERY_STRING = p=113:1:
                                  PATH_INFO = /f
                                  SCRIPT_NAME = /apex
                                  REMOTE_HOST =
                                  REMOTE_ADDR = 139.149.48.150
                                  SERVER_PROTOCOL = HTTP/1.1
                                  REQUEST_PROTOCOL = HTTP
                                  REMOTE_USER = ANONYMOUS
                                  ORACLE_SSO_USER =
                                  HTTP_CONTENT_LENGTH = 0
                                  HTTP_CONTENT_TYPE =
                                  HTTP_USER_AGENT = Mozilla/5.0 (Windows NT 5.1; rv:13.0) Gecko/20100101 Firefox/13.0.1
                                  HTTP_HOST = xldn4750vdor.ldn.swissbank.com:8081
                                  HTTP_ACCEPT = text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
                                  HTTP_ACCEPT_ENCODING = gzip,deflate
                                  HTTP_ACCEPT_LANGUAGE = en-us,en;q=0.5
                                  WEB_AUTHENT_PREFIX =
                                  DAD_NAME = apex
                                  DOC_ACCESS_PATH = docs
                                  DOCUMENT_TABLE = wwv_flow_file_objects$
                                  PATH_ALIAS =
                                  REQUEST_CHARSET = AL32UTF8
                                  REQUEST_IANA_CHARSET = UTF-8
                                  SCRIPT_PREFIX =
                                  HTTP_COOKIE = GDSESSION=DCGMAP8g5AMfjpnAc3PTm7p9QhBHm7P+RclLi26UBTu4pUaeSiLJLRIgBTlHjoJvYLnZpM1PXcE+ZVb9AoxaXNDOMD0UUlnixRWob2jLvwWGqXNrEcYgiNpRZu8YGrJ
                                  • 14. Re: How to use HTTP header in APex too?
                                    vyuvaraj
                                    How can I pass a value from HTTP_COOKIE to an item in the region?

                                    e.g WebSSO_username=varadhyu; ORA_WWV_APP_111=AB08B2E8F80AE6C02E941FF45E9A18BE

                                    I found the user name in HTTP_COOKIE.


                                    I want to find WebSSO_username value and pass that information to an item in the form region.

                                    Can someone help me please?
                                    1 2 Previous Next