0 Replies Latest reply: Jun 26, 2013 12:15 PM by aymen_tunisia RSS

    integration of SSO with Tivoli Access Manager:rerouted user when he is not found

    aymen_tunisia

      Hi people,

      I am working with apex 4.1.1.00.23,we integrated SSO in our application(Tivoli Access Manager) using this document Oracle Application Express Integration with IBM Tivoli Access Manager (TAM) SSO.

      The user use this link https://audi-mynet.web.audi.vwg/htmldb-test/pls/htmldb/f?p=393to access the home page(page number 1), the problem is when he haven't a login name for the SSO authentication ,a blank page is displayed with link https://audi-mynet.web.audi.vwg/htmldb-test/pls/htmldb/f?p=393:1  even if I put a different  URL in the 'Session Not Valid' section of ' Authentication Scheme' under application ,i want rerouted the user in this case to another page .thank you for your replies.

      SSO authentifcation package used :


      create or replace

      PACKAGE BODY audi_auth_sso_pkg

      AS

      FUNCTION custom_page_sentry RETURN BOOLEAN

      AS

      --

      -- Page sentry using built-in session verification logic

      -- and CGI Environment variable as the holder of the username.

          l_current_sid number;

          l_tam_userid  varchar2(255) := upper(owa_util.get_cgi_env('HTTP_IV_USER'));

          lv_goto_page NUMBER DEFAULT 1;

          p_role VARCHAR2(100) DEFAULT 'ADMIN';

          p_id NUMBER ;

          IS_FDB_USER   NUMBER := 0;

      BEGIN   

          l_current_sid := wwv_flow_custom_auth_std.get_session_id_from_cookie;

          -- raise_application_error (-20000, l_tam_userid) ;

         

          if wwv_flow_custom_auth_std.is_session_valid then     

              wwv_flow.g_instance := l_current_sid;

              if l_tam_userid = wwv_flow_custom_auth_std.get_username then

                  wwv_flow_custom_auth.define_user_session(

                      p_user=>l_tam_userid,

                      p_session_id=>l_current_sid);

                     

                  return true;

              else

                -- username mismatch.

                -- Unset the session cookie and

                -- redirect back here to take other branch

                  wwv_flow_custom_auth_std.logout(

                      p_this_flow=>v('APP_ID'),

                      p_next_flow_page_sess=>v('APP_ID')||':'||

                        nvl(v('APP_PAGE_ID'),0)||':'||l_current_sid);

           

                  wwv_flow.g_unrecoverable_error := true; -- tell apex engine to quit

                  return false;

              end if;

          else -- application session cookie not valid; we need a new apex session

              wwv_flow_custom_auth.define_user_session(

                  p_user=>l_tam_userid,

                  p_session_id=>wwv_flow_custom_auth.get_next_session_id);

              wwv_flow.g_unrecoverable_error := true; -- tell apex engine to quit

              --

              if owa_util.get_cgi_env('REQUEST_METHOD') = 'GET' then

                  wwv_flow_custom_auth.remember_deep_link(

                p_url=>'f?'||wwv_flow_utilities.url_decode2(

                  owa_util.get_cgi_env('QUERY_STRING')));

              else

                  wwv_flow_custom_auth.remember_deep_link(p_url=>'f?p='||

                      to_char(wwv_flow.g_flow_id)||':'||

                      to_char(nvl(wwv_flow.g_flow_step_id,0))||':'||

                      to_char(wwv_flow.g_instance));

              end if;

              --

              -- check if it is a FDDB user    

                   SELECT COUNT(*)

                INTO IS_FDB_USER FROM T_ANWENDER

                WHERE UPPER (IV_USER) = UPPER (l_tam_userid) ;

                  IF IS_FDB_USER != 1 THEN

             

                    RETURN FALSE;

                  END IF;     

             

              -- register session in apex sessions table, set cookie,

              -- redirect back     

                SELECT ID

                INTO p_id FROM T_ANWENDER

                WHERE UPPER (IV_USER) = UPPER (l_tam_userid) ;

                      SELECT RTrim(xmlagg(xmlelement(a,r.ROLLE_CODE || ',').extract('//text()')),',') into p_role FROM T_ROLLEN r ,T_ANWENDER_ROLLEN anw

                      WHERE r.ROLLE_ID = anw.ANWR_ROLLE_ID and anw.ANWR_ANW_ID = p_id;

                   

                      IF p_role IS NOT NULL then

                         IF instr(p_role, 'ANTRAGSTELLER_BDK')>0 OR

                         instr(p_role, 'TECHNOLOGIEVERANTWORTLICHER')>0 OR

                         instr(p_role, 'TECHNIKUMSMITARBEITER')>0 OR

                         instr(p_role, 'ADMINISTRATOR')>0  

                         THEN

                           lv_goto_page := 1;

                         END IF; 

                         IF  p_role = 'ANTRAGSTELLER_WFP'

                         THEN

                         lv_goto_page := 79;

                          END IF;

                      END IF;  

                    

                apex_util.set_session_state( 'P0_ANW_ID', p_id );

              wwv_flow_custom_auth_std.post_login(

                  p_uname     => l_tam_userid,

                  p_flow_page => wwv_flow.g_flow_id||':'||lv_goto_page);

              return false;

          end if;

       

      END custom_page_sentry;

       

       

      END audi_auth_sso_pkg;