1 Reply Latest reply: Apr 20, 2014 10:31 AM by fac586 RSS

    "Kick" user from application after his password was changed.

    Para

      Apex version Application Express 4.2.4.00.08


      I would like to "kick" current user from application after his password was changed in database.

      I have custom auth that takes password from database.

       

      Currently if someone enters my application > after that I change his password > he is still able to go thru application and submit things

      What I would like to happen is that after I change his password the current user gets "kicked" from the app to login screen.

        • 1. Re: "Kick" user from application after his password was changed.
          fac586

          Para wrote:

           

          Apex version Application Express 4.2.4.00.08


          I would like to "kick" current user from application after his password was changed in database.

          I have custom auth that takes password from database.

           

          Currently if someone enters my application > after that I change his password > he is still able to go thru application and submit things

          What I would like to happen is that after I change his password the current user gets "kicked" from the app to login screen.

          Capture the user/password hash post-login and store it in an application item. Create an On Load: Before Header application process that runs conditionally if the session user/password hash differs from that currently in the database, calling apex_custom_auth.logout. This will log the user out on the first page render after the password is changed, but will (in most cases) save any changes before doing so.