This discussion is archived
4 Replies Latest reply: Jul 15, 2008 10:26 AM by 597463 RSS

Active Directory and APEX 3.1

597463 Newbie
597463 Jul 14, 2008 5:29 PM
Currently Being Moderated
I am unable to authenticate to Active Directory through the built in active directory authentication scheme in APEX 3.1.

Is there anyway to get some debug messages from the database, or AD server. The only message I get is Authentication Denied which is not extremely helpful.
  • 3532 Views
  • 1. Re: Active Directory and APEX 3.1
    60437 Employee ACE
    60437 Jul 14, 2008 5:31 PM (in response to 597463)
    Currently Being Moderated
    There is no built-in Active Directory authentication scheme. There is a built-in LDAP scheme which, if you provide the right DN, will work in most environments where you have AD. Search this forum for Active Directory.

    Scott
  • 2. Re: Active Directory and APEX 3.1
    597463 Newbie
    597463 Jul 15, 2008 8:33 AM (in response to 60437)
    Currently Being Moderated
    That correct I am using the LDAP scheme, and providing it with the appropriate DN string. The only problem is that it allways says authentication failed, without giving any error messages. So I tried with some success to test the LDAP packages provided by oracle.

    I am able to authenticate using dbms_ldap, but that only works when I provide NULL for a password.

    DECLARE
    vSession DBMS_LDAP.session;
    vResult PLS_INTEGER;
    BEGIN
    DBMS_LDAP.use_exception := TRUE;
    vSession := DBMS_LDAP.init
    ( hostname => 'CREDPWY01SDCG01'
    , portnum => 389
    );
    vResult := DBMS_LDAP.simple_bind_s
    ( ld => vSession
    , dn => 'CN=<username>,dc=credit,dc=com'
    , passwd => NULL
    );
    DBMS_Output.put_line('User authenticated!');
    vResult := DBMS_LDAP.unbind_s(vSession);
    END;

    I am not able to authenticate at all when using apex_ldap regardless if I pass NULL for the password, or use the real password.

    BEGIN
    IF APEX_LDAP.authenticate
    ( p_username => '<username>'
    , p_password => NULL
    , p_search_base => 'dc=credit,dc=com'
    , p_host => 'CREDPWY01SDCG01'
    , p_port => 389
    )
    THEN
    DBMS_Output.put_line('ok');
    ELSE
    DBMS_Output.put_line('not ok');
    END IF;
    END;
  • 3. Re: Active Directory and APEX 3.1
    60437 Employee ACE
    60437 Jul 15, 2008 9:24 AM (in response to 597463)
    Currently Being Moderated
    I searched the forum and found this. Maybe it will help: Re: MS Active Directory authentication .

    Scott
  • 4. Re: Active Directory and APEX 3.1
    597463 Newbie
    597463 Jul 15, 2008 10:26 AM (in response to 60437)
    Currently Being Moderated
    That did the trick. Instead of using a standard DN string 'cn=%LDAP_USER%, dn=mydomain, dn=com' you just use the following string mydomain\%LDAP_USER%

Actions