I have an Apex application where you can add data: your name, address, phone number and email address, and I would like to create an Apex user with the email and a password "password" to log-in. When you logged in, you have access to certain pages.
So it would be a dynamic user generation based on the data you provide in the Text Fields.
Do you have any idea how i could manage to do that?
It should be something like a webshop where you register and then you have access.
I think your problem can be solved by defining authorization scheme and authentication scheme for the current page. you can use Custom Authentication schema for dynamic user creation.
To have different access to different user is controlled by authorization schema.
Search section "8.2.2.8 Security" or Authentication or authorization into url
http://docs.oracle.com/cd/E37097_01/doc.42/e35125/bldr_pg_edit_att.htm#HTMDB25152
Related
I've set up an LDAP Directory Authentication Scheme on Oracle Apex (v21.1) like this, and created the ACL on my Database:
If I try to test the LDAP Login, it's working (using my firstname.lastname). I replaced the IP Address and the domain name for confidential purposes.
I can connet to my application, but I cannot access it, I can't land on the home page, because I need an authorization scheme based on the groups the users are in.
In my company, there are multipled departements, they each have a group in the Microsoft Active Directory that will give them the access to the application, each groups are named like this: GRP_Inventaire_Dpt1, GRP_Inventaire_Dpt2, GRP_Inventaire_Dpt3,....
I tried to create an Authorization Scheme based on this tutorial:
https://blog.jonas-hellmann.de/authorization-in-oracle-apex-with-ldap-groups/
I tried to adapt the code of the function as you can see on the chapter 2.3 of the tutorial, here's how I did:
And here's my authorization scheme:
As you can see on the screen, I have to write the exact group name to access to my application, but I would like to have the possiblity to check if the user is in a group which start with "GRP_Inventaire_", no matter what department he is.
Unfortunately, some things seems already weird. Why does the password need to be statically written down in the function? How can dynamically have it in the function based on the LDAP Authentication Scheme? However, I know that I can use the p_username parameter for the username.
***Finally, if I try to connect to my application, I have the error message of my Authorization scheme: ***
To summarize what I'm looking for:
Authorization scheme based on the user logging in
Check if the user is part of a group which start with "GRP_Inventaire_"
The function needs to have dynamically the credentials of the user connecting
Do not hesitate to ask questions for more details.
Don't you need to check user's security group with something like this?
DECLARE VAL BOOLEAN;
BEGIN
VAL := APEX_UTIL.CURRENT_USER_IN_GROUP('xxx');
RETURN VAL;
END;
The Requirement is maintaining single JDBC(postgreSQL) user store for the below applications,
Create a user using SCIM api in to wso2-is.
Authenticate my microservices using oauth2 client of service provider.
Integrate WSO2-IS embedded read only LDAP for BPM(Camunda) application authentication and authorization.
I am able to do the first and second points and created a single JDBC user store for users.
For the third point, not able to get the users from JDBC user store using embedded read only LDAP.
Can you help me in this flow, is there any way available in wso2-is to achieve this requirement?
You can use the create a Read-only LDAP secondary user store for LDAP and use it for the BPM(Camunda) application authentication and authorization. You can find more information about secondary user store here
When authentication the users will be validated with all the existing user stores (primary and secondary). The possible issue will here is if the same username exists in two user stores.
If you provide user store name appended to the username, it will validate on the specific users.
For example, if the user store name is 'BPM', then you need to append as 'BPM/<username>'
I have application where administrators have to create accounts for the new users. Basically there is no option for random user to create account and access this app. The admin would have to enter some basic info like First, Last name, Email address, User name and then comes to the password. I have algorithm that generates unique passwords. I'm looking for the better option to handle this situation.
The old application worked this way: admin enters info, generates password and there is an option either to automatically notify users via email or admin will contact directly that user and provide login info. This method seems very inefficient and insecure at the same time. Sending info like user name and password in the email is definitely not recommended nowadays. I was wondering what would be a good approach?
Should I generate unique link with expiration date where user can enter the password? Or there is better way to handle this situation? I use JavaScript, JQuery and ColdFusion 2016 for this project.
I am working on Netsuite and I'm new to it, so I need help. After creating roles and assigning a user to that specific role, I want to assign them to an application created using the integration record. When I wanted to create an access token, after selecting the application in the application name drop down, I am not finding any users or roles in the user drop down box and the role drop down box:
This is where I am facing the problem. So I need a solution to select users in the drop down box.
This link tells you all you need to know about setting up TBA and the correct basic permissions needed:
Token Based Authentication
Your user needs to have a role assigned to it with the following basic permissions:
User Access Token: Full
Access Token Management: Full
Web Services: Full
Once this role has been assigned to your user, the user will be available for selection when creating a token.
Go to the role you have setup for this OAuth and click Permissions tab > Setup and make sure User Access Tokens permission is there.
Here are the docs for setting up TBA roles. Maybe you are missing one of the permissions?
Getting Started with Token-based Authentication
I am using default Eloquent authentication driver in my Laravel 5 application. I want to allow user to login with username or mobile number as well for those who have entered these two. Is there any way to include it without creating manual authentication?
I found this discussion on laracasts:
https://laracasts.com/discuss/channels/general-discussion/log-in-with-username-or-email-in-laravel-5
It allows the user to enter his username or his email. Laravel checks the field if it is an email or an username (by validating it) and depending on what it is it calls the $auth->attempt() function with the correct field.
The same thing should be applicable for your username or mobilenumber-problem.