Question : APEX Own Login Function

Hi All,

I have written my own login procedure which replaces wwv_flow_custom_auth_std.login. The short reason is that I'm using my own authentication tables and methods.

Now what I have done that when the function returns it brings back an error code. 0 is no error or some other number for error.

My problem is now how to make apex accept my authentication as succesfull. Whatever I do I always get sent back to the login page.

I have tried the following:
- I have created hidden fields on the page and stored the error code, then on a newly created branch, I test the error code and branch to the approppriate page. I have now set the branch to always return 2 which means that it should always go to page 2 (to avoid any errors here). Thsi still sends me back to login.
- I have tried changing the authentication schemas authentication function and I am using my own function which also always returns true. This still does not work.

How can I tell APEX that I have authenticated my application/user?


Answer : APEX Own Login Function

>>So you are telling me the two options of when to set my 'message', etc items?

You can do this whenever and wherever you like, I only gave two options that seem to fit what you were describing. There are other options too - for example, a page process that sets a specific page item.

>>If that is so, does that mean that I shoudl totally forgo my own authentication function, use the standard 'wwv_flow_custom_auth_std.login' in conjunction with my newly creaed authentication theme and then in my 'After Authentication' I can set my parameters?

That is not what I meant at all. You create your own authentication function, and that is what you call in the Authentication Scheme (as I described above).  The wwv_... call is just to register within APEX and to obtain a new, valid Session ID, but you are still responsible for the actual authentication against the user tables.

1) You don't necessarily need to run a stored procedure. You can write PL/SQL code in the post-authentication process.
2) That could be because you are not validating correctly. Create a new, basic authentication scheme that does nothing but validate a user/password combo. Change your authentication scheme to this new one, then see if you can log in correctly.

For example, here's one simple authentication scheme I have on a local app:
Name - the name of the authentication scheme
Subscription - none
Page Session Management - all fields blank except Session Not Valid URL (f?p=<APP_ID>:101:&SESSION.)
Login Processing - all fields blank except Authentication Function (return p_m_security.authenticate_user; )
Cookie Attributes - you can set a cookie name or leave everything blank
Logout URL - wwv_flow_custom_auth_std.logout?p_this_flow=&APP_ID.&p_next_flow_page_sess=&APP_ID.:1

Notice that I use page 101 as my default page for when the session is not valid. Page 101 is the login page, so on that page I use the following process:

        P_UNAME       => :P101_USERNAME,
        P_PASSWORD    => :P101_PASSWORD,
        P_SESSION_ID  => v('APP_SESSION'),
        P_FLOW_PAGE   => :APP_ID||':1'
which is called once, after Submit.

Then the authentication function ( return p_m_security.authenticate_user;  ) can be reduced down to "return true;" or actual validation code. If you can get this entire process to work, then you can start adding more complexity to your scheme.
Random Solutions  
programming4us programming4us