Databases Reference
In-Depth Information
Additional details about Oracle Application Express and Oracle Access Manager can
be found at the following URL:
http://www.oracle.com/technetwork/developer-tools/apex/learnmore/
apex-oam-integration-1375333.pdf
LDAP directory
The username and password are entered in a login page by using an LDAP. LDAP is
an Internet protocol used to look up directory information. To use this scheme, you
must have access to an LDAP directory. Additional information can be found here:
http://www.oracle.com/technetwork/developer-tools/apex/how-to-ldap-
authenticate-099256.html
Note
The
apex_ldap.authenticate
function in 4.1.1 and older
versions calls the following piece of code:
dbms_ldap.simple_bind_s (g_session, 'cn='
||p_username||case when p_search_base is not
null then ','||p_search_base end,p_password )
Tests with
ldapsearch
on the command line against the LDAP server shows that
searches should be against the
uid
attribute:
DECLARE
vSession DBMS_LDAP.session;
vResult PLS_INTEGER;
BEGIN
DBMS_LDAP.use_exception := TRUE;
vSession := DBMS_LDAP.init
( hostname => 'ldap_server', portnum => 389 );
vResult := DBMS_LDAP.simple_bind_s
( ld => vSession
, dn => 'uid=xx,cn=Users,dc=xx,dc=org'
, passwd => 'password1');
DBMS_Output.put_line('User authenticated!');
vResult := DBMS_LDAP.unbind_s(vSession);
END;
LDAP
auth
in 4.2 has a new attribute,
Username Escaping
, that escapes special
characters in the username, to prevent LDAP injection.
