Integrating APEX security with Oracle Internet Directory, OID (LDAP implementation)

octubre 21, 2011


Recently I received the mission to develop an Oracle APEX application with security integrated with Oracle Internet Directory, OID. It is an implementation of LDAP, from the point of view of Oracle. I marked this task as critical and I gave it 6 days of work thinking that all will go ok.

An APEX application can authenticate users using PL/SQL functions that return true or false. Other way is to give APEX framework configuration about your LDAP or OID server and leave Oracle do the rest. You can see it at this screen.

It seems easy and also we have an example in APEX 4.1 API Documentation, in chapter 12. http://download.oracle.com/docs/cd/E23903_01/doc/doc.41/e21676/apex_ldap.htm#CEGDCAFD

Because I am one of those do not like to give a task a number of days until to be sure I will able to accomplish, I made a search looking for others in similar scenario. I use to follow Patrick Wolf and his blog, http://www.inside-oracle-apex.com, and what a surprise that he enconuntered, on January 2008, that APEX API function “APEX_LDAP.Authenticate”, in its 3 version, produced a “true authentication” when you pass the function a NULL password. You can read this at http://www.inside-oracle-apex.com/dbms_ldapsimple_bind_s-apex_ldapauthenticate-and-null-password/. You can see screens here.

If you continue on reading that post, finally, John Scott, other APEX boy, answers Patrick that “true authentication with NULL password is produced by a LDAP server configured with anonymous authentication”.


Now I am building an scenario inside a virtualized Windows 2008 server at Amazon Aws. I need to be sure that we will not have problems once this development started in future. Problems that could came from environments where OID server is not at same network of APEX, or even behind a firewall, or on the other hand, APEX is in DMZ zone to serve internet users and OID is behind the firewall.

Anuncios

Responder

Por favor, inicia sesión con uno de estos métodos para publicar tu comentario:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s

A %d blogueros les gusta esto: