Home » Developer & Programmer » Application Express, ORDS & MOD_PLSQL » owa_cookie encrypt cookie
owa_cookie encrypt cookie [message #209770] Sun, 17 December 2006 18:47 Go to next message
basirana
Messages: 25
Registered: July 2006
Junior Member
the below procedure is used for authentication. once the user is authenticated. if it is success I am try to create cookie.
I need help to encrypt the cookie that is been created.
I am not sure how to do encryption of cookie. can you please help me with sample program to encrypt the cookie.

CREATE OR REPLACE PROCEDURE Web_Authenticate_Cookie
     (In_LogIn     VARCHAR2,
      In_Password  VARCHAR2 := NULL,
      In_Origin    VARCHAR2)
AS
  v_LogIn     VARCHAR2(255);
  v_Password  VARCHAR2(255);
  v_Message   VARCHAR2(2000);
  v_eMail     VARCHAR(255);
  uId_Cookie  VARCHAR2(500);
BEGIN
  SELECT eMail
  INTO   v_eMail
  FROM   Table_Name
  WHERE  UID = In_LogIn;
  
  v_Message := Func_ldap_auth(In_LogIn,In_Password);
  
  IF v_Message = 'success' THEN
    owa_Cookie.Send('uid',In_LogIn);
    
    htp.Print('<a href="[url]http://localhost/auth/access_cookie[/url]">click here</a>');
  END IF;
END;
/



CREATE OR REPLACE PROCEDURE Access_Cookie
AS
  uId_Cookie  VARCHAR2(500);
BEGIN
  uId_Cookie := owa_Cookie.Get('uid');
  
  htp.Print(uId_Cookie);
END;
/


thanks
Re: owa_cookie encrypt cookie [message #209953 is a reply to message #209770] Mon, 18 December 2006 11:54 Go to previous messageGo to next message
andrew again
Messages: 2577
Registered: March 2000
Senior Member
Originally for Oramag:

create or replace FUNCTION Xorbin(c1 CHAR,c2 CHAR) RETURN CHAR IS
  loop1   NUMBER;
  loop11  NUMBER;
  r1     VARCHAR2(8);
  r2     VARCHAR2(8);
  r3     NUMBER;
  result VARCHAR2(40);
  divis  NUMBER;
BEGIN
  result := '';
  FOR loop1 IN 1..LENGTH(c1) LOOP
    r1 := Convbin(SUBSTR(c1,loop1,1));
    r2 := Convbin(SUBSTR(c2,loop1,1));
    divis := 128;
    r3    := 0;
    FOR loop11 IN 1..8 LOOP
      IF TO_NUMBER(SUBSTR(r1,loop11,1))+TO_NUMBER(SUBSTR(r2,loop11,1))=1 THEN
        r3 := r3 + divis;
      END IF;
      divis := divis / 2;
    END LOOP;
    result := result || CHR(r3);
  END LOOP;
  RETURN(result);
END;
/


create or replace FUNCTION Convbin(c1 CHAR) RETURN CHAR IS
  loop1  NUMBER;
  value NUMBER;
  divis NUMBER;
  r1    VARCHAR2(30);
-- encryption encrypt crypt unencrypt in Oracle

BEGIN
  r1 := '';
  value := ASCII(c1);
  divis := 128;
  FOR loop1 IN 0..7 LOOP
    IF TRUNC(value/divis) = 1 THEN
      r1 := r1 || '1';
    ELSE
      r1 := r1 || '0';
    END IF;
    value := value MOD divis;
    divis := divis / 2;
  END LOOP;
  RETURN r1;
END;
/

-- SET serveroutput ON
-- DECLARE
--   result  VARCHAR2(30);
--   mask    VARCHAR2(30);
-- BEGIN
--   mask    := 'abc'; /* Must be greater or equal to the value that
--                        will be "Crypted" */
--
--   result := XORBIN('ABD',mask);  /* "Crypt" */
--   dbms_output.put_line(result);
--
--   result := XORBIN(result,mask); /* "Unencrypt" */
--   dbms_output.put_line(result);
--
-- END;
-- /



http://fdegrelle.over-blog.com/article-1001066.html


Re: owa_cookie encrypt cookie [message #209954 is a reply to message #209953] Mon, 18 December 2006 11:57 Go to previous messageGo to next message
andrew again
Messages: 2577
Registered: March 2000
Senior Member
I suppose it's better to encrypt cookies - but remember that that a browser will only return a cookie to the website that set it - so they are generally safe.
Re: owa_cookie encrypt cookie [message #210861 is a reply to message #209954] Fri, 22 December 2006 12:53 Go to previous message
filipe.silva
Messages: 3
Registered: December 2006
Junior Member
The user can see and change the cookies. The reason to encrypt them is to try to avoid the user to easily do that.
Previous Topic: HTML_DB please help on this
Next Topic: Dynamic get the parameters values of a procedure?
Goto Forum:
  


Current Time: Sat Dec 03 03:57:46 CST 2016

Total time taken to generate the page: 0.20472 seconds