Re: semi OT - Anonymous authentication against AD using DBMS_LDAP
From: Bill Ferguson <wbfergus_at_gmail.com>
Date: Thu, 12 Jan 2012 06:23:52 -0700
Message-ID: <CADEE6ZOwXivgGuGqQZaPOcvY7mdZT0gRL+qAP9dEzoF36FHrMQ_at_mail.gmail.com>
I'm authenticating against our AD for my APEX apps. I don't have OID or any of that other, expensive stuff, so I use a similar routine. Once I query AD, I grab whatever information is there and store it in a collection, and then I parse the collection for the 'MemberOf' enties. I actually setup groups in AD for my different types of users, so once I figure out which group they belong in, then I login them into APEX with those permissions. The hardest part of the whole thing, since I knew absolutely nothing about AD prior to this (and I barely know a little more now), was that when I authenticated the user, I had to specify (pre-pend), the domain to their SAMAccountName, so it was 'domain/SAMAccountName'. After I figured that part out, the rest worked smoothly.
Date: Thu, 12 Jan 2012 06:23:52 -0700
Message-ID: <CADEE6ZOwXivgGuGqQZaPOcvY7mdZT0gRL+qAP9dEzoF36FHrMQ_at_mail.gmail.com>
I'm authenticating against our AD for my APEX apps. I don't have OID or any of that other, expensive stuff, so I use a similar routine. Once I query AD, I grab whatever information is there and store it in a collection, and then I parse the collection for the 'MemberOf' enties. I actually setup groups in AD for my different types of users, so once I figure out which group they belong in, then I login them into APEX with those permissions. The hardest part of the whole thing, since I knew absolutely nothing about AD prior to this (and I barely know a little more now), was that when I authenticated the user, I had to specify (pre-pend), the domain to their SAMAccountName, so it was 'domain/SAMAccountName'. After I figured that part out, the rest worked smoothly.
Not sure if this is the same problem you're running into, but maybe it helps.
--
- Bill Ferguson -- http://www.freelists.org/webpage/oracle-l