Home » RDBMS Server » Security » Password and Login feature
Password and Login feature [message #121532] Mon, 30 May 2005 08:03 Go to next message
dmcgilli
Messages: 6
Registered: May 2005
Junior Member
Hello,
I have written a web based application in PL/SQL. It sits on top of an Oracle database. What I want to do is whenever a user visits certain web pages the application asks for a login and password.

A reply:

Where can I find information about how to:
"
I would rather put a security wrapper aroud code, so that when you call a transaction, it first checks to see if you are logged in and only proceeds if you are logged in - else prints an message.
"

Thanks
Douglas McGillivray
Re: Password and Login feature [message #121538 is a reply to message #121532] Mon, 30 May 2005 08:48 Go to previous messageGo to next message
Frank Naude
Messages: 4579
Registered: April 1998
Senior Member
Hi,

Is this a mod_plsql application? If so, you can set a cookie when the user authenticates. Successive procedure calls can then check if the session is valid.

When the user login:
if (i_submit like '%Login%' and v_user_exists = 1) then
   owa_util.mime_header('text/html', false);
   owa_cookie.send('userid', i_user,   sysdate+1);
   owa_cookie.send('passwd', i_passwd, sysdate+1);
   owa_util.http_header_close;
   ...


In each protected procedure:
  v_userid_cookie := owa_cookie.get('userid');
  v_passwd_cookie := owa_cookie.get('passwd');
  if (v_passwd_cookie.num_vals < 1 and ...) then
     htp.p('<FONT COLOR=RED><B>Please login first!/FONT>');
     return -1;
  end if;


Best regards.

Frank
Re: Password and Login feature [message #151722 is a reply to message #121538] Sun, 18 December 2005 12:08 Go to previous message
dmcgilli
Messages: 6
Registered: May 2005
Junior Member
Hello,

I'm interested in more information related to the Oracle OWA_COOKIE package.

Thanks

Doug
Previous Topic: remote db connectvity
Next Topic: decrypt password field
Goto Forum:
  


Current Time: Thu Mar 28 14:10:40 CDT 2024