DEVHIDE
Login Or Sign up

Oracle authentication not working?

403 Views Asked by At

I implemented a LogOut button which logouts user from webpage. Server is Oracle HTTP server.

When clicked on LogOut it executes below procedure

PROCEDURE log_me_off IS

BEGIN
   -- Open the HTTP header
   owa_util.mime_header('text/html', FALSE, NULL);

   -- Send a cookie to logout
   owa_cookie.send('WDB_GATEWAY_LOGOUT', 'YES', path=>'/');



   -- Close the HTTP header
   owa_util.http_header_close;

   -- Generate the page
   htp.p('
   <head>
    <script type = "text/javascript" >
    history.pushState(null, null, ''xna_hpms_ui.log_me_off'');
    window.addEventListener(''popstate'', function(event) {
    history.pushState(null, null, ''xna_hpms_ui.log_me_off'');
    });
    </script>
   </head>
   You have been logged off from the WEBSITE');
   htp.anchor( 'http://www.google.com', 'click here to login a');
   htp.p('<BR>bye');

END;


END;
/

Document I referred: https://docs.oracle.com/cd/B13789_01/server.101/b12303/secure.htm

Problem:

  1. In Chrome, when i click on the Log Off button it Log Outs the user and after that when user try to refresh or try to open webpage in new tab a prompt appears asking for the login credentials, if the user clicks Cancel and Refresh the tab he automatically gets logged in. While this behavior is not in IE.

  2. When there are many tabs open and user clicks Log Off button he gets logout from the current page while when navigate to other tab if he clicks anywhere he again asked by webpage to enter credentials while if he clicks Cancel and Refreshes the page he again got logged on without entering credentials.

Kindly Help

oracle plsql oracle11g procedure mod-plsql
Original Q&A
1

There are 1 best solutions below

0
On BEST ANSWER

I recommend using Custom OWA and your own cookie as a means of authenticating users. Set up the DAD to authorize the schema using custom_owa. Then create the custom_owa.authorize package/function in your schema.

The custom_owa.authorize function will be called before each page is accessed. If it returns true the request is granted. If false, the request is denied.

This give you complete control over who can access what. So what you do is set your own cookie when someone logs into your website. Then in custom_owa.authorize check the cookie and return true or false accordingly.

When someone logs off, destroy the cookie or expire it.

Related Questions in ORACLE

Related Questions in PLSQL

Related Questions in ORACLE11G

Related Questions in PROCEDURE

Related Questions in MOD-PLSQL

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.