Such a frequent request in the forums is to either share authentication between sessions, or dynamically change the authentication scheme - which hasn't been possible until APEX 18.1.
I've set up a sample application, where the home page is public, and contains a concise summary of this post.
https://apex.oracle.com/pls/apex/f?p=100567:1
Clicking 'Secured Page' in the menu will open page 2, forcing default open-door authentication, if not already authenticated.
The default authentication scheme is open-door credentials, but there is another defined for APEX accounts. I've given them a simpler name for simpler parameterisation.
Authentication Schemes available to app |
The non-current scheme must have the following property set to Enabled.
Authentication Scheme - Switch in Session |
However, is this opening up a security issue, offering the end-user an ability to change authentication method on the fly?
Now the following two links allow toggling between authentication schemes at runtime
https://apex.oracle.com/pls/apex/f?p=100567:2:0:APEX_AUTHENTICATION=apex
https://apex.oracle.com/pls/apex/f?p=100567:2:0:APEX_AUTHENTICATION=open
If this REQUEST parameter is present, it always appears to force fresh authentication.
However,
:REQUEST
returns null when attempting to use as a condition on the page.This is an alternative to the application session sharing technique, and may be useful when integrating social sign-in.
Another use case could be for the related development environment. If you're using OAuth2 authentication, it probably won't be practical signing in as other users, so enabling switching back to an older authentication scheme could be useful.
Thanks to Morten for the heads-up.
Thank you so much, I’ve already found many helpful tips here.
ReplyDeleteI will try this on my company Indiaaccess and Hostasp database server
Thanks for your info
How to programmatically determine which authentication scheme is current?
ReplyDeleteBifin - this can be done using apex_application_install.set_authentication_scheme
ReplyDelete