Some Oracle Apex proxy server and https wrinkles affecting authentication.

In a deployment of Oracle Apex I’m working on, I needed to work with a proxy server. The proxy server has an https url. I’ve also deployed https on my Oracle HTTP server on the Oracle Apex machine.

I’m using the default https certificate that ships with Oracle HTTP Server 11.1.0. While this is not a signed certificate, end users never see a prompt from their browser because this is handled at the proxy server just once by the server administrator.

I’m using the standalone installation of OHS which is now part of the larger Weblogic suite. OHS and Oracle database are on the same Windows 2008 machine. Database version: 11.2.0. Apex Version: 3.2.1.00.12.

Issues:
1. I needed to get a value passed in from the proxy server so that users did not have to login. Here’s how.

2. I wanted to base my security on the username passed in from the proxy. To do that, I created an application item which is in the Shared Components – Logic – Application Items section. Then I created an Application Process (also in the Shared components – Logic) section. This process sets the application item during authentication time.

3. My authentication scheme is database.

4. I updated the authorization scheme to use Application Item mentioned above rather than default built in variable APP_USER.

5. I put in some conditional display of items which detects whether or not a user accessed the application via the proxy server. If they did not, then the Application Item is not set and they will not have sufficient authorization to use the application.

6. Finally, I updated the authorization values accordingly as needed on tabs, lists and pages.

Advertisements