Using Apex Authorization schemes in PL/SQL

The problem with using APEX authorization schemes in PL/SQL has been addressed several times in blogs and forums, but we occasionally still get questions  on how to solve this:

I have a page where users with admin roles can modify data and other users can only view it. Hiding the button to save the record is easily done with an authorization scheme:

Capture

However, now I want my items to be displayed as “Read Only” too. There is no option to select your authorization scheme, but Apex wouldn’t be Apex if there hadn’t been an easy solution.

The function “apex_authorization.is_authorized(‘authoutization_scheme’)” does the trick. It will check the authorization scheme and return a boolean. Add a small PL/SQL block in the Read Only-part of your item like this:

Capture

Now your item is read only for persons without the admin role.


Some additional information:

With this function it’s also possible to combine multiple authorization schemes:

IF apex_authorization.is_authorized('isAdmin')
   OR apex_authorization.is_authorized('isWrite')
   OR :P3000_USER = 'TEST' THEN
  RETURN FALSE;
ELSE
  RETURN TRUE;
END IF;

Attention: if you want to use this functionality prior to Apex 4.2, you need to use “apex_util.public_check_authorization“!

Bryxx has launched!

On Tuesday, May 7 the Bryxx launch event took place. In the beautiful setting of the Flandria boat, and in the presence of a large number of customers, we revealed the services of this new venture. As a joint venture between the iAdvise and Contribute infrastructure teams, Bryxx will specifically focus on the middleware field.
In bringing together both expert middleware teams, we will focus on
  • Opening up your business critical web applications to your intranet or to the internet
  • Making sure that these applications, deployed on your middleware stack, are secure on all layers of the underlying architecture. Security from-data-to-browser
  • Streamlining and automating your process of development towards production
  • Providing you with the opportunities to outsource the maintenance of your private middleware cloud or to outsource your entire private middleware cloud
From a technical point of view Bryxx will dedicate its expertise to 4 domains:
  • Oracle Cloud Application Foundation (with web logic as the main driver)
  • Oracle Identity & Access management
  • Oracle Database Security
  • DevOps
With respect to these 4 areas of expertise, Bryxx provides strong consultancy profiles on all levels (pre-sales, infrastructure architects, senior implementation engineers, etc) to design, install, configure, maintain and monitor your middleware platform as well as to streamline the process of application development towards your preferred middleware solution.
When you add our managed services and hosted solutions offering on each of these domains to this package, with strong partnerships in the backend, we believe Bryxx has a strong and complete offering for all your middleware challenges !Our team of 14 dedicated and experienced middleware engineers is ready for you.
Want to know more?
Visit us at www.bryxx.eu or contact us at info@bryxx.eu
 bryxx1bryxx2bryxx3bryxx4

ApEx 3.2 : Page Security -> Autocomplete

A nice enhancement in the new ApEx version 3.2 is that you can set autocomplete off under page security. AutoComplete in HTML forms stores information entered into INPUT_text, the next time that a user visits your Web page a list of previously used data will appear.

Go to Edit Page -> Page Attributes -> Security and you will see the new option Form Auto Complete.

The default value when creating a page is “On”, setting it to “Off” will generate autocomplete=”off” in your page FORM tag, now a user will not see a list of previously entered data anymore.

ApEx 3.2 : Session Timeout

If you are planning to play the new Oracle APEX 3.2 version then be sure to checkout the new security feature Session Timeout.

Session Timeout will automatically invalidate your apex session if you use it. You can find session timeout under Shared Components -> Edit Security Attributes where you have have 2 options:

- Maximum Session Length: setting this property will allow you to define how long a user can use his session when logging in into your application, after witch the user will be forced to login again.

- Maximum Session Idle Time: Setting this property will define how many seconds a user can be idle before his/her session will be invalidated and the user will be forced to login again.

Optionally you can set a logout URL where you will redirect the user to, if the URL is an ApEx page then remeber to redirect the user to a public page.

The documentation of this new feature says that you can use three substitution items for your url: &APP_SESSION., &SESSION., and &APP_ID., although the session substitution items would probably have little value seeing the session has ended.