CREATE OR REPLACE PACKAGE caco_security IS -- g_header CONSTANT VARCHAR2(160) := '$Header: /Isle Of Grain/database/PLSQL/caco_security.pck 4 20/10/05 13:33 Gilberta $'; g_revision CONSTANT VARCHAR2(160) := '$Revision: 4 $ Patch 0.2'; -- /* * $History: caco_security.pck $ * * ******** EFT - Nominations - Patch 0.2 ******** * Added logging of failed login * * ***************** Version 4 ***************** * User: Gilberta Date: 20/10/05 Time: 13:33 * Updated in $/Isle Of Grain/database/PLSQL * Modified to size the username and password fields on the login screen * for the benefit of IE6. * * ***************** Version 3 ***************** * User: Gilberta Date: 18/07/05 Time: 10:22 * Updated in $/Isle Of Grain/database/PLSQL * Modified to fix password expiry * * ***************** Version 1 ***************** * User: Gilberta Date: 7/01/05 Time: 12:54 * Created in $/Isle Of Grain/database/PLSQL * Initial Version * */ -- -- Globals -- g_current_user VARCHAR2(30); g_current_syus_id NUMBER; g_current_cust_id NUMBER; g_current_inte_id NUMBER; C_password_max_tries CONSTANT NUMBER := NVL(cout_system_configuration.get_configuration_item('G_PASSWORD_FAILED_LOGINS'),3); -- g_client_id VARCHAR2(240); -- --------------------------------------------------------------------- -- Security API functions -- These functions may be called from generated WSG applications. --------------------------------------------------------------------- -- -- Security_Check: Returns true if the currently logged on user is -- allowed access to the specified package. If not, -- will return false. This function will also provide -- a means for the user to log on. -- FUNCTION security_check(p_package_name IN VARCHAR2) RETURN BOOLEAN; -- -- -- Add_Package_Resp: Adds a respondibility to a package, allowing users -- with that responsibility to access the application. -- This is called from the generated application -- installation script if a value is supplied for -- preference SECRES. -- PROCEDURE add_package_resp(p_package_name IN VARCHAR2 ,p_responsibility IN VARCHAR2); -- -------------------------------------------------------------------------- -- Implementation specific functions -- These functions are used only by this implementation of the -- security package. -------------------------------------------------------------------------- -- -- Get User -- FUNCTION get_user RETURN VARCHAR2; -- -- get session data -- PROCEDURE get_session_data(p_client_id IN VARCHAR2 DEFAULT NULL); -- -- -- Show_Logon_Form: Renders logon form -- PROCEDURE show_logon_form(p_embedded IN BOOLEAN DEFAULT FALSE ,h_href IN VARCHAR2 DEFAULT NULL); -- -- -- Process_Logon: Accepts submitted logon form and logs user on. If logon -- fails then notifies user. -- PROCEDURE process_logon(p_username IN VARCHAR2 DEFAULT NULL ,p_password IN VARCHAR2 DEFAULT NULL ,h_href IN VARCHAR2 DEFAULT NULL ,p_login_button IN VARCHAR2 DEFAULT NULL ); -- -- Process_Logon: Overloaded version for client certificate -- PROCEDURE process_certificate_logon; -- -- -- Show_No_Access: Displays message to inform user that they do not -- have access to the application. Provides a link -- to the logon form. -- PROCEDURE show_no_access; -- -- -- Call_Logon_Form: Output HTML to call the logon form, which -- may be in a separate window. -- PROCEDURE call_logon_form; -- -- -- Logoff: Removes the current user's session, logging them off. Outputs -- HTML message when complete. -- PROCEDURE logoff; -- -- Logout: Removes the current user's session, logging them off. Redirects to the -- home page -- PROCEDURE logout; -- --- -- Moved from CACO_UTILITIES 26-APR-2003 --- PROCEDURE change_cust_inte(p_inte_id IN intermediaries.inte_id%TYPE DEFAULT NULL ,p_cust_id IN customers.cust_id%TYPE DEFAULT NULL ,p_savebtn IN VARCHAR2 DEFAULT NULL ,p_cancbtn IN VARCHAR2 DEFAULT NULL ,p_message IN VARCHAR2 DEFAULT NULL); /** -- Procedure to allow user to change their password. -- Call without parameters to display the startup screen, other parameters are used internally. -- @param p_call_type Used internally to determine which screen to display -- @param p_old_password Existing password for the user -- @param p_password New password for the user -- @param p_confirm New password for the user -- @param p_button Value returned by a button press -- */ PROCEDURE change_password(p_call_type IN VARCHAR2 DEFAULT NULL ,p_old_password IN VARCHAR2 DEFAULT NULL ,p_password IN VARCHAR2 DEFAULT NULL ,p_confirm IN VARCHAR2 DEFAULT NULL ,p_button IN VARCHAR2 DEFAULT NULL ,p_embedded IN BOOLEAN DEFAULT FALSE); /** -- Procedure to remove expired sessions -- No parameters required */ PROCEDURE remove_expired_sessions; /** -- Procedure to produce the register screen */ PROCEDURE online_user_registration ( p_register_title IN VARCHAR2 DEFAULT NULL , p_register_first_name IN VARCHAR2 DEFAULT NULL , p_register_surname IN VARCHAR2 DEFAULT NULL , p_register_company IN VARCHAR2 DEFAULT NULL , p_register_email IN VARCHAR2 DEFAULT NULL , p_register_phone IN VARCHAR2 DEFAULT NULL , p_register_submit IN VARCHAR2 DEFAULT NULL ); /** -- Procedure to process a logon using an interface */ PROCEDURE process_interface_logon ( p_username IN VARCHAR2 , p_password IN VARCHAR2 , p_success OUT BOOLEAN , p_message OUT VARCHAR2 ); -- END caco_security; /