171 lines
6.8 KiB
Plaintext
171 lines
6.8 KiB
Plaintext
CREATE OR REPLACE PACKAGE caco_security IS
|
|
--
|
|
g_header CONSTANT VARCHAR2(160) := '$Header: /Isle Of Grain/database/PLSQL/caco_security.pck 4 20/10/05 13:33 Gilberta $';
|
|
g_revision CONSTANT VARCHAR2(160) := '$Revision: 4 $ Patch 0.2';
|
|
--
|
|
/*
|
|
* $History: caco_security.pck $
|
|
*
|
|
* ******** EFT - Nominations - Patch 0.2 ********
|
|
* Added logging of failed login
|
|
*
|
|
* ***************** Version 4 *****************
|
|
* User: Gilberta Date: 20/10/05 Time: 13:33
|
|
* Updated in $/Isle Of Grain/database/PLSQL
|
|
* Modified to size the username and password fields on the login screen
|
|
* for the benefit of IE6.
|
|
*
|
|
* ***************** Version 3 *****************
|
|
* User: Gilberta Date: 18/07/05 Time: 10:22
|
|
* Updated in $/Isle Of Grain/database/PLSQL
|
|
* Modified to fix password expiry
|
|
*
|
|
* ***************** Version 1 *****************
|
|
* User: Gilberta Date: 7/01/05 Time: 12:54
|
|
* Created in $/Isle Of Grain/database/PLSQL
|
|
* Initial Version
|
|
*
|
|
*/
|
|
--
|
|
-- Globals
|
|
--
|
|
g_current_user VARCHAR2(30);
|
|
g_current_syus_id NUMBER;
|
|
g_current_cust_id NUMBER;
|
|
g_current_inte_id NUMBER;
|
|
C_password_max_tries CONSTANT NUMBER := NVL(cout_system_configuration.get_configuration_item('G_PASSWORD_FAILED_LOGINS'),3);
|
|
|
|
--
|
|
g_client_id VARCHAR2(240);
|
|
--
|
|
---------------------------------------------------------------------
|
|
-- Security API functions
|
|
-- These functions may be called from generated WSG applications.
|
|
---------------------------------------------------------------------
|
|
--
|
|
-- Security_Check: Returns true if the currently logged on user is
|
|
-- allowed access to the specified package. If not,
|
|
-- will return false. This function will also provide
|
|
-- a means for the user to log on.
|
|
--
|
|
FUNCTION security_check(p_package_name IN VARCHAR2) RETURN BOOLEAN;
|
|
--
|
|
--
|
|
-- Add_Package_Resp: Adds a respondibility to a package, allowing users
|
|
-- with that responsibility to access the application.
|
|
-- This is called from the generated application
|
|
-- installation script if a value is supplied for
|
|
-- preference SECRES.
|
|
--
|
|
PROCEDURE add_package_resp(p_package_name IN VARCHAR2
|
|
,p_responsibility IN VARCHAR2);
|
|
--
|
|
--------------------------------------------------------------------------
|
|
-- Implementation specific functions
|
|
-- These functions are used only by this implementation of the
|
|
-- security package.
|
|
--------------------------------------------------------------------------
|
|
--
|
|
-- Get User
|
|
--
|
|
FUNCTION get_user RETURN VARCHAR2;
|
|
--
|
|
-- get session data
|
|
--
|
|
PROCEDURE get_session_data(p_client_id IN VARCHAR2 DEFAULT NULL);
|
|
--
|
|
--
|
|
-- Show_Logon_Form: Renders logon form
|
|
--
|
|
PROCEDURE show_logon_form(p_embedded IN BOOLEAN DEFAULT FALSE
|
|
,h_href IN VARCHAR2 DEFAULT NULL);
|
|
--
|
|
--
|
|
-- Process_Logon: Accepts submitted logon form and logs user on. If logon
|
|
-- fails then notifies user.
|
|
--
|
|
PROCEDURE process_logon(p_username IN VARCHAR2 DEFAULT NULL
|
|
,p_password IN VARCHAR2 DEFAULT NULL
|
|
,h_href IN VARCHAR2 DEFAULT NULL
|
|
,p_login_button IN VARCHAR2 DEFAULT NULL
|
|
);
|
|
--
|
|
-- Process_Logon: Overloaded version for client certificate
|
|
--
|
|
PROCEDURE process_certificate_logon;
|
|
--
|
|
--
|
|
-- Show_No_Access: Displays message to inform user that they do not
|
|
-- have access to the application. Provides a link
|
|
-- to the logon form.
|
|
--
|
|
PROCEDURE show_no_access;
|
|
--
|
|
--
|
|
-- Call_Logon_Form: Output HTML to call the logon form, which
|
|
-- may be in a separate window.
|
|
--
|
|
PROCEDURE call_logon_form;
|
|
--
|
|
--
|
|
-- Logoff: Removes the current user's session, logging them off. Outputs
|
|
-- HTML message when complete.
|
|
--
|
|
PROCEDURE logoff;
|
|
--
|
|
-- Logout: Removes the current user's session, logging them off. Redirects to the
|
|
-- home page
|
|
--
|
|
PROCEDURE logout;
|
|
--
|
|
---
|
|
-- Moved from CACO_UTILITIES 26-APR-2003
|
|
---
|
|
PROCEDURE change_cust_inte(p_inte_id IN intermediaries.inte_id%TYPE DEFAULT NULL
|
|
,p_cust_id IN customers.cust_id%TYPE DEFAULT NULL
|
|
,p_savebtn IN VARCHAR2 DEFAULT NULL
|
|
,p_cancbtn IN VARCHAR2 DEFAULT NULL
|
|
,p_message IN VARCHAR2 DEFAULT NULL);
|
|
/**
|
|
-- Procedure to allow user to change their password.
|
|
-- Call without parameters to display the startup screen, other parameters are used internally.
|
|
-- @param p_call_type Used internally to determine which screen to display
|
|
-- @param p_old_password Existing password for the user
|
|
-- @param p_password New password for the user
|
|
-- @param p_confirm New password for the user
|
|
-- @param p_button Value returned by a button press
|
|
--
|
|
*/
|
|
PROCEDURE change_password(p_call_type IN VARCHAR2 DEFAULT NULL
|
|
,p_old_password IN VARCHAR2 DEFAULT NULL
|
|
,p_password IN VARCHAR2 DEFAULT NULL
|
|
,p_confirm IN VARCHAR2 DEFAULT NULL
|
|
,p_button IN VARCHAR2 DEFAULT NULL
|
|
,p_embedded IN BOOLEAN DEFAULT FALSE);
|
|
/**
|
|
-- Procedure to remove expired sessions
|
|
-- No parameters required
|
|
*/
|
|
PROCEDURE remove_expired_sessions;
|
|
/**
|
|
-- Procedure to produce the register screen
|
|
*/
|
|
PROCEDURE online_user_registration ( p_register_title IN VARCHAR2 DEFAULT NULL
|
|
, p_register_first_name IN VARCHAR2 DEFAULT NULL
|
|
, p_register_surname IN VARCHAR2 DEFAULT NULL
|
|
, p_register_company IN VARCHAR2 DEFAULT NULL
|
|
, p_register_email IN VARCHAR2 DEFAULT NULL
|
|
, p_register_phone IN VARCHAR2 DEFAULT NULL
|
|
, p_register_submit IN VARCHAR2 DEFAULT NULL
|
|
);
|
|
/**
|
|
-- Procedure to process a logon using an interface
|
|
*/
|
|
PROCEDURE process_interface_logon ( p_username IN VARCHAR2
|
|
, p_password IN VARCHAR2
|
|
, p_success OUT BOOLEAN
|
|
, p_message OUT VARCHAR2 );
|
|
--
|
|
END caco_security;
|
|
/
|