13c9c0ca97
git-svn-id: http://locode01.ad.dom/svn/WEBMIP/trunk@3255 248e525c-4dfb-0310-94bc-949c084e9493
491 lines
13 KiB
HTML
491 lines
13 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
|
<HTML>
|
|
<HEAD>
|
|
<LINK REL="STYLESHEET" TYPE="text/css" HREF="plsqldoc.css">
|
|
<TITLE>Package mip_security</TITLE>
|
|
<META name="object" content="PACKAGE">
|
|
<META name="name" content="mip_security">
|
|
<META name="description" content="Handle authentication and authorization processes for the MIP project">
|
|
</HEAD>
|
|
<BODY>
|
|
<TABLE WIDTH="100%"><TR>
|
|
<TD><P ALIGN="LEFT"><STRONG><SMALL></SMALL></STRONG></TD>
|
|
<TD><P ALIGN="RIGHT"><STRONG><SMALL><A HREF="index.html">index</A></SMALL></STRONG></TD>
|
|
</TR></TABLE>
|
|
<TABLE CLASS="MAIN_TABLE"><TR><TD CLASS="DESC_TEXT">
|
|
<P CLASS="MAIN_TITLE">Package mip_security</P>
|
|
Handle authentication and authorization processes for the MIP project<br>
|
|
|
|
<BR>
|
|
</TD></TR></TABLE>
|
|
<HR>
|
|
<A NAME="Program units"></A>
|
|
<TABLE CLASS="SUB_TABLE"><TR><TD CLASS="SUB_TITLE">
|
|
Program units
|
|
</TD></TR></TABLE>
|
|
<TABLE CLASS="SUB_TABLE">
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#login">login</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
Perform user authentication and login An authenticated login for an expired password will result in flow to the 'Change Password' page.
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#get_hash">get_hash</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
Generate a hash from the given username and password
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#valid_user2">valid_user2</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
%obs private function
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#valid_user">valid_user</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
%obs replaced by <A HREF=#authenticate_user>authenticate_user</A>
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#authenticate_user">authenticate_user</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
Authenticates the given username and password
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#user_screen">user_screen</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#admin_screen">admin_screen</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#new_password">new_password</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#other_user_password">other_user_password</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#get_user_status">get_user_status</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#set_user_status">set_user_status</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
Updates the user status
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#page_authorization">page_authorization</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
Authorize access to the given page
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#component_authorization">component_authorization</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
Authorize access to the given component
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="TYPE_ITEM">
|
|
<A HREF="#region_authorization">region_authorization</A>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
Authorize access to the given region
|
|
</TD></TR>
|
|
</TABLE>
|
|
<BR>
|
|
<HR>
|
|
<A NAME="login"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
login
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
PROCEDURE login(p_uname IN VARCHAR2
|
|
,p_password IN VARCHAR2
|
|
,p_session_id IN VARCHAR2
|
|
,p_flow_page IN VARCHAR2)
|
|
|
|
</PRE>
|
|
<P CLASS="DESC_TEXT">
|
|
Perform user authentication and login An authenticated login for an expired password will result in flow to the 'Change Password' page.<br>
|
|
|
|
<BR>
|
|
</P>
|
|
<A NAME="Parameters"></A>
|
|
<TABLE CLASS="LIST_TABLE"><TR><TD CLASS="LIST_TITLE">
|
|
Parameters
|
|
</TD></TR></TABLE>
|
|
<TABLE CLASS="LIST_TABLE">
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_uname
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
username<br>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_password
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
password<br>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_session_id
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
APEX session number<br>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_flow_page
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
the app:page to which flow should pass on successful authentication<br>
|
|
|
|
</TD></TR>
|
|
</TABLE>
|
|
<BR>
|
|
<HR>
|
|
<A NAME="get_hash"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
get_hash
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
FUNCTION get_hash(p_username IN VARCHAR2
|
|
,p_password IN VARCHAR2) RETURN VARCHAR2
|
|
|
|
</PRE>
|
|
<P CLASS="DESC_TEXT">
|
|
Generate a hash from the given username and password<br>
|
|
<br>
|
|
The system does not record users passwords 'in the plain', instead we recordThe resultant hash is recorded as the username 'password hash'<br>
|
|
|
|
<BR>
|
|
</P>
|
|
<HR>
|
|
<A NAME="valid_user2"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
valid_user2
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
PROCEDURE valid_user2(p_username IN VARCHAR2
|
|
,p_password IN VARCHAR2)
|
|
|
|
</PRE>
|
|
|
|
<A NAME="Obsolete"></A>
|
|
<TABLE CLASS="LIST_TABLE"><TR><TD CLASS="LIST_TITLE">
|
|
Obsolete
|
|
</TD></TR></TABLE>
|
|
<TABLE CLASS="LIST_TABLE">
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
private function<br>
|
|
|
|
</TD></TR>
|
|
</TABLE>
|
|
<BR>
|
|
<HR>
|
|
<A NAME="valid_user"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
valid_user
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
FUNCTION valid_user(p_username IN VARCHAR2
|
|
,p_password IN VARCHAR2) RETURN BOOLEAN
|
|
|
|
</PRE>
|
|
|
|
<A NAME="Obsolete"></A>
|
|
<TABLE CLASS="LIST_TABLE"><TR><TD CLASS="LIST_TITLE">
|
|
Obsolete
|
|
</TD></TR></TABLE>
|
|
<TABLE CLASS="LIST_TABLE">
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
replaced by <A HREF=#authenticate_user>authenticate_user</A>
|
|
|
|
</TD></TR>
|
|
</TABLE>
|
|
<BR>
|
|
<HR>
|
|
<A NAME="authenticate_user"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
authenticate_user
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
FUNCTION authenticate_user(p_username IN VARCHAR2
|
|
,p_password IN VARCHAR2) RETURN BOOLEAN
|
|
|
|
</PRE>
|
|
<P CLASS="DESC_TEXT">
|
|
Authenticates the given username and password<br>
|
|
|
|
<BR>
|
|
</P>
|
|
<A NAME="Returns"></A>
|
|
<TABLE CLASS="LIST_TABLE"><TR><TD CLASS="LIST_TITLE">
|
|
Returns
|
|
</TD></TR></TABLE>
|
|
<TABLE CLASS="LIST_TABLE">
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
TRUE for authenticated username and password combination<br>
|
|
|
|
</TD></TR>
|
|
</TABLE>
|
|
<BR>
|
|
<A NAME="Replaces"></A>
|
|
<TABLE CLASS="LIST_TABLE"><TR><TD CLASS="LIST_TITLE">
|
|
Replaces
|
|
</TD></TR></TABLE>
|
|
<TABLE CLASS="LIST_TABLE">
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
<A HREF=#valid_user>valid_user</A>, <A HREF=#valid_user2>valid_user2</A>
|
|
|
|
</TD></TR>
|
|
</TABLE>
|
|
<BR>
|
|
<HR>
|
|
<A NAME="user_screen"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
user_screen
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
FUNCTION user_screen(p_username IN VARCHAR2) RETURN BOOLEAN
|
|
|
|
</PRE>
|
|
<HR>
|
|
<A NAME="admin_screen"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
admin_screen
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
FUNCTION admin_screen(p_username IN VARCHAR2) RETURN BOOLEAN
|
|
|
|
</PRE>
|
|
<HR>
|
|
<A NAME="new_password"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
new_password
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
PROCEDURE new_password(p_username IN VARCHAR2
|
|
,p_password IN VARCHAR2)
|
|
|
|
</PRE>
|
|
<HR>
|
|
<A NAME="other_user_password"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
other_user_password
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
PROCEDURE other_user_password(p_prty_id IN NUMBER
|
|
,p_username IN VARCHAR2
|
|
,p_password IN VARCHAR2)
|
|
|
|
</PRE>
|
|
<HR>
|
|
<A NAME="get_user_status"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
get_user_status
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
FUNCTION get_user_status(p_username IN VARCHAR2) RETURN VARCHAR2
|
|
|
|
</PRE>
|
|
<HR>
|
|
<A NAME="set_user_status"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
set_user_status
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
PROCEDURE set_user_status(p_username IN VARCHAR2
|
|
,p_status IN VARCHAR2)
|
|
|
|
</PRE>
|
|
<P CLASS="DESC_TEXT">
|
|
Updates the user status<br>
|
|
|
|
<BR>
|
|
</P>
|
|
<HR>
|
|
<A NAME="page_authorization"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
page_authorization
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
FUNCTION page_authorization(p_app_user IN VARCHAR2
|
|
,p_page_id IN NUMBER
|
|
,p_privilege IN apex_authorization.privilege%TYPE DEFAULT 'A')
|
|
RETURN BOOLEAN
|
|
|
|
</PRE>
|
|
<P CLASS="DESC_TEXT">
|
|
Authorize access to the given page<br>
|
|
|
|
<BR>
|
|
</P>
|
|
<A NAME="Parameters"></A>
|
|
<TABLE CLASS="LIST_TABLE"><TR><TD CLASS="LIST_TITLE">
|
|
Parameters
|
|
</TD></TR></TABLE>
|
|
<TABLE CLASS="LIST_TABLE">
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_app_user
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
The name of the application user<br>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_page_id
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
The page to be accessed<br>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_privilege
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
The access privilege requested<br>
|
|
|
|
</TD></TR>
|
|
</TABLE>
|
|
<BR>
|
|
<A NAME="Returns"></A>
|
|
<TABLE CLASS="LIST_TABLE"><TR><TD CLASS="LIST_TITLE">
|
|
Returns
|
|
</TD></TR></TABLE>
|
|
<TABLE CLASS="LIST_TABLE">
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
Boolean value, true for access allowed<br>
|
|
|
|
</TD></TR>
|
|
</TABLE>
|
|
<BR>
|
|
<HR>
|
|
<A NAME="component_authorization"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
component_authorization
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
FUNCTION component_authorization(p_app_user IN VARCHAR2
|
|
,p_component_name IN apex_authorization.component_name%TYPE
|
|
,p_privilege IN apex_authorization.privilege%TYPE DEFAULT 'A')
|
|
RETURN BOOLEAN
|
|
|
|
</PRE>
|
|
<P CLASS="DESC_TEXT">
|
|
Authorize access to the given component<br>
|
|
|
|
<BR>
|
|
</P>
|
|
<A NAME="Parameters"></A>
|
|
<TABLE CLASS="LIST_TABLE"><TR><TD CLASS="LIST_TITLE">
|
|
Parameters
|
|
</TD></TR></TABLE>
|
|
<TABLE CLASS="LIST_TABLE">
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_app_user
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
The name of the application user<br>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_component_name
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
The name of the component to be accessed<br>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_privilege
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
The access privilege requested<br>
|
|
|
|
</TD></TR>
|
|
</TABLE>
|
|
<BR>
|
|
<A NAME="Returns"></A>
|
|
<TABLE CLASS="LIST_TABLE"><TR><TD CLASS="LIST_TITLE">
|
|
Returns
|
|
</TD></TR></TABLE>
|
|
<TABLE CLASS="LIST_TABLE">
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
Boolean value, true for access allowed<br>
|
|
|
|
</TD></TR>
|
|
</TABLE>
|
|
<BR>
|
|
<HR>
|
|
<A NAME="region_authorization"></A>
|
|
<P CLASS="TYPE_TITLE">
|
|
region_authorization
|
|
</P>
|
|
<PRE CLASS="DECL_TEXT">
|
|
FUNCTION region_authorization(p_app_user IN VARCHAR2
|
|
,p_component_name IN apex_authorization.component_name%TYPE
|
|
,p_privilege IN apex_authorization.privilege%TYPE DEFAULT 'A')
|
|
RETURN BOOLEAN
|
|
|
|
</PRE>
|
|
<P CLASS="DESC_TEXT">
|
|
Authorize access to the given region<br>
|
|
|
|
<BR>
|
|
</P>
|
|
<A NAME="Parameters"></A>
|
|
<TABLE CLASS="LIST_TABLE"><TR><TD CLASS="LIST_TITLE">
|
|
Parameters
|
|
</TD></TR></TABLE>
|
|
<TABLE CLASS="LIST_TABLE">
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_app_user
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
The name of the application user<br>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_component_name
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
The name of the region to be accessed<br>
|
|
|
|
</TD></TR>
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
p_privilege
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
The access privilege requested<br>
|
|
|
|
</TD></TR>
|
|
</TABLE>
|
|
<BR>
|
|
<A NAME="Returns"></A>
|
|
<TABLE CLASS="LIST_TABLE"><TR><TD CLASS="LIST_TITLE">
|
|
Returns
|
|
</TD></TR></TABLE>
|
|
<TABLE CLASS="LIST_TABLE">
|
|
<TR><TD VALIGN="TOP" CLASS="LIST_ITEM" WIDTH=1%>
|
|
</TD><TD CLASS="DESC_TEXT" WIDTH=95%>
|
|
Boolean value, true for access allowed<br>
|
|
|
|
</TD></TR>
|
|
</TABLE>
|
|
<BR>
|
|
<P> </P>
|
|
<P> </P>
|
|
</BODY>
|
|
</HTML>
|