SlideShare une entreprise Scribd logo

Single Sign-On for APEX apps (Important: latest version on edocr!)

Niels de Bruijn
Niels de Bruijn

IMPORTANT: As Slideshare won't let me update the content without breaking the URL, I was forced to use a new platform for my documents. Please use the following link to get the latest version: https://www.edocr.com/v/4gyjo7me/nielsdebruijn/Ultimate-Technical-Guide-to-Single-Sign-On-for-you Presentation about how to setup your APEX environment to enable single sign-on with kerberos.

Technologie
1  sur  13
Télécharger pour lire hors ligne
Technical Deep Dive: SSO for your APEX apps Niels de Bruijn July 4th, 2016
Facts & Figures Independent Technology House with Cross-Industry Expertise Headquarter Ratingen (North Rhine – Westphalia) 180 Employees Founded 1994 Branches Dortmund, Cologne, Frankfurt Top Company for Trainees & Students Privately- Owned Corporation Oracle Platinum Partner 24 Mio. Euro Revenue 2Single Sign-On for your APEX apps
3 About me § Niels de Bruijn, Business Unit Manager APEX § Born in 1977, married, three daughters, living in Ratingen § Working for MT AG since DEC-2003 § After working for 2 years as Oracle consultant for Oracle Nederland B.V. § Track record with APEX since its inception § Responsible for all APEX activity in the company § Knowledge Portal: apex.mt-ag.com § Presenting at Kscope, DOAG Conference, APEX Connect § DOAG – Initiator & Conference Chair of APEX Connect § ODTUG - Part of APEX Content Committee for Kscope Single Sign-On for your APEX apps
§ Single Sign-On § Demo time § How does the magic work? § Caveats § I want more § Questions I get § More information 4 Agenda Single Sign-On for your APEX apps
For the sake of security § Credentials are not passed to the database § Kerberos is secure (as used by Windows itself) § Central user store in Active Directory § No corporate password policy needed within APEX For the sake of productivity § End users love it § Developers can now switch between workspaces without logging in again 5 Single Sign-On Single Sign-On for your APEX apps
6 How does the magic work? 8009 Single Sign-On for your APEX apps
Start here: http://www.slideshare.net/nielsdb/mt-ag-howtosingle- signonforapexapplicationsusingkerberos-46435415 Overview § Install RDBMS & APEX § Install JDK, Tomcat & Apache/IIS § Configure ORDS & deploy § Configure Apache or IIS for SSO incl. SSL certificate General installation steps of Apache & ORDS can be found here: http://www.opal-consulting.de/downloads/presentations/2015-11-DOAG-ORDS-Setup 7 How does the magic work? Single Sign-On for your APEX apps
§ Map existing APEX accounts with their AD username APEX_UTIL.SET_USERNAME ( p_userid => APEX_UTIL.GET_USER_ID('ADMIN') , p_username => 'NDBRUIJN' ); § When using mod_auth_kerb and AD user is member of too many AD groups § Have a look here: http://blogs.technet.com/b/surama/archive/2009/04/06/kerberos- authentication-problem-with-active-directory.aspx § Once enabled, you can’t change the identity without changing the OS user § Prepare your end users § Testing with other credentials: just switch the authentication scheme to “open door” in the dev environment 8 Caveats Single Sign-On for your APEX apps
§ What about people not listed in Active Directory? § Chained authentication schemes are currently not possible in APEX § Please vote for feature request AOE6 on apex.oracle.com/vote § Workaround: Use 3th party software like Microsoft Forefront (no change in ORDS/APEX needed) § What about devices like MacBooks or Smartphones that are not part of the Windows domain? § Fallback Authentication using Basic Authentication over HTTPS § Tipp: don’t use Digest Authentication (doesn’t work with Firefox) § Don’t want to enter username/password? Client certificates will help you out. § What about the Cloud? § Active Directory will remain on site for a while § Just keep IIS or Apache as reverse proxy onsite for authentication purposes and use Oracle Cloud for ORDS / APEX (hybrid cloud solution) 9 I want more Single Sign-On for your APEX apps
§ “Should we still specify the same cookie name for all apps in our workspace?” § Yes, this prevents multiple APEX session cookies being created § “We have LDAP authentication utilized in our APEX app” § Are you sure you want to pass your AD credentials to the database? § “What about the rights in my app?” § We are talking about authentication here, the authorization is normally determined by the app § You could user dbms_ldap or apex_ldap.is_member to get privs § “Any concerns about the session timeout setting in APEX?” § Set it to 0 (= indefinitely) as session timeout is now delegated to Kerberos 10 Questions I get Single Sign-On for your APEX apps
§ “The logout link in my app doesn’t work anymore” § Well, just delete it § “How can I check if the user may access the app?” § Use an authorization scheme 11 Questions I get Single Sign-On for your APEX apps
§ General installation steps of Apache & ORDS can be found here: http://www.opal-consulting.de/downloads/presentations/2015-11-DOAG-ORDS-Setup § About Kerberos http://www.roguelynn.com/words/explain-like-im-5-kerberos § About mod_auth_kerb http://blog.hallowelt.biz/wp-content/uploads/SSO_mit_mod_auth_kerb_v3.pdf § More SSO options http://wphilltech.com/options-for-windows-native-authentication-with-apex 12 More information Single Sign-On for your APEX apps
@nielsdb http://de.linkedin.com/in/nielsdebruijn https://blog.mt-ag.com/apex

Recommandé

Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...Niels de Bruijn
 
Create Data Files and Load Data in Odoo 15
Create Data Files and Load Data in Odoo 15Create Data Files and Load Data in Odoo 15
Create Data Files and Load Data in Odoo 15Celine George
 
Step By Step to Install Oracle Business Intelligence
Step By Step to Install Oracle Business IntelligenceStep By Step to Install Oracle Business Intelligence
Step By Step to Install Oracle Business IntelligenceOsama Mustafa
 
HA, Scalability, DR & MAA in Oracle Database 21c - Overview
HA, Scalability, DR & MAA in Oracle Database 21c - OverviewHA, Scalability, DR & MAA in Oracle Database 21c - Overview
HA, Scalability, DR & MAA in Oracle Database 21c - OverviewMarkus Michalewicz
 
MySQL
MySQLMySQL
MySQLGouthaman V
 
Securing AEM webapps by hacking them
Securing AEM webapps by hacking themSecuring AEM webapps by hacking them
Securing AEM webapps by hacking themMikhail Egorov
 
AEM Meetup Sydney - Content Migration with CRX2Oak
AEM Meetup Sydney - Content Migration with CRX2OakAEM Meetup Sydney - Content Migration with CRX2Oak
AEM Meetup Sydney - Content Migration with CRX2OakMichael Henderson
 
Pentesting GraphQL Applications
Pentesting GraphQL ApplicationsPentesting GraphQL Applications
Pentesting GraphQL ApplicationsNeelu Tripathy
 

Recommandé

Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...Niels de Bruijn
 
Create Data Files and Load Data in Odoo 15
Create Data Files and Load Data in Odoo 15Create Data Files and Load Data in Odoo 15
Create Data Files and Load Data in Odoo 15Celine George
 
Step By Step to Install Oracle Business Intelligence
Step By Step to Install Oracle Business IntelligenceStep By Step to Install Oracle Business Intelligence
Step By Step to Install Oracle Business IntelligenceOsama Mustafa
 
HA, Scalability, DR & MAA in Oracle Database 21c - Overview
HA, Scalability, DR & MAA in Oracle Database 21c - OverviewHA, Scalability, DR & MAA in Oracle Database 21c - Overview
HA, Scalability, DR & MAA in Oracle Database 21c - OverviewMarkus Michalewicz
 
MySQL
MySQLMySQL
MySQLGouthaman V
 
Securing AEM webapps by hacking them
Securing AEM webapps by hacking themSecuring AEM webapps by hacking them
Securing AEM webapps by hacking themMikhail Egorov
 
AEM Meetup Sydney - Content Migration with CRX2Oak
AEM Meetup Sydney - Content Migration with CRX2OakAEM Meetup Sydney - Content Migration with CRX2Oak
AEM Meetup Sydney - Content Migration with CRX2OakMichael Henderson
 
Pentesting GraphQL Applications
Pentesting GraphQL ApplicationsPentesting GraphQL Applications
Pentesting GraphQL ApplicationsNeelu Tripathy
 
Cross-domain requests with CORS
Cross-domain requests with CORSCross-domain requests with CORS
Cross-domain requests with CORSVladimir Dzhuvinov
 
security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurationsMegha Sahu
 
Secure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior
 
PLSQL
PLSQLPLSQL
PLSQLShubham Bammi
 
Persian Datepicker for Oracle APEX
Persian Datepicker for Oracle APEXPersian Datepicker for Oracle APEX
Persian Datepicker for Oracle APEXSaeed Hassanpour
 
Oracle API Gateway
Oracle API GatewayOracle API Gateway
Oracle API GatewayRakesh Gujjarlapudi
 
User, roles and privileges
User, roles and privilegesUser, roles and privileges
User, roles and privilegesYogiji Creations
 
New methods for exploiting ORM injections in Java applications
New methods for exploiting ORM injections in Java applicationsNew methods for exploiting ORM injections in Java applications
New methods for exploiting ORM injections in Java applicationsMikhail Egorov
 
Hacking liferay
Hacking liferayHacking liferay
Hacking liferayArmel Nene
 
Mysql
MysqlMysql
MysqlRathan Raj
 
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programsAEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programsMikhail Egorov
 
Get the Look and Feel You Want in Oracle APEX
Get the Look and Feel You Want in Oracle APEXGet the Look and Feel You Want in Oracle APEX
Get the Look and Feel You Want in Oracle APEXJorge Rimblas
 
Weblogic 12c installation (oracle linux)
Weblogic 12c installation (oracle linux)Weblogic 12c installation (oracle linux)
Weblogic 12c installation (oracle linux)Osama Mustafa
 
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...gmaran23
 
Joins in SQL
Joins in SQLJoins in SQL
Joins in SQLPooja Dixit
 
Harnessing the Power of Optimizer Hints
Harnessing the Power of Optimizer HintsHarnessing the Power of Optimizer Hints
Harnessing the Power of Optimizer HintsMaria Colgan
 
Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0
Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0
Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0Yury Velikanov
 
How to use_000webhost
How to use_000webhostHow to use_000webhost
How to use_000webhostIIUM
 
A Hacker's perspective on AEM applications security
A Hacker's perspective on AEM applications securityA Hacker's perspective on AEM applications security
A Hacker's perspective on AEM applications securityMikhail Egorov
 
Sql query [select, sub] 4
Sql query [select, sub] 4Sql query [select, sub] 4
Sql query [select, sub] 4Dr. C.V. Suresh Babu
 
20160308 apex sso
20160308 apex sso20160308 apex sso
20160308 apex ssoMT AG
 
Oracle Apex Intoduction.pptx
Oracle Apex Intoduction.pptxOracle Apex Intoduction.pptx
Oracle Apex Intoduction.pptxAbhishekJha401
 

Contenu connexe

Tendances

Cross-domain requests with CORS
Cross-domain requests with CORSCross-domain requests with CORS
Cross-domain requests with CORSVladimir Dzhuvinov
 
security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurationsMegha Sahu
 
Secure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior
 
Persian Datepicker for Oracle APEX
Persian Datepicker for Oracle APEXPersian Datepicker for Oracle APEX
Persian Datepicker for Oracle APEXSaeed Hassanpour
 
User, roles and privileges
User, roles and privilegesUser, roles and privileges
User, roles and privilegesYogiji Creations
 
New methods for exploiting ORM injections in Java applications
New methods for exploiting ORM injections in Java applicationsNew methods for exploiting ORM injections in Java applications
New methods for exploiting ORM injections in Java applicationsMikhail Egorov
 
Hacking liferay
Hacking liferayHacking liferay
Hacking liferayArmel Nene
 
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programsAEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programsMikhail Egorov
 
Get the Look and Feel You Want in Oracle APEX
Get the Look and Feel You Want in Oracle APEXGet the Look and Feel You Want in Oracle APEX
Get the Look and Feel You Want in Oracle APEXJorge Rimblas
 
Weblogic 12c installation (oracle linux)
Weblogic 12c installation (oracle linux)Weblogic 12c installation (oracle linux)
Weblogic 12c installation (oracle linux)Osama Mustafa
 
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...gmaran23
 
Harnessing the Power of Optimizer Hints
Harnessing the Power of Optimizer HintsHarnessing the Power of Optimizer Hints
Harnessing the Power of Optimizer HintsMaria Colgan
 
Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0
Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0
Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0Yury Velikanov
 
How to use_000webhost
How to use_000webhostHow to use_000webhost
How to use_000webhostIIUM
 
A Hacker's perspective on AEM applications security
A Hacker's perspective on AEM applications securityA Hacker's perspective on AEM applications security
A Hacker's perspective on AEM applications securityMikhail Egorov
 

Tendances (20)

Cross-domain requests with CORS
Cross-domain requests with CORSCross-domain requests with CORS
Cross-domain requests with CORS
 
security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurations
 
Secure Code Warrior - Authentication
Secure Code Warrior - AuthenticationSecure Code Warrior - Authentication
Secure Code Warrior - Authentication
 
PLSQL
PLSQLPLSQL
PLSQL
 
Persian Datepicker for Oracle APEX
Persian Datepicker for Oracle APEXPersian Datepicker for Oracle APEX
Persian Datepicker for Oracle APEX
 
Oracle API Gateway
Oracle API GatewayOracle API Gateway
Oracle API Gateway
 
User, roles and privileges
User, roles and privilegesUser, roles and privileges
User, roles and privileges
 
New methods for exploiting ORM injections in Java applications
New methods for exploiting ORM injections in Java applicationsNew methods for exploiting ORM injections in Java applications
New methods for exploiting ORM injections in Java applications
 
Hacking liferay
Hacking liferayHacking liferay
Hacking liferay
 
Mysql
MysqlMysql
Mysql
 
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programsAEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
AEM hacker - approaching Adobe Experience Manager webapps in bug bounty programs
 
Get the Look and Feel You Want in Oracle APEX
Get the Look and Feel You Want in Oracle APEXGet the Look and Feel You Want in Oracle APEX
Get the Look and Feel You Want in Oracle APEX
 
Weblogic 12c installation (oracle linux)
Weblogic 12c installation (oracle linux)Weblogic 12c installation (oracle linux)
Weblogic 12c installation (oracle linux)
 
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
 
Joins in SQL
Joins in SQLJoins in SQL
Joins in SQL
 
Harnessing the Power of Optimizer Hints
Harnessing the Power of Optimizer HintsHarnessing the Power of Optimizer Hints
Harnessing the Power of Optimizer Hints
 
Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0
Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0
Oracle 12c RAC On your laptop Step by Step Implementation Guide 1.0
 
How to use_000webhost
How to use_000webhostHow to use_000webhost
How to use_000webhost
 
A Hacker's perspective on AEM applications security
A Hacker's perspective on AEM applications securityA Hacker's perspective on AEM applications security
A Hacker's perspective on AEM applications security
 
Sql query [select, sub] 4
Sql query [select, sub] 4Sql query [select, sub] 4
Sql query [select, sub] 4
 

Similaire à Single Sign-On for APEX apps (Important: latest version on edocr!)

20160308 apex sso
20160308 apex sso20160308 apex sso
20160308 apex ssoMT AG
 
Oracle Apex Intoduction.pptx
Oracle Apex Intoduction.pptxOracle Apex Intoduction.pptx
Oracle Apex Intoduction.pptxAbhishekJha401
 
20160307 apex on_the_rocks
20160307 apex on_the_rocks20160307 apex on_the_rocks
20160307 apex on_the_rocksMT AG
 
Moving your APEX app to the Oracle Exadata Express Cloud
Moving your APEX app to the Oracle Exadata Express CloudMoving your APEX app to the Oracle Exadata Express Cloud
Moving your APEX app to the Oracle Exadata Express CloudDimitri Gielis
 
configuring+oracle+rds+with+glasfish+server
configuring+oracle+rds+with+glasfish+serverconfiguring+oracle+rds+with+glasfish+server
configuring+oracle+rds+with+glasfish+serverhunghtc83
 
SMART4apex company presentation APEX world convention March 25 2014
SMART4apex company presentation APEX world convention March 25 2014SMART4apex company presentation APEX world convention March 25 2014
SMART4apex company presentation APEX world convention March 25 2014Sergei Martens
 
IaC MeetUp Active Directory Setup for Oracle Security LAB
IaC MeetUp Active Directory Setup for Oracle Security LABIaC MeetUp Active Directory Setup for Oracle Security LAB
IaC MeetUp Active Directory Setup for Oracle Security LABStefan Oehrli
 
OOW16 - Oracle E-Business Suite in Oracle Cloud: Technical Insight [CON6723]
OOW16 - Oracle E-Business Suite in Oracle Cloud: Technical Insight [CON6723]OOW16 - Oracle E-Business Suite in Oracle Cloud: Technical Insight [CON6723]
OOW16 - Oracle E-Business Suite in Oracle Cloud: Technical Insight [CON6723]vasuballa
 
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...Overview and Walkthrough of the Application Programming Model with SAP Cloud ...
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...SAP Cloud Platform
 
Intro on Oracle Application express - APEX
Intro on Oracle Application express - APEXIntro on Oracle Application express - APEX
Intro on Oracle Application express - APEXLino Schildenfeld
 
Getting your grips on Excel chaos
Getting your grips on Excel chaosGetting your grips on Excel chaos
Getting your grips on Excel chaosNiels de Bruijn
 
Oracle forms to oci executive overview for customer
Oracle forms to oci executive overview for customerOracle forms to oci executive overview for customer
Oracle forms to oci executive overview for customerSamy El Sherif, PMP, OUM.
 
E-Business Suite on Oracle Cloud
E-Business Suite on Oracle CloudE-Business Suite on Oracle Cloud
E-Business Suite on Oracle CloudKeith Kiattipong
 
Step-by-Step: APEX Installation on Tomcat (Windows Server 2016)
Step-by-Step: APEX Installation on Tomcat (Windows Server 2016)Step-by-Step: APEX Installation on Tomcat (Windows Server 2016)
Step-by-Step: APEX Installation on Tomcat (Windows Server 2016)sheriframadan18
 
Experiences of SOACS
Experiences of SOACSExperiences of SOACS
Experiences of SOACSSimon Haslam
 
Hybrid Cloud : Database-as-a-Service: OOW 16
Hybrid Cloud : Database-as-a-Service: OOW 16 Hybrid Cloud : Database-as-a-Service: OOW 16
Hybrid Cloud : Database-as-a-Service: OOW 16 Bala Kuchibhotla
 
REST Enabling your Oracle Database (2018 Update)
REST Enabling your Oracle Database (2018 Update)REST Enabling your Oracle Database (2018 Update)
REST Enabling your Oracle Database (2018 Update)Jeff Smith
 
[CON6985]Expanding DBaaS Beyond Data Centers Hybrid Cloud Onboarding via Orac...
[CON6985]Expanding DBaaS Beyond Data Centers Hybrid Cloud Onboarding via Orac...[CON6985]Expanding DBaaS Beyond Data Centers Hybrid Cloud Onboarding via Orac...
[CON6985]Expanding DBaaS Beyond Data Centers Hybrid Cloud Onboarding via Orac...Bharat Paliwal
 
Blue mix overview
Blue mix overviewBlue mix overview
Blue mix overviewLeon Henry
 

Similaire à Single Sign-On for APEX apps (Important: latest version on edocr!) (20)

20160308 apex sso
20160308 apex sso20160308 apex sso
20160308 apex sso
 
Oracle Apex Intoduction.pptx
Oracle Apex Intoduction.pptxOracle Apex Intoduction.pptx
Oracle Apex Intoduction.pptx
 
20160307 apex on_the_rocks
20160307 apex on_the_rocks20160307 apex on_the_rocks
20160307 apex on_the_rocks
 
Moving your APEX app to the Oracle Exadata Express Cloud
Moving your APEX app to the Oracle Exadata Express CloudMoving your APEX app to the Oracle Exadata Express Cloud
Moving your APEX app to the Oracle Exadata Express Cloud
 
configuring+oracle+rds+with+glasfish+server
configuring+oracle+rds+with+glasfish+serverconfiguring+oracle+rds+with+glasfish+server
configuring+oracle+rds+with+glasfish+server
 
SMART4apex company presentation APEX world convention March 25 2014
SMART4apex company presentation APEX world convention March 25 2014SMART4apex company presentation APEX world convention March 25 2014
SMART4apex company presentation APEX world convention March 25 2014
 
IaC MeetUp Active Directory Setup for Oracle Security LAB
IaC MeetUp Active Directory Setup for Oracle Security LABIaC MeetUp Active Directory Setup for Oracle Security LAB
IaC MeetUp Active Directory Setup for Oracle Security LAB
 
OOW16 - Oracle E-Business Suite in Oracle Cloud: Technical Insight [CON6723]
OOW16 - Oracle E-Business Suite in Oracle Cloud: Technical Insight [CON6723]OOW16 - Oracle E-Business Suite in Oracle Cloud: Technical Insight [CON6723]
OOW16 - Oracle E-Business Suite in Oracle Cloud: Technical Insight [CON6723]
 
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...Overview and Walkthrough of the Application Programming Model with SAP Cloud ...
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...
 
Intro on Oracle Application express - APEX
Intro on Oracle Application express - APEXIntro on Oracle Application express - APEX
Intro on Oracle Application express - APEX
 
Getting your grips on Excel chaos
Getting your grips on Excel chaosGetting your grips on Excel chaos
Getting your grips on Excel chaos
 
Oracle forms to oci executive overview for customer
Oracle forms to oci executive overview for customerOracle forms to oci executive overview for customer
Oracle forms to oci executive overview for customer
 
E-Business Suite on Oracle Cloud
E-Business Suite on Oracle CloudE-Business Suite on Oracle Cloud
E-Business Suite on Oracle Cloud
 
Step-by-Step: APEX Installation on Tomcat (Windows Server 2016)
Step-by-Step: APEX Installation on Tomcat (Windows Server 2016)Step-by-Step: APEX Installation on Tomcat (Windows Server 2016)
Step-by-Step: APEX Installation on Tomcat (Windows Server 2016)
 
Hello Cloud
Hello CloudHello Cloud
Hello Cloud
 
Experiences of SOACS
Experiences of SOACSExperiences of SOACS
Experiences of SOACS
 
Hybrid Cloud : Database-as-a-Service: OOW 16
Hybrid Cloud : Database-as-a-Service: OOW 16 Hybrid Cloud : Database-as-a-Service: OOW 16
Hybrid Cloud : Database-as-a-Service: OOW 16
 
REST Enabling your Oracle Database (2018 Update)
REST Enabling your Oracle Database (2018 Update)REST Enabling your Oracle Database (2018 Update)
REST Enabling your Oracle Database (2018 Update)
 
[CON6985]Expanding DBaaS Beyond Data Centers Hybrid Cloud Onboarding via Orac...
[CON6985]Expanding DBaaS Beyond Data Centers Hybrid Cloud Onboarding via Orac...[CON6985]Expanding DBaaS Beyond Data Centers Hybrid Cloud Onboarding via Orac...
[CON6985]Expanding DBaaS Beyond Data Centers Hybrid Cloud Onboarding via Orac...
 
Blue mix overview
Blue mix overviewBlue mix overview
Blue mix overview
 

Plus de Niels de Bruijn

APEX 5.1 - Architektur, Installation & Betrieb
APEX 5.1 - Architektur, Installation & BetriebAPEX 5.1 - Architektur, Installation & Betrieb
APEX 5.1 - Architektur, Installation & BetriebNiels de Bruijn
 
Anwendungsmodernisierung mit Oracle Application Express (APEX)
Anwendungsmodernisierung mit Oracle Application Express (APEX)Anwendungsmodernisierung mit Oracle Application Express (APEX)
Anwendungsmodernisierung mit Oracle Application Express (APEX)Niels de Bruijn
 
Affordable Workflow Options for APEX
Affordable Workflow Options for APEXAffordable Workflow Options for APEX
Affordable Workflow Options for APEXNiels de Bruijn
 
APEX für den Oracle DBA
APEX für den Oracle DBAAPEX für den Oracle DBA
APEX für den Oracle DBANiels de Bruijn
 
Packaged Applications in APEX 5.0
Packaged Applications in APEX 5.0Packaged Applications in APEX 5.0
Packaged Applications in APEX 5.0Niels de Bruijn
 
The_Beauty_And_The_Beast_APEX_and_SAP
The_Beauty_And_The_Beast_APEX_and_SAPThe_Beauty_And_The_Beast_APEX_and_SAP
The_Beauty_And_The_Beast_APEX_and_SAPNiels de Bruijn
 
Schatten IT erfolgreich bekämpfen
Schatten IT erfolgreich bekämpfenSchatten IT erfolgreich bekämpfen
Schatten IT erfolgreich bekämpfenNiels de Bruijn
 
MT AG - KASS - Keep APEX Stupid Simple
MT AG - KASS - Keep APEX Stupid SimpleMT AG - KASS - Keep APEX Stupid Simple
MT AG - KASS - Keep APEX Stupid SimpleNiels de Bruijn
 
MT AG New Features APEX 4.2
MT AG New Features APEX 4.2MT AG New Features APEX 4.2
MT AG New Features APEX 4.2Niels de Bruijn
 
MT AG Möglichkeiten mit PhoneGap in verbindung mit APEX 4.2.
MT AG Möglichkeiten mit PhoneGap in verbindung mit APEX 4.2.MT AG Möglichkeiten mit PhoneGap in verbindung mit APEX 4.2.
MT AG Möglichkeiten mit PhoneGap in verbindung mit APEX 4.2.Niels de Bruijn
 
MT AG 8 Gute Gründe warum Forms zu APEX
MT AG 8 Gute Gründe warum Forms zu APEXMT AG 8 Gute Gründe warum Forms zu APEX
MT AG 8 Gute Gründe warum Forms zu APEXNiels de Bruijn
 
MT AG 7 Gute Gründe warum APEX
MT AG 7 Gute Gründe warum APEXMT AG 7 Gute Gründe warum APEX
MT AG 7 Gute Gründe warum APEXNiels de Bruijn
 
MT AG Rapid Application Development mit APEX 5 (Important: latest version on ...
MT AG Rapid Application Development mit APEX 5 (Important: latest version on ...MT AG Rapid Application Development mit APEX 5 (Important: latest version on ...
MT AG Rapid Application Development mit APEX 5 (Important: latest version on ...Niels de Bruijn
 

Plus de Niels de Bruijn (18)

APEX Migration
APEX MigrationAPEX Migration
APEX Migration
 
Low-Code Testing Tool
Low-Code Testing ToolLow-Code Testing Tool
Low-Code Testing Tool
 
Flows for APEX
Flows for APEXFlows for APEX
Flows for APEX
 
APEX 5.1 - Architektur, Installation & Betrieb
APEX 5.1 - Architektur, Installation & BetriebAPEX 5.1 - Architektur, Installation & Betrieb
APEX 5.1 - Architektur, Installation & Betrieb
 
Anwendungsmodernisierung mit Oracle Application Express (APEX)
Anwendungsmodernisierung mit Oracle Application Express (APEX)Anwendungsmodernisierung mit Oracle Application Express (APEX)
Anwendungsmodernisierung mit Oracle Application Express (APEX)
 
Affordable Workflow Options for APEX
Affordable Workflow Options for APEXAffordable Workflow Options for APEX
Affordable Workflow Options for APEX
 
APEX für den Oracle DBA
APEX für den Oracle DBAAPEX für den Oracle DBA
APEX für den Oracle DBA
 
Packaged Applications in APEX 5.0
Packaged Applications in APEX 5.0Packaged Applications in APEX 5.0
Packaged Applications in APEX 5.0
 
The_Beauty_And_The_Beast_APEX_and_SAP
The_Beauty_And_The_Beast_APEX_and_SAPThe_Beauty_And_The_Beast_APEX_and_SAP
The_Beauty_And_The_Beast_APEX_and_SAP
 
Schatten IT erfolgreich bekämpfen
Schatten IT erfolgreich bekämpfenSchatten IT erfolgreich bekämpfen
Schatten IT erfolgreich bekämpfen
 
APEX 5.0, und sonst?
APEX 5.0, und sonst?APEX 5.0, und sonst?
APEX 5.0, und sonst?
 
MT AG - KASS - Keep APEX Stupid Simple
MT AG - KASS - Keep APEX Stupid SimpleMT AG - KASS - Keep APEX Stupid Simple
MT AG - KASS - Keep APEX Stupid Simple
 
MT AG New Features APEX 4.2
MT AG New Features APEX 4.2MT AG New Features APEX 4.2
MT AG New Features APEX 4.2
 
MT AG Möglichkeiten mit PhoneGap in verbindung mit APEX 4.2.
MT AG Möglichkeiten mit PhoneGap in verbindung mit APEX 4.2.MT AG Möglichkeiten mit PhoneGap in verbindung mit APEX 4.2.
MT AG Möglichkeiten mit PhoneGap in verbindung mit APEX 4.2.
 
MT AG APEX goes Mobile
MT AG APEX goes MobileMT AG APEX goes Mobile
MT AG APEX goes Mobile
 
MT AG 8 Gute Gründe warum Forms zu APEX
MT AG 8 Gute Gründe warum Forms zu APEXMT AG 8 Gute Gründe warum Forms zu APEX
MT AG 8 Gute Gründe warum Forms zu APEX
 
MT AG 7 Gute Gründe warum APEX
MT AG 7 Gute Gründe warum APEXMT AG 7 Gute Gründe warum APEX
MT AG 7 Gute Gründe warum APEX
 
MT AG Rapid Application Development mit APEX 5 (Important: latest version on ...
MT AG Rapid Application Development mit APEX 5 (Important: latest version on ...MT AG Rapid Application Development mit APEX 5 (Important: latest version on ...
MT AG Rapid Application Development mit APEX 5 (Important: latest version on ...
 

Dernier

Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 

Dernier (20)

Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 

Single Sign-On for APEX apps (Important: latest version on edocr!)

  • 1. Technical Deep Dive: SSO for your APEX apps Niels de Bruijn July 4th, 2016
  • 2. Facts & Figures Independent Technology House with Cross-Industry Expertise Headquarter Ratingen (North Rhine – Westphalia) 180 Employees Founded 1994 Branches Dortmund, Cologne, Frankfurt Top Company for Trainees & Students Privately- Owned Corporation Oracle Platinum Partner 24 Mio. Euro Revenue 2Single Sign-On for your APEX apps
  • 3. 3 About me § Niels de Bruijn, Business Unit Manager APEX § Born in 1977, married, three daughters, living in Ratingen § Working for MT AG since DEC-2003 § After working for 2 years as Oracle consultant for Oracle Nederland B.V. § Track record with APEX since its inception § Responsible for all APEX activity in the company § Knowledge Portal: apex.mt-ag.com § Presenting at Kscope, DOAG Conference, APEX Connect § DOAG – Initiator & Conference Chair of APEX Connect § ODTUG - Part of APEX Content Committee for Kscope Single Sign-On for your APEX apps
  • 4. § Single Sign-On § Demo time § How does the magic work? § Caveats § I want more § Questions I get § More information 4 Agenda Single Sign-On for your APEX apps
  • 5. For the sake of security § Credentials are not passed to the database § Kerberos is secure (as used by Windows itself) § Central user store in Active Directory § No corporate password policy needed within APEX For the sake of productivity § End users love it § Developers can now switch between workspaces without logging in again 5 Single Sign-On Single Sign-On for your APEX apps
  • 6. 6 How does the magic work? 8009 Single Sign-On for your APEX apps
  • 7. Start here: http://www.slideshare.net/nielsdb/mt-ag-howtosingle- signonforapexapplicationsusingkerberos-46435415 Overview § Install RDBMS & APEX § Install JDK, Tomcat & Apache/IIS § Configure ORDS & deploy § Configure Apache or IIS for SSO incl. SSL certificate General installation steps of Apache & ORDS can be found here: http://www.opal-consulting.de/downloads/presentations/2015-11-DOAG-ORDS-Setup 7 How does the magic work? Single Sign-On for your APEX apps
  • 8. § Map existing APEX accounts with their AD username APEX_UTIL.SET_USERNAME ( p_userid => APEX_UTIL.GET_USER_ID('ADMIN') , p_username => 'NDBRUIJN' ); § When using mod_auth_kerb and AD user is member of too many AD groups § Have a look here: http://blogs.technet.com/b/surama/archive/2009/04/06/kerberos- authentication-problem-with-active-directory.aspx § Once enabled, you can’t change the identity without changing the OS user § Prepare your end users § Testing with other credentials: just switch the authentication scheme to “open door” in the dev environment 8 Caveats Single Sign-On for your APEX apps
  • 9. § What about people not listed in Active Directory? § Chained authentication schemes are currently not possible in APEX § Please vote for feature request AOE6 on apex.oracle.com/vote § Workaround: Use 3th party software like Microsoft Forefront (no change in ORDS/APEX needed) § What about devices like MacBooks or Smartphones that are not part of the Windows domain? § Fallback Authentication using Basic Authentication over HTTPS § Tipp: don’t use Digest Authentication (doesn’t work with Firefox) § Don’t want to enter username/password? Client certificates will help you out. § What about the Cloud? § Active Directory will remain on site for a while § Just keep IIS or Apache as reverse proxy onsite for authentication purposes and use Oracle Cloud for ORDS / APEX (hybrid cloud solution) 9 I want more Single Sign-On for your APEX apps
  • 10. § “Should we still specify the same cookie name for all apps in our workspace?” § Yes, this prevents multiple APEX session cookies being created § “We have LDAP authentication utilized in our APEX app” § Are you sure you want to pass your AD credentials to the database? § “What about the rights in my app?” § We are talking about authentication here, the authorization is normally determined by the app § You could user dbms_ldap or apex_ldap.is_member to get privs § “Any concerns about the session timeout setting in APEX?” § Set it to 0 (= indefinitely) as session timeout is now delegated to Kerberos 10 Questions I get Single Sign-On for your APEX apps
  • 11. § “The logout link in my app doesn’t work anymore” § Well, just delete it § “How can I check if the user may access the app?” § Use an authorization scheme 11 Questions I get Single Sign-On for your APEX apps
  • 12. § General installation steps of Apache & ORDS can be found here: http://www.opal-consulting.de/downloads/presentations/2015-11-DOAG-ORDS-Setup § About Kerberos http://www.roguelynn.com/words/explain-like-im-5-kerberos § About mod_auth_kerb http://blog.hallowelt.biz/wp-content/uploads/SSO_mit_mod_auth_kerb_v3.pdf § More SSO options http://wphilltech.com/options-for-windows-native-authentication-with-apex 12 More information Single Sign-On for your APEX apps