plsql - Oracle authentication not working? -


i implemented logout button logouts user webpage. server oracle http server.

when clicked on logout executes below procedure

procedure log_me_off  begin    -- open http header    owa_util.mime_header('text/html', false, null);     -- send cookie logout    owa_cookie.send('wdb_gateway_logout', 'yes', path=>'/');       -- close http header    owa_util.http_header_close;     -- generate page    htp.p('    <head>     <script type = "text/javascript" >     history.pushstate(null, null, ''xna_hpms_ui.log_me_off'');     window.addeventlistener(''popstate'', function(event) {     history.pushstate(null, null, ''xna_hpms_ui.log_me_off'');     });     </script>    </head>    have been logged off website');    htp.anchor( 'http://www.google.com', 'click here login a');    htp.p('<br>bye');  end;   end; /

document referred: https://docs.oracle.com/cd/b13789_01/server.101/b12303/secure.htm

problem:

  1. in chrome, when click on log off button log outs user , after when user try refresh or try open webpage in new tab prompt appears asking login credentials, if user clicks cancel , refresh tab automatically gets logged in. while behavior not in ie.

  2. when there many tabs open , user clicks log off button gets logout current page while when navigate other tab if clicks anywhere again asked webpage enter credentials while if clicks cancel , refreshes page again got logged on without entering credentials.

kindly help

i recommend using custom owa , own cookie means of authenticating users. set dad authorize schema using custom_owa. create custom_owa.authorize package/function in schema.

the custom_owa.authorize function called before each page accessed. if returns true request granted. if false, request denied.

this give complete control on can access what. set own cookie when logs website. in custom_owa.authorize check cookie , return true or false accordingly.

when logs off, destroy cookie or expire it.


Comments

Post a Comment

Popular posts from this blog

Magento/PHP - Get phones on all members in a customer group -

i working on custom magento extension. working around adminhtml part , i've created custom form there. here form code: <?php class vivasindustries_smsnotification_block_adminhtml_sms_sendmass_edit_form extends mage_adminhtml_block_widget_form { public function _preparelayout() { $extensionpath = mage::getmoduledir('js', 'vivasindustries_smsnotification'); $head = $this->getlayout()->getblock('head'); $head->addjs('jquery.js'); $head->addjs('vivas.js'); return parent::_preparelayout(); } protected function _prepareform() { $form = new varien_data_form(array( 'id' => 'edit_form', 'action' => $this->geturl('*/*/save', array('id' => $this->getrequest()->get...
Read more

php - Bypass Geo Redirect for specific directories -

i'm trying bypass redirect specific url within site. wondering if might able help. the code below code use, original urls replaces example.com i'd able access http://example.com/admin without redirect occuring. is there way this, , there way using own ip? function country_geo_redirect() { $country = getenv('http_geoip_country_code'); if ($country == "us" ) { wp_redirect("http://usa.example.com/"); exit; } else if ($country == "gb" ) { wp_redirect("http://uk.example.com/"); exit; } } add_action('init', 'country_geo_redirect'); you can bypass redirection code if server found ip address. if ip address == <my ip address> ' nothing here else country_georedirect() end if
Read more

php - .htaccess mod_rewrite for dynamic url which has domain names -

i want convert url ex:( example.com/link.php?url=facebook.com ) ( example.com/facebook.com.php ) how can using .htaccess. or there other process make job easier ? i tried adding script .htaccess file options +followsymlinks rewriteengine on rewriterule url-(.*)\.htm$ link.php?url=$1 but converting url adding "url-" ( example.com/url-facebook.com.php ) i want remove "url-" , want make ( example.com/facebook.com.php ) rewriteengine on rewritecond %{the_request} ^get.*link\.php\?url\= [nc] rewritecond %{request_uri} !/system/.* [nc] rewriterule (.*?)link\.php\?url\=/*(.*) /$1$2 [r=301,ne,l] not sure how above work edit of used use remove index.php url
Read more