You can use APEX_LDAP
to perform various operations related to Lightweight Directory Access Protocol (LDAP) authentication.
Topics in this section include:
The AUTHENTICATE
function returns a boolean true if the user name and password can be used to perform a SIMPLE_BIND_S
call using the provided search base, host, and port.
FUNCTION AUTHENTICATE( p_username IN VARCHAR2 DEFAULT NULL, p_password IN VARCHAR2 DEFAULT NULL, p_search_base IN VARCHAR2, p_host IN VARCHAR2, p_port IN VARCHAR2 DEFAULT 389) RETURN BOOLEAN;
Table 6-1 describes the parameters available in the AUTHENTICATE
function.
Table 6-1 AUTHENTICATE Parameters
Parameter | Description |
---|---|
|
Login name of the user. |
|
Password for |
|
LDAP search base, for example, |
|
LDAP server host name. |
|
LDAP server port number. |
IF APEX_LDAP.AUTHENTICATE( p_username =>'FIRSTNAME.LASTNAME', p_password =>'abcdef', p_search_base => 'cn=user,l=amer,dc=my_company,dc=com', p_host => 'our_ldap_sever.my_company.com', p_port => 389) THEN dbms_output.put_line('authenticated'); ELSE dbms_output.put_line('authentication failed'); END IF;
The IS_MEMBER
function returns a boolean true if the user named by p_username
(with password if required) is a member of the group specified by the p_group
and p_group_base
parameters using the provided auth base, host, and port.
FUNCTION IS_MEMBER( p_username IN VARCHAR2 DEFAULT NULL, p_pass IN VARCHAR2 DEFAULT NULL, p_auth_base IN VARCHAR2, p_host IN VARCHAR2, p_port IN VARCHAR2 DEFAULT 389, p_group IN VARCHAR2, p_group_base IN VARCHAR2) RETURN BOOLEAN;
Table 6-2 describes the parameters available in the IS_MEMBER
function.
Table 6-2 IS_MEMBER Parameters
Parameter | Description |
---|---|
|
Login name of the user. |
|
Password for |
|
LDAP search base, for example, |
|
LDAP server host name. |
|
LDAP server port number. |
|
Name of the group to be search for membership. |
|
The base from which the search should be started. |
The MEMBER_OF
function returns an array of groups the user name designated by p_username
(with password if required) belongs to, using the provided auth base, host, and port.
FUNCTION MEMBER_OF( p_username IN VARCHAR2 DEFAULT NULL, p_pass IN VARCHAR2 DEFAULT NULL, p_auth_base IN VARCHAR2, p_host IN VARCHAR2, p_port IN VARCHAR2 DEFAULT 389) RETURN wwv_flow_global.vc_arr2;
Table 6-3 describes the parameters available in the MEMBER_OF
function.
The MEMBER_OF2
function returns an VARCHAR2
list of groups the user name designated by p_username
(with password if required) belongs to, using the provided auth base, host, and port.
FUNCTION MEMBER_OF2( p_username IN VARCHAR2 DEFAULT NULL, p_pass IN VARCHAR2 DEFAULT NULL, p_auth_base IN VARCHAR2, p_host IN VARCHAR2, p_port IN VARCHAR2 DEFAULT 389) RETURN VARCHAR2;
Table 6-4 describes the parameters available in the MEMBER_OF2
function.
The GET_USER_ATTRIBUTES
procedure returns an OUT array of user_attribute values for the user name designated by p_username
(with password if required) corresponding to the attribute names passed in p_attributes
, using the provided auth base, host, and port.
PROCEDURE GET_USER_ATTRIBUTES( p_username IN VARCHAR2 DEFAULT NULL, p_pass IN VARCHAR2 DEFAULT NULL, p_auth_base IN VARCHAR2, p_host IN VARCHAR2, p_port IN VARCHAR2 DEFAULT 389, p_attributes IN wwv_flow_global.vc_arr2, p_attribute_values OUT wwv_flow_global.vc_arr2);
Table 6-5 describes the parameters available in the GET_USER_ATTRIBUTES
procedure.
Table 6-5 GET_USER_ATTRIBUTES Parameters
Parameter | Description |
---|---|
|
Login name of the user. |
|
Password for |
|
LDAP search base, for example, |
|
LDAP server host name. |
|
LDAP server port number. |
|
An array of attribute names for which values are to be returned. |
|
An array of values returned for each corresponding attribute name in |
The GET_ALL_USER_ATTRIBUTES
procedure returns two OUT arrays of user_attribute
names and values for the user name designated by p_username
(with password if required) using the provided auth base, host, and port.
PROCEDURE GET_ALL_USER_ATTRIBUTES( p_username IN VARCHAR2 DEFAULT NULL, p_pass IN VARCHAR2 DEFAULT NULL, p_auth_base IN VARCHAR2, p_host IN VARCHAR2, p_port IN VARCHAR2 DEFAULT 389, p_attributes OUT wwv_flow_global.vc_arr2, p_attribute_values OUT wwv_flow_global.vc_arr2);
Table 6-6 describes the parameters available in the GET_ALL_USER_ATTRIBUTES
procedure.
Table 6-6 GET_ALL_USER_ATTRIBUTES Parameters
Parameter | Description |
---|---|
|
Login name of the user. |
|
Password for |
|
LDAP search base, for example, |
|
LDAP server host name. |
|
LDAP server port number. |
|
An array of attribute names returned. |
|
An array of values returned for each corresponding attribute name returned in p_attributes. |