You can use APEX_LDAP to perform various operations related to Lightweight Directory Access Protocol (LDAP) authentication.
Topics in this section include:
The AUTHENTICATE function returns a boolean true if the user name and password can be used to perform a SIMPLE_BIND_S call using the provided search base, host, and port.
FUNCTION AUTHENTICATE(
p_username IN VARCHAR2 DEFAULT NULL,
p_password IN VARCHAR2 DEFAULT NULL,
p_search_base IN VARCHAR2,
p_host IN VARCHAR2,
p_port IN VARCHAR2 DEFAULT 389)
RETURN BOOLEAN;
Table 6-1 describes the parameters available in the AUTHENTICATE function.
Table 6-1 AUTHENTICATE Parameters
| Parameter | Description |
|---|---|
|
|
Login name of the user. |
|
|
Password for |
|
|
LDAP search base, for example, |
|
|
LDAP server host name. |
|
|
LDAP server port number. |
IF APEX_LDAP.AUTHENTICATE(
p_username =>'FIRSTNAME.LASTNAME',
p_password =>'abcdef',
p_search_base => 'cn=user,l=amer,dc=my_company,dc=com',
p_host => 'our_ldap_sever.my_company.com',
p_port => 389) THEN
dbms_output.put_line('authenticated');
ELSE
dbms_output.put_line('authentication failed');
END IF;
The IS_MEMBER function returns a boolean true if the user named by p_username (with password if required) is a member of the group specified by the p_group and p_group_base parameters using the provided auth base, host, and port.
FUNCTION IS_MEMBER(
p_username IN VARCHAR2 DEFAULT NULL,
p_pass IN VARCHAR2 DEFAULT NULL,
p_auth_base IN VARCHAR2,
p_host IN VARCHAR2,
p_port IN VARCHAR2 DEFAULT 389,
p_group IN VARCHAR2,
p_group_base IN VARCHAR2)
RETURN BOOLEAN;
Table 6-2 describes the parameters available in the IS_MEMBER function.
Table 6-2 IS_MEMBER Parameters
| Parameter | Description |
|---|---|
|
|
Login name of the user. |
|
|
Password for |
|
|
LDAP search base, for example, |
|
|
LDAP server host name. |
|
|
LDAP server port number. |
|
|
Name of the group to be search for membership. |
|
|
The base from which the search should be started. |
The MEMBER_OF function returns an array of groups the user name designated by p_username (with password if required) belongs to, using the provided auth base, host, and port.
FUNCTION MEMBER_OF(
p_username IN VARCHAR2 DEFAULT NULL,
p_pass IN VARCHAR2 DEFAULT NULL,
p_auth_base IN VARCHAR2,
p_host IN VARCHAR2,
p_port IN VARCHAR2 DEFAULT 389)
RETURN wwv_flow_global.vc_arr2;
Table 6-3 describes the parameters available in the MEMBER_OF function.
The MEMBER_OF2 function returns an VARCHAR2 list of groups the user name designated by p_username (with password if required) belongs to, using the provided auth base, host, and port.
FUNCTION MEMBER_OF2(
p_username IN VARCHAR2 DEFAULT NULL,
p_pass IN VARCHAR2 DEFAULT NULL,
p_auth_base IN VARCHAR2,
p_host IN VARCHAR2,
p_port IN VARCHAR2 DEFAULT 389)
RETURN VARCHAR2;
Table 6-4 describes the parameters available in the MEMBER_OF2 function.
The GET_USER_ATTRIBUTES procedure returns an OUT array of user_attribute values for the user name designated by p_username (with password if required) corresponding to the attribute names passed in p_attributes, using the provided auth base, host, and port.
PROCEDURE GET_USER_ATTRIBUTES(
p_username IN VARCHAR2 DEFAULT NULL,
p_pass IN VARCHAR2 DEFAULT NULL,
p_auth_base IN VARCHAR2,
p_host IN VARCHAR2,
p_port IN VARCHAR2 DEFAULT 389,
p_attributes IN wwv_flow_global.vc_arr2,
p_attribute_values OUT wwv_flow_global.vc_arr2);
Table 6-5 describes the parameters available in the GET_USER_ATTRIBUTES procedure.
Table 6-5 GET_USER_ATTRIBUTES Parameters
| Parameter | Description |
|---|---|
|
|
Login name of the user. |
|
|
Password for |
|
|
LDAP search base, for example, |
|
|
LDAP server host name. |
|
|
LDAP server port number. |
|
|
An array of attribute names for which values are to be returned. |
|
|
An array of values returned for each corresponding attribute name in |
The GET_ALL_USER_ATTRIBUTES procedure returns two OUT arrays of user_attribute names and values for the user name designated by p_username (with password if required) using the provided auth base, host, and port.
PROCEDURE GET_ALL_USER_ATTRIBUTES(
p_username IN VARCHAR2 DEFAULT NULL,
p_pass IN VARCHAR2 DEFAULT NULL,
p_auth_base IN VARCHAR2,
p_host IN VARCHAR2,
p_port IN VARCHAR2 DEFAULT 389,
p_attributes OUT wwv_flow_global.vc_arr2,
p_attribute_values OUT wwv_flow_global.vc_arr2);
Table 6-6 describes the parameters available in the GET_ALL_USER_ATTRIBUTES procedure.
Table 6-6 GET_ALL_USER_ATTRIBUTES Parameters
| Parameter | Description |
|---|---|
|
|
Login name of the user. |
|
|
Password for |
|
|
LDAP search base, for example, |
|
|
LDAP server host name. |
|
|
LDAP server port number. |
|
|
An array of attribute names returned. |
|
|
An array of values returned for each corresponding attribute name returned in p_attributes. |