1. App Builder User's Guide
  2. Managing Application Security
  3. Establishing User Identity Through Authentication
  4. Understanding Preconfigured Authentication Schemes
  5. No Authentication (using DAD)

20.4.3.6 No Authentication (using DAD)

Adopts the current database user. This approach can be used in combination with a mod_plsql Database Access Descriptor (DAD) configuration that uses basic authentication to set the database session user.

Parent topic: Understanding Preconfigured Authentication Schemes

20.4.3.6.1 About DAD Credentials Verification

DAD credentials verification uses the Oracle database native authentication and user mechanisms to authenticate users using a basic authentication scheme. This authentication scheme gets the user name from the DAD either as the value stored in the DAD configuration or, if the account information is not stored in the DAD configuration, as the user name captured using the basic authentication challenge.

To use DAD credentials verification:

  • Each application user must have a user account in the Oracle database.

  • You must configure a PL/SQL DAD for basic authentication (without account information).

    This results in one user name/password challenge for browser session for your application users. The user identity token is then made available in the APP_USER item.

DAD database authentication is useful when you must implement an authentication method that requires minimal setup for a manageable number of users. Ideally these users would have self-managed accounts in the database and your use of this authentication method would be short lived (for example, during the demonstration or prototyping stages of development).

The main drawback of this approach is burdensome account maintenance, especially if users do not administer their own passwords, or if their database accounts exist only to facilitate authentication to your application.

Parent topic: No Authentication (using DAD)

20.4.3.6.2 Setting Up DAD Credentials Verification

To set up DAD Credentials Verification:

  1. On the Workspace home page, click the App Builder icon.
  2. Select an application.
  3. On the Application home page, click Shared Components.

    The Shared Components page appears.

  4. Under Security, select Authentication Schemes.
  5. On the Authentication Schemes page, click Create.
  6. Select Based on a pre-configured scheme from the gallery and click Next.
  7. Under Name:
    1. Name - Enter the name used to reference the authentication scheme by other application developers.
    2. Scheme Type - Select No Authentication.
  8. Settings, Username - Enter the username for the Application Express session. If empty, Application Express uses the database session user (typically APEX_PUBLIC_USER).
  9. Click Create Authentication Scheme.

Parent topic: No Authentication (using DAD)