SlideShare a Scribd company logo

SSO for APEX: It's Not an Option

MT AG
MT AG

Single Sign-On (SSO) is not an optional feature for APEX applications according to the speaker. The document discusses how SSO using Kerberos works by having APEX applications authenticate users through Active Directory without passing credentials to the database. Some caveats are mentioned such as how to handle users not in AD. Additional information resources are provided to learn more about Kerberos, mod_auth_kerb, and other SSO options.

Software
1 of 12
Download to read offline
Single Sign-On for APEX: It‘s not an option Niels de Bruijn 08.03.2016 | APEX World
Facts & Figures Independent Technology House with Cross-Industry Expertise Headquarter Ratingen (North Rhine – Westphalia) 240 Employees Founded 1994 Branches Dortmund, Cologne, Frankfurt Top Company for Trainees & Students Privately- Owned Corporation Oracle Platinum Partner 24 Mio. Euro Revenue 2Single Sign-On for APEX
3 About me § Niels de Bruijn, Business Unit Manager APEX § Born in 1977, married, three daughters, living in Ratingen § Working for MT AG since DEC-2003 § After working for 2 years as Oracle consultant for Oracle Nederland B.V. § Track record with APEX since its inception § Responsible for all APEX activity in the company § Knowledge Portal: apex.mt-ag.com § Active DOAG member and responsible for APEX within this society § Presenting at Kscope, DOAG Conference, APEXposed, APEX World, APEX Connect § Conference Chair for conference DOAG APEX Connect § Part of APEX Content Committee for Kscope § Member of the APEX Review Board Single Sign-On for APEX
§ Single Sign-On: it is not an option § How does the magic work? § Caveats § I want more § Questions I get § More information 4 Agenda Single Sign-On for APEX
For the sake of security § Credentials are not passed to the database § Kerberos is secure (as used by Windows itself) § Central user store in Active Directory § No corporate password policy needed within APEX For the sake of productivity § End users love it § Developers can now switch between workspaces without logging in again WHAT IS YOUR EXCUSE FOR NOT USING IT? 5 Single Sign-On: it is not an option Single Sign-On for APEX
6 How does the magic work? 8009 Single Sign-On for APEX
Start here: http://www.slideshare.net/nielsdb/mt-ag-howtosingle- signonforapexapplicationsusingkerberos-46435415 Overview § Install RDBMS & APEX § Install JDK, Tomcat & Apache/IIS § Configure ORDS & deploy § Configure Apache or IIS for SSO incl. SSL certificate General installation steps of Apache & ORDS can be found here: http://www.opal-consulting.de/downloads/presentations/2015-11-DOAG-ORDS-Setup 7 How does the magic work? Single Sign-On for APEX
§ Map existing APEX accounts with their AD username APEX_UTIL.SET_USERNAME ( p_userid => APEX_UTIL.GET_USER_ID('ADMIN') , p_username => 'NDBRUIJN' ); § When using mod_auth_kerb and AD user is member of too many AD groups § Have a look here: http://blogs.technet.com/b/surama/archive/2009/04/06/kerberos- authentication-problem-with-active-directory.aspx § Once enabled, you can’t change the identity without changing the OS user § Prepare your end users § For developers: just switch the authentication scheme to “open door” in the dev environment 8 Caveats Single Sign-On for APEX
§ What about people not listed in Active Directory? § Option 1: Use a separate entry point (ie. VirtualHost) & use Custom Auth in your APEX app § Option 2: Use software like Microsoft Forefront (no change in ORDS/APEX needed) § What about devices like MacBooks or Smartphones that are not part of the Windows domain? § Fallback Authentication using Basic Authentication over HTTPS § Tipp: don’t use Digest Authentication (doesn’t work with Firefox) § Don’t want to enter username/password? Client certificates will help you out. 9 I want more Single Sign-On for APEX
§ “We already have the shared session Cookie, so why bother?” § Still use it to prevent multiple APEX session cookies § “We already have LDAP authentication utilized in our APEX app” § Are you sure you want to pass your AD credentials to the database? § “What about the rights in my app?” § We are talking about authentication here, the authorization is normally determined by the app § “Any concerns about the session timeout setting in APEX?” § Set it to 99999 as this is now delegated to Kerberos § “The logout link in my app doesn’t work anymore” § Just delete it 10 Questions I get Single Sign-On for APEX
§ General installation steps of Apache & ORDS can be found here: http://www.opal-consulting.de/downloads/presentations/2015-11-DOAG-ORDS-Setup § About Kerberos http://www.roguelynn.com/words/explain-like-im-5-kerberos § About mod_auth_kerb http://blog.hallowelt.biz/wp-content/uploads/SSO_mit_mod_auth_kerb_v3.pdf § More SSO options http://wphilltech.com/options-for-windows-native-authentication-with-apex 11 More information Single Sign-On for APEX
Questions? @nielsdb http://nielsdebr.blogspot.de http://de.linkedin.com/in/nielsdebruijn www.xing.com/profile/Niels_deBruijn http://www.apexsolutions.de/blog

Recommended

20160307 apex on_the_rocks
20160307 apex on_the_rocks20160307 apex on_the_rocks
20160307 apex on_the_rocksMT AG
 
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...Niels de Bruijn
 
Single Sign-On for APEX apps (Important: latest version on edocr!)
Single Sign-On for APEX apps (Important: latest version on edocr!)Single Sign-On for APEX apps (Important: latest version on edocr!)
Single Sign-On for APEX apps (Important: latest version on edocr!)Niels de Bruijn
 
The_Beauty_And_The_Beast_APEX_and_SAP
The_Beauty_And_The_Beast_APEX_and_SAPThe_Beauty_And_The_Beast_APEX_and_SAP
The_Beauty_And_The_Beast_APEX_and_SAPNiels de Bruijn
 
Getting your grips on Excel chaos
Getting your grips on Excel chaosGetting your grips on Excel chaos
Getting your grips on Excel chaosNiels de Bruijn
 
Flows for APEX
Flows for APEXFlows for APEX
Flows for APEXNiels de Bruijn
 
MT AG - KASS - Keep APEX Stupid Simple
MT AG - KASS - Keep APEX Stupid SimpleMT AG - KASS - Keep APEX Stupid Simple
MT AG - KASS - Keep APEX Stupid SimpleNiels de Bruijn
 
APEX Migration
APEX MigrationAPEX Migration
APEX MigrationNiels de Bruijn
 

Recommended

20160307 apex on_the_rocks
20160307 apex on_the_rocks20160307 apex on_the_rocks
20160307 apex on_the_rocksMT AG
 
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...Single Sign-On for APEX applications based on Kerberos (Important: latest ver...
Single Sign-On for APEX applications based on Kerberos (Important: latest ver...Niels de Bruijn
 
Single Sign-On for APEX apps (Important: latest version on edocr!)
Single Sign-On for APEX apps (Important: latest version on edocr!)Single Sign-On for APEX apps (Important: latest version on edocr!)
Single Sign-On for APEX apps (Important: latest version on edocr!)Niels de Bruijn
 
The_Beauty_And_The_Beast_APEX_and_SAP
The_Beauty_And_The_Beast_APEX_and_SAPThe_Beauty_And_The_Beast_APEX_and_SAP
The_Beauty_And_The_Beast_APEX_and_SAPNiels de Bruijn
 
Getting your grips on Excel chaos
Getting your grips on Excel chaosGetting your grips on Excel chaos
Getting your grips on Excel chaosNiels de Bruijn
 
Flows for APEX
Flows for APEXFlows for APEX
Flows for APEXNiels de Bruijn
 
MT AG - KASS - Keep APEX Stupid Simple
MT AG - KASS - Keep APEX Stupid SimpleMT AG - KASS - Keep APEX Stupid Simple
MT AG - KASS - Keep APEX Stupid SimpleNiels de Bruijn
 
APEX Migration
APEX MigrationAPEX Migration
APEX MigrationNiels de Bruijn
 
Affordable Workflow Options for APEX
Affordable Workflow Options for APEXAffordable Workflow Options for APEX
Affordable Workflow Options for APEXNiels de Bruijn
 
Apex behind the scenes
Apex behind the scenesApex behind the scenes
Apex behind the scenesEnkitec
 
APEX richtig installieren und konfigurieren
APEX richtig installieren und konfigurierenAPEX richtig installieren und konfigurieren
APEX richtig installieren und konfigurierenOliver Lemm
 
Mastering Universal Theme with corporate design from Union Investment
Mastering Universal Theme with corporate design from Union InvestmentMastering Universal Theme with corporate design from Union Investment
Mastering Universal Theme with corporate design from Union InvestmentOliver Lemm
 
Oracle Enterprise manager 13c Installation
Oracle Enterprise manager 13c InstallationOracle Enterprise manager 13c Installation
Oracle Enterprise manager 13c InstallationOsama Mustafa
 
Install oracle siebel on windows 2008 r2
Install oracle siebel on windows 2008 r2Install oracle siebel on windows 2008 r2
Install oracle siebel on windows 2008 r2Osama Mustafa
 
J2ee user managment using dwh builder
J2ee user managment using dwh builderJ2ee user managment using dwh builder
J2ee user managment using dwh builderOsama Mustafa
 
Developer Insights for Application Upgrade to ColdFusion 2016
Developer Insights for Application Upgrade to ColdFusion 2016Developer Insights for Application Upgrade to ColdFusion 2016
Developer Insights for Application Upgrade to ColdFusion 2016ColdFusionConference
 
Tips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud ServiceTips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud ServiceSimon Haslam
 
APEX Behind the Scenes by Scott Spendolini
APEX Behind the Scenes by Scott SpendoliniAPEX Behind the Scenes by Scott Spendolini
APEX Behind the Scenes by Scott SpendoliniEnkitec
 
SOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the CloudSOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the CloudSimon Haslam
 
Using jca salesforce adapter with soa suite
Using jca salesforce adapter with soa suiteUsing jca salesforce adapter with soa suite
Using jca salesforce adapter with soa suiteTUSHAR VARSHNEY
 
How to add storage to esxi 5.5
How to add storage to esxi 5.5How to add storage to esxi 5.5
How to add storage to esxi 5.5Osama Mustafa
 
The RDBMS You Should Be Using
The RDBMS You Should Be UsingThe RDBMS You Should Be Using
The RDBMS You Should Be UsingColdFusionConference
 
APEX connects Jira
APEX connects JiraAPEX connects Jira
APEX connects JiraOliver Lemm
 
Api manager preconference
Api manager preconferenceApi manager preconference
Api manager preconferenceColdFusionConference
 
OWA And SharePoint Integration
OWA And SharePoint IntegrationOWA And SharePoint Integration
OWA And SharePoint Integrationjems7
 
Weblogic 101 for dba
Weblogic 101 for dbaWeblogic 101 for dba
Weblogic 101 for dbaOsama Mustafa
 
Oracle on VMware Licensing Plugin for Oracle EM12c Beta Overview
Oracle on VMware Licensing Plugin for Oracle EM12c Beta OverviewOracle on VMware Licensing Plugin for Oracle EM12c Beta Overview
Oracle on VMware Licensing Plugin for Oracle EM12c Beta OverviewBlue Medora
 
Oracle SOA Suite for High availability Enterprises
Oracle SOA Suite for High availability EnterprisesOracle SOA Suite for High availability Enterprises
Oracle SOA Suite for High availability EnterprisesDataNext Solutions
 
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...Overview and Walkthrough of the Application Programming Model with SAP Cloud ...
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...SAP Cloud Platform
 
SMART4apex company presentation APEX world convention March 25 2014
SMART4apex company presentation APEX world convention March 25 2014SMART4apex company presentation APEX world convention March 25 2014
SMART4apex company presentation APEX world convention March 25 2014Sergei Martens
 

More Related Content

What's hot

Affordable Workflow Options for APEX
Affordable Workflow Options for APEXAffordable Workflow Options for APEX
Affordable Workflow Options for APEXNiels de Bruijn
 
Apex behind the scenes
Apex behind the scenesApex behind the scenes
Apex behind the scenesEnkitec
 
APEX richtig installieren und konfigurieren
APEX richtig installieren und konfigurierenAPEX richtig installieren und konfigurieren
APEX richtig installieren und konfigurierenOliver Lemm
 
Mastering Universal Theme with corporate design from Union Investment
Mastering Universal Theme with corporate design from Union InvestmentMastering Universal Theme with corporate design from Union Investment
Mastering Universal Theme with corporate design from Union InvestmentOliver Lemm
 
Oracle Enterprise manager 13c Installation
Oracle Enterprise manager 13c InstallationOracle Enterprise manager 13c Installation
Oracle Enterprise manager 13c InstallationOsama Mustafa
 
Install oracle siebel on windows 2008 r2
Install oracle siebel on windows 2008 r2Install oracle siebel on windows 2008 r2
Install oracle siebel on windows 2008 r2Osama Mustafa
 
J2ee user managment using dwh builder
J2ee user managment using dwh builderJ2ee user managment using dwh builder
J2ee user managment using dwh builderOsama Mustafa
 
Developer Insights for Application Upgrade to ColdFusion 2016
Developer Insights for Application Upgrade to ColdFusion 2016Developer Insights for Application Upgrade to ColdFusion 2016
Developer Insights for Application Upgrade to ColdFusion 2016ColdFusionConference
 
Tips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud ServiceTips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud ServiceSimon Haslam
 
APEX Behind the Scenes by Scott Spendolini
APEX Behind the Scenes by Scott SpendoliniAPEX Behind the Scenes by Scott Spendolini
APEX Behind the Scenes by Scott SpendoliniEnkitec
 
SOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the CloudSOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the CloudSimon Haslam
 
Using jca salesforce adapter with soa suite
Using jca salesforce adapter with soa suiteUsing jca salesforce adapter with soa suite
Using jca salesforce adapter with soa suiteTUSHAR VARSHNEY
 
How to add storage to esxi 5.5
How to add storage to esxi 5.5How to add storage to esxi 5.5
How to add storage to esxi 5.5Osama Mustafa
 
APEX connects Jira
APEX connects JiraAPEX connects Jira
APEX connects JiraOliver Lemm
 
OWA And SharePoint Integration
OWA And SharePoint IntegrationOWA And SharePoint Integration
OWA And SharePoint Integrationjems7
 
Weblogic 101 for dba
Weblogic 101 for dbaWeblogic 101 for dba
Weblogic 101 for dbaOsama Mustafa
 
Oracle on VMware Licensing Plugin for Oracle EM12c Beta Overview
Oracle on VMware Licensing Plugin for Oracle EM12c Beta OverviewOracle on VMware Licensing Plugin for Oracle EM12c Beta Overview
Oracle on VMware Licensing Plugin for Oracle EM12c Beta OverviewBlue Medora
 
Oracle SOA Suite for High availability Enterprises
Oracle SOA Suite for High availability EnterprisesOracle SOA Suite for High availability Enterprises
Oracle SOA Suite for High availability EnterprisesDataNext Solutions
 

What's hot (20)

Affordable Workflow Options for APEX
Affordable Workflow Options for APEXAffordable Workflow Options for APEX
Affordable Workflow Options for APEX
 
Apex behind the scenes
Apex behind the scenesApex behind the scenes
Apex behind the scenes
 
APEX richtig installieren und konfigurieren
APEX richtig installieren und konfigurierenAPEX richtig installieren und konfigurieren
APEX richtig installieren und konfigurieren
 
Mastering Universal Theme with corporate design from Union Investment
Mastering Universal Theme with corporate design from Union InvestmentMastering Universal Theme with corporate design from Union Investment
Mastering Universal Theme with corporate design from Union Investment
 
Oracle Enterprise manager 13c Installation
Oracle Enterprise manager 13c InstallationOracle Enterprise manager 13c Installation
Oracle Enterprise manager 13c Installation
 
Install oracle siebel on windows 2008 r2
Install oracle siebel on windows 2008 r2Install oracle siebel on windows 2008 r2
Install oracle siebel on windows 2008 r2
 
J2ee user managment using dwh builder
J2ee user managment using dwh builderJ2ee user managment using dwh builder
J2ee user managment using dwh builder
 
Developer Insights for Application Upgrade to ColdFusion 2016
Developer Insights for Application Upgrade to ColdFusion 2016Developer Insights for Application Upgrade to ColdFusion 2016
Developer Insights for Application Upgrade to ColdFusion 2016
 
Tips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud ServiceTips & Tricks for Java & SOA Cloud Service
Tips & Tricks for Java & SOA Cloud Service
 
APEX Behind the Scenes by Scott Spendolini
APEX Behind the Scenes by Scott SpendoliniAPEX Behind the Scenes by Scott Spendolini
APEX Behind the Scenes by Scott Spendolini
 
SOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the CloudSOA & WebLogic - Lift & Shift to the Cloud
SOA & WebLogic - Lift & Shift to the Cloud
 
Using jca salesforce adapter with soa suite
Using jca salesforce adapter with soa suiteUsing jca salesforce adapter with soa suite
Using jca salesforce adapter with soa suite
 
How to add storage to esxi 5.5
How to add storage to esxi 5.5How to add storage to esxi 5.5
How to add storage to esxi 5.5
 
The RDBMS You Should Be Using
The RDBMS You Should Be UsingThe RDBMS You Should Be Using
The RDBMS You Should Be Using
 
APEX connects Jira
APEX connects JiraAPEX connects Jira
APEX connects Jira
 
Api manager preconference
Api manager preconferenceApi manager preconference
Api manager preconference
 
OWA And SharePoint Integration
OWA And SharePoint IntegrationOWA And SharePoint Integration
OWA And SharePoint Integration
 
Weblogic 101 for dba
Weblogic 101 for dbaWeblogic 101 for dba
Weblogic 101 for dba
 
Oracle on VMware Licensing Plugin for Oracle EM12c Beta Overview
Oracle on VMware Licensing Plugin for Oracle EM12c Beta OverviewOracle on VMware Licensing Plugin for Oracle EM12c Beta Overview
Oracle on VMware Licensing Plugin for Oracle EM12c Beta Overview
 
Oracle SOA Suite for High availability Enterprises
Oracle SOA Suite for High availability EnterprisesOracle SOA Suite for High availability Enterprises
Oracle SOA Suite for High availability Enterprises
 

Similar to SSO for APEX: It's Not an Option

Overview and Walkthrough of the Application Programming Model with SAP Cloud ...
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...Overview and Walkthrough of the Application Programming Model with SAP Cloud ...
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...SAP Cloud Platform
 
SMART4apex company presentation APEX world convention March 25 2014
SMART4apex company presentation APEX world convention March 25 2014SMART4apex company presentation APEX world convention March 25 2014
SMART4apex company presentation APEX world convention March 25 2014Sergei Martens
 
Moving your APEX app to the Oracle Exadata Express Cloud
Moving your APEX app to the Oracle Exadata Express CloudMoving your APEX app to the Oracle Exadata Express Cloud
Moving your APEX app to the Oracle Exadata Express CloudDimitri Gielis
 
Oracle Apex Intoduction.pptx
Oracle Apex Intoduction.pptxOracle Apex Intoduction.pptx
Oracle Apex Intoduction.pptxAbhishekJha401
 
Apex atp customer_presentation_wwc march 2019
Apex atp customer_presentation_wwc march 2019Apex atp customer_presentation_wwc march 2019
Apex atp customer_presentation_wwc march 2019Oracle Developers
 
How to make APEX print through Node.js
How to make APEX print through Node.jsHow to make APEX print through Node.js
How to make APEX print through Node.jsDimitri Gielis
 
SQLite3
SQLite3SQLite3
SQLite3cltru
 
ORACLE FUSION CLOUD SCM PDF.pdf
ORACLE FUSION CLOUD SCM PDF.pdfORACLE FUSION CLOUD SCM PDF.pdf
ORACLE FUSION CLOUD SCM PDF.pdfpreety51
 
Transforming to OpenStack: a sample roadmap to DevOps
Transforming to OpenStack: a sample roadmap to DevOpsTransforming to OpenStack: a sample roadmap to DevOps
Transforming to OpenStack: a sample roadmap to DevOpsNicolas (Nick) Barcet
 
Experiences of SOACS
Experiences of SOACSExperiences of SOACS
Experiences of SOACSSimon Haslam
 
Intro on Oracle Application express - APEX
Intro on Oracle Application express - APEXIntro on Oracle Application express - APEX
Intro on Oracle Application express - APEXLino Schildenfeld
 
Exploiting Critical Attack Vectors to Gain Control of SAP Systems
Exploiting Critical Attack Vectors to Gain Control of SAP SystemsExploiting Critical Attack Vectors to Gain Control of SAP Systems
Exploiting Critical Attack Vectors to Gain Control of SAP SystemsOnapsis Inc.
 
Service Workers and APEX
Service Workers and APEXService Workers and APEX
Service Workers and APEXDimitri Gielis
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldJethro Seghers
 
Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...
Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...
Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...BIWUG
 
Extending Oracle SaaS Using Oracle Cloud UX Rapid Development Kit
Extending Oracle SaaS Using Oracle Cloud UX Rapid Development KitExtending Oracle SaaS Using Oracle Cloud UX Rapid Development Kit
Extending Oracle SaaS Using Oracle Cloud UX Rapid Development KitLuc Bors
 
Oracle Application Express (APEX) and Microsoft Sharepoint integration
Oracle Application Express (APEX) and Microsoft Sharepoint integrationOracle Application Express (APEX) and Microsoft Sharepoint integration
Oracle Application Express (APEX) and Microsoft Sharepoint integrationDimitri Gielis
 
Découvrons Oracle Cloud Platform for Integration - Oracle Integration Cloud
Découvrons Oracle Cloud Platform for Integration - Oracle Integration CloudDécouvrons Oracle Cloud Platform for Integration - Oracle Integration Cloud
Découvrons Oracle Cloud Platform for Integration - Oracle Integration CloudSanae BEKKAR
 

Similar to SSO for APEX: It's Not an Option (20)

Overview and Walkthrough of the Application Programming Model with SAP Cloud ...
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...Overview and Walkthrough of the Application Programming Model with SAP Cloud ...
Overview and Walkthrough of the Application Programming Model with SAP Cloud ...
 
SMART4apex company presentation APEX world convention March 25 2014
SMART4apex company presentation APEX world convention March 25 2014SMART4apex company presentation APEX world convention March 25 2014
SMART4apex company presentation APEX world convention March 25 2014
 
Moving your APEX app to the Oracle Exadata Express Cloud
Moving your APEX app to the Oracle Exadata Express CloudMoving your APEX app to the Oracle Exadata Express Cloud
Moving your APEX app to the Oracle Exadata Express Cloud
 
Oracle Apex Intoduction.pptx
Oracle Apex Intoduction.pptxOracle Apex Intoduction.pptx
Oracle Apex Intoduction.pptx
 
Apex atp customer_presentation_wwc march 2019
Apex atp customer_presentation_wwc march 2019Apex atp customer_presentation_wwc march 2019
Apex atp customer_presentation_wwc march 2019
 
How to make APEX print through Node.js
How to make APEX print through Node.jsHow to make APEX print through Node.js
How to make APEX print through Node.js
 
SQLite3
SQLite3SQLite3
SQLite3
 
ORACLE FUSION CLOUD SCM PDF.pdf
ORACLE FUSION CLOUD SCM PDF.pdfORACLE FUSION CLOUD SCM PDF.pdf
ORACLE FUSION CLOUD SCM PDF.pdf
 
CvofAnas
CvofAnasCvofAnas
CvofAnas
 
C vof anas
C vof anasC vof anas
C vof anas
 
Transforming to OpenStack: a sample roadmap to DevOps
Transforming to OpenStack: a sample roadmap to DevOpsTransforming to OpenStack: a sample roadmap to DevOps
Transforming to OpenStack: a sample roadmap to DevOps
 
Experiences of SOACS
Experiences of SOACSExperiences of SOACS
Experiences of SOACS
 
Intro on Oracle Application express - APEX
Intro on Oracle Application express - APEXIntro on Oracle Application express - APEX
Intro on Oracle Application express - APEX
 
Exploiting Critical Attack Vectors to Gain Control of SAP Systems
Exploiting Critical Attack Vectors to Gain Control of SAP SystemsExploiting Critical Attack Vectors to Gain Control of SAP Systems
Exploiting Critical Attack Vectors to Gain Control of SAP Systems
 
Service Workers and APEX
Service Workers and APEXService Workers and APEX
Service Workers and APEX
 
SharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid worldSharePoint 2013 in a hybrid world
SharePoint 2013 in a hybrid world
 
Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...
Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...
Microsoft Flow advanced: tips, pitfalls, problems and warnings to be known be...
 
Extending Oracle SaaS Using Oracle Cloud UX Rapid Development Kit
Extending Oracle SaaS Using Oracle Cloud UX Rapid Development KitExtending Oracle SaaS Using Oracle Cloud UX Rapid Development Kit
Extending Oracle SaaS Using Oracle Cloud UX Rapid Development Kit
 
Oracle Application Express (APEX) and Microsoft Sharepoint integration
Oracle Application Express (APEX) and Microsoft Sharepoint integrationOracle Application Express (APEX) and Microsoft Sharepoint integration
Oracle Application Express (APEX) and Microsoft Sharepoint integration
 
Découvrons Oracle Cloud Platform for Integration - Oracle Integration Cloud
Découvrons Oracle Cloud Platform for Integration - Oracle Integration CloudDécouvrons Oracle Cloud Platform for Integration - Oracle Integration Cloud
Découvrons Oracle Cloud Platform for Integration - Oracle Integration Cloud
 

More from MT AG

20160307 apex connects_jira
20160307 apex connects_jira20160307 apex connects_jira
20160307 apex connects_jiraMT AG
 
MT AG Data Vault Generator
MT AG Data Vault GeneratorMT AG Data Vault Generator
MT AG Data Vault GeneratorMT AG
 
MT AG: Sesam oeffne Dich
MT AG: Sesam oeffne DichMT AG: Sesam oeffne Dich
MT AG: Sesam oeffne DichMT AG
 
MT AG: 7 gute Gründe warum Apex
MT AG: 7 gute Gründe warum ApexMT AG: 7 gute Gründe warum Apex
MT AG: 7 gute Gründe warum ApexMT AG
 
MT AG: Ajax Rezepte fuer web services mit jquery und ajax
MT AG: Ajax Rezepte fuer web services mit jquery und ajaxMT AG: Ajax Rezepte fuer web services mit jquery und ajax
MT AG: Ajax Rezepte fuer web services mit jquery und ajaxMT AG
 
MT AG: Implementierungsvarianten mit-apex4.1
MT AG: Implementierungsvarianten mit-apex4.1MT AG: Implementierungsvarianten mit-apex4.1
MT AG: Implementierungsvarianten mit-apex4.1MT AG
 
MT AG Präsentation Rapid Application Development mit APEX 5
MT AG Präsentation Rapid Application Development mit APEX 5MT AG Präsentation Rapid Application Development mit APEX 5
MT AG Präsentation Rapid Application Development mit APEX 5MT AG
 
APEX & MTdoxx
APEX & MTdoxxAPEX & MTdoxx
APEX & MTdoxxMT AG
 
Datenmodellierung ist langweilig, lassen Sie Datamodeler das machen
Datenmodellierung ist langweilig, lassen Sie Datamodeler das machenDatenmodellierung ist langweilig, lassen Sie Datamodeler das machen
Datenmodellierung ist langweilig, lassen Sie Datamodeler das machenMT AG
 
Ist Gradle auch für die APEX-Projekte?
Ist Gradle auch für die APEX-Projekte?Ist Gradle auch für die APEX-Projekte?
Ist Gradle auch für die APEX-Projekte?MT AG
 
Tune up your APEX
Tune up your APEXTune up your APEX
Tune up your APEXMT AG
 
Echtes Single Sign-On mit APEX realisieren
Echtes Single Sign-On mit APEX realisierenEchtes Single Sign-On mit APEX realisieren
Echtes Single Sign-On mit APEX realisierenMT AG
 
Echtes Single Sign-On mit APEX realisieren
Echtes Single Sign-On mit APEX realisierenEchtes Single Sign-On mit APEX realisieren
Echtes Single Sign-On mit APEX realisierenMT AG
 
Five Finger Death Punch
Five Finger Death PunchFive Finger Death Punch
Five Finger Death PunchMT AG
 
Dateien per Drag & Drop in APEX Applikationen ablegen.
Dateien per Drag & Drop in APEX Applikationen ablegen.Dateien per Drag & Drop in APEX Applikationen ablegen.
Dateien per Drag & Drop in APEX Applikationen ablegen.MT AG
 

More from MT AG (15)

20160307 apex connects_jira
20160307 apex connects_jira20160307 apex connects_jira
20160307 apex connects_jira
 
MT AG Data Vault Generator
MT AG Data Vault GeneratorMT AG Data Vault Generator
MT AG Data Vault Generator
 
MT AG: Sesam oeffne Dich
MT AG: Sesam oeffne DichMT AG: Sesam oeffne Dich
MT AG: Sesam oeffne Dich
 
MT AG: 7 gute Gründe warum Apex
MT AG: 7 gute Gründe warum ApexMT AG: 7 gute Gründe warum Apex
MT AG: 7 gute Gründe warum Apex
 
MT AG: Ajax Rezepte fuer web services mit jquery und ajax
MT AG: Ajax Rezepte fuer web services mit jquery und ajaxMT AG: Ajax Rezepte fuer web services mit jquery und ajax
MT AG: Ajax Rezepte fuer web services mit jquery und ajax
 
MT AG: Implementierungsvarianten mit-apex4.1
MT AG: Implementierungsvarianten mit-apex4.1MT AG: Implementierungsvarianten mit-apex4.1
MT AG: Implementierungsvarianten mit-apex4.1
 
MT AG Präsentation Rapid Application Development mit APEX 5
MT AG Präsentation Rapid Application Development mit APEX 5MT AG Präsentation Rapid Application Development mit APEX 5
MT AG Präsentation Rapid Application Development mit APEX 5
 
APEX & MTdoxx
APEX & MTdoxxAPEX & MTdoxx
APEX & MTdoxx
 
Datenmodellierung ist langweilig, lassen Sie Datamodeler das machen
Datenmodellierung ist langweilig, lassen Sie Datamodeler das machenDatenmodellierung ist langweilig, lassen Sie Datamodeler das machen
Datenmodellierung ist langweilig, lassen Sie Datamodeler das machen
 
Ist Gradle auch für die APEX-Projekte?
Ist Gradle auch für die APEX-Projekte?Ist Gradle auch für die APEX-Projekte?
Ist Gradle auch für die APEX-Projekte?
 
Tune up your APEX
Tune up your APEXTune up your APEX
Tune up your APEX
 
Echtes Single Sign-On mit APEX realisieren
Echtes Single Sign-On mit APEX realisierenEchtes Single Sign-On mit APEX realisieren
Echtes Single Sign-On mit APEX realisieren
 
Echtes Single Sign-On mit APEX realisieren
Echtes Single Sign-On mit APEX realisierenEchtes Single Sign-On mit APEX realisieren
Echtes Single Sign-On mit APEX realisieren
 
Five Finger Death Punch
Five Finger Death PunchFive Finger Death Punch
Five Finger Death Punch
 
Dateien per Drag & Drop in APEX Applikationen ablegen.
Dateien per Drag & Drop in APEX Applikationen ablegen.Dateien per Drag & Drop in APEX Applikationen ablegen.
Dateien per Drag & Drop in APEX Applikationen ablegen.
 

Recently uploaded

Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprisepreethippts
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfFerryKemperman
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfMarharyta Nedzelska
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noidabntitsolutionsrishis
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Matt Ray
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...Technogeeks
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfStefano Stabellini
 
Best Web Development Agency- Idiosys USA.pdf
Best Web Development Agency- Idiosys USA.pdfBest Web Development Agency- Idiosys USA.pdf
Best Web Development Agency- Idiosys USA.pdfIdiosysTechnologies1
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanyChristoph Pohl
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 

Recently uploaded (20)

Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
 
2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva
 
A healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdfA healthy diet for your Java application Devoxx France.pdf
A healthy diet for your Java application Devoxx France.pdf
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
 
Advantages of Odoo ERP 17 for Your Business
Advantages of Odoo ERP 17 for Your BusinessAdvantages of Odoo ERP 17 for Your Business
Advantages of Odoo ERP 17 for Your Business
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
 
Best Web Development Agency- Idiosys USA.pdf
Best Web Development Agency- Idiosys USA.pdfBest Web Development Agency- Idiosys USA.pdf
Best Web Development Agency- Idiosys USA.pdf
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte GermanySuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
SuccessFactors 1H 2024 Release - Sneak-Peek by Deloitte Germany
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 

SSO for APEX: It's Not an Option

  • 1. Single Sign-On for APEX: It‘s not an option Niels de Bruijn 08.03.2016 | APEX World
  • 2. Facts & Figures Independent Technology House with Cross-Industry Expertise Headquarter Ratingen (North Rhine – Westphalia) 240 Employees Founded 1994 Branches Dortmund, Cologne, Frankfurt Top Company for Trainees & Students Privately- Owned Corporation Oracle Platinum Partner 24 Mio. Euro Revenue 2Single Sign-On for APEX
  • 3. 3 About me § Niels de Bruijn, Business Unit Manager APEX § Born in 1977, married, three daughters, living in Ratingen § Working for MT AG since DEC-2003 § After working for 2 years as Oracle consultant for Oracle Nederland B.V. § Track record with APEX since its inception § Responsible for all APEX activity in the company § Knowledge Portal: apex.mt-ag.com § Active DOAG member and responsible for APEX within this society § Presenting at Kscope, DOAG Conference, APEXposed, APEX World, APEX Connect § Conference Chair for conference DOAG APEX Connect § Part of APEX Content Committee for Kscope § Member of the APEX Review Board Single Sign-On for APEX
  • 4. § Single Sign-On: it is not an option § How does the magic work? § Caveats § I want more § Questions I get § More information 4 Agenda Single Sign-On for APEX
  • 5. For the sake of security § Credentials are not passed to the database § Kerberos is secure (as used by Windows itself) § Central user store in Active Directory § No corporate password policy needed within APEX For the sake of productivity § End users love it § Developers can now switch between workspaces without logging in again WHAT IS YOUR EXCUSE FOR NOT USING IT? 5 Single Sign-On: it is not an option Single Sign-On for APEX
  • 6. 6 How does the magic work? 8009 Single Sign-On for APEX
  • 7. Start here: http://www.slideshare.net/nielsdb/mt-ag-howtosingle- signonforapexapplicationsusingkerberos-46435415 Overview § Install RDBMS & APEX § Install JDK, Tomcat & Apache/IIS § Configure ORDS & deploy § Configure Apache or IIS for SSO incl. SSL certificate General installation steps of Apache & ORDS can be found here: http://www.opal-consulting.de/downloads/presentations/2015-11-DOAG-ORDS-Setup 7 How does the magic work? Single Sign-On for APEX
  • 8. § Map existing APEX accounts with their AD username APEX_UTIL.SET_USERNAME ( p_userid => APEX_UTIL.GET_USER_ID('ADMIN') , p_username => 'NDBRUIJN' ); § When using mod_auth_kerb and AD user is member of too many AD groups § Have a look here: http://blogs.technet.com/b/surama/archive/2009/04/06/kerberos- authentication-problem-with-active-directory.aspx § Once enabled, you can’t change the identity without changing the OS user § Prepare your end users § For developers: just switch the authentication scheme to “open door” in the dev environment 8 Caveats Single Sign-On for APEX
  • 9. § What about people not listed in Active Directory? § Option 1: Use a separate entry point (ie. VirtualHost) & use Custom Auth in your APEX app § Option 2: Use software like Microsoft Forefront (no change in ORDS/APEX needed) § What about devices like MacBooks or Smartphones that are not part of the Windows domain? § Fallback Authentication using Basic Authentication over HTTPS § Tipp: don’t use Digest Authentication (doesn’t work with Firefox) § Don’t want to enter username/password? Client certificates will help you out. 9 I want more Single Sign-On for APEX
  • 10. § “We already have the shared session Cookie, so why bother?” § Still use it to prevent multiple APEX session cookies § “We already have LDAP authentication utilized in our APEX app” § Are you sure you want to pass your AD credentials to the database? § “What about the rights in my app?” § We are talking about authentication here, the authorization is normally determined by the app § “Any concerns about the session timeout setting in APEX?” § Set it to 99999 as this is now delegated to Kerberos § “The logout link in my app doesn’t work anymore” § Just delete it 10 Questions I get Single Sign-On for APEX
  • 11. § General installation steps of Apache & ORDS can be found here: http://www.opal-consulting.de/downloads/presentations/2015-11-DOAG-ORDS-Setup § About Kerberos http://www.roguelynn.com/words/explain-like-im-5-kerberos § About mod_auth_kerb http://blog.hallowelt.biz/wp-content/uploads/SSO_mit_mod_auth_kerb_v3.pdf § More SSO options http://wphilltech.com/options-for-windows-native-authentication-with-apex 11 More information Single Sign-On for APEX