Archive

Archive for April, 2008

Qumana Blogging Tools

I came across a very useful tool recently called Qumana. If you have your own blog you might find it very useful too. It essentially allows you to manage your blog entries (whether they be on WordPress, Blogger or a few more) via a thick, downloadable client.

This has the advantage that you have far more control over the layout of your posts. It also makes it far easier to upload images in your posts to whichever site your blog is with and, what’s pretty cool, is that you can create your posts in Word, complete with images, and then just copy and paste into Qumana and click “Publish”. It’s very handy and saves a lot of time.

It’s free and can be found at: http://www.qumana.com/

Categories: Uncategorized

Implementing session timeout in your ApEx app – Part 2

April 3, 2008 14 comments

This entry builds on the session timeout functionality described in part 1. Be sure to check that out first. In this one I describe how to get your application to popup a warning window just before a user’s session is about to timeout due to inactivity (and give them the option to remain logged in).

STEP 1 – Configure Page Zero

If you do not already have one, create a Page 0 in your application.

Add an HTML region to page 0, calling it “Session Timeout JS”.

Be sure to set its “Template” to “No Template”.

Set its conditions to be “Current Page is NOT in Expression 1” and set “Expression 1” to be the id of your user-friendly “Your session has timed out” page (Please see the previous blog entry in this series for details about this page):

Paste all of the text found in the file here into this region’s source.

When you have pasted the code, you will notice that one of the lines reads:

$x(‘pFlowId’).value+’&p_next_flow_page_sess=’+$x(‘pFlowId’).value+’:3′;

You should change the value of 3 in this line to be whatever the number of your user-friendly “Your session has timed out” page is. (Please see the previous post in this series for details about this page.)

STEP 2 – Setup the Application Process

Select Shared Components > Logic > Application Processes

And click create. Give your Application Process a name of “SET_LAST_ACTIVITY_DATE”. You must not give it a different name as this is referenced from within the javascript you pasted into the region on page zero in the previous step. Set its “Point” to “On Demand: Run this application when requested by a page process”.

Specify the “Process Text” as:

BEGIN

   APP_USERS.set_last_activity_date;

   htp.prn(‘1’);

EXCEPTION

   WHEN OTHERS THEN

      htp.p(‘0’);

END;

Step 3 – Finished. Have another cup of tea.

That’s it. Done.

If you want to test it to make sure it works (but don’t want to have to wait 18 minutes!) you could temporarily alter the timeout values in the javascript on page zero (notice below I have changed them to 1000*20 [i.e. 20 seconds] and 1000*40 [i.e. 40 seconds]).

Now log in to the application and wait.

After 20 seconds you will see a warning:

If you do nothing, after a further 20 seconds the popup will close and you will be logged out of the application.

If you click the link, the popup will close and you will remain logged in.

Categories: Ajax, ApEx, Javascript

Implementing session timeout in your ApEx app – Part 1

April 2, 2008 10 comments

stopwatch.jpg

This entry talks about one method
for causing users to timeout of your
application after a period of inactivity.

STEP 1 – Create your USERS table

From SQL Workshop, run the following:

CREATE TABLE users (id NUMBER, username VARCHAR2(30), last_active_date DATE);

And then, once the table is created, populate it with a user:

INSERT INTO users (id
,username
,last_active_date)
VALUES (1
,'ANDY'
,'01-JAN-2008');

(Change the value of ‘ANDY’ to be the username of a user that exists. For example, if you are using ApEx Standard Authentication then change it to be the username of an ApEx user.)

image1.jpg

STEP 2 – Create the APP_USERS package

From SQL Workshop, run the following to create the package specification:

CREATE OR REPLACE PACKAGE app_users
IS
c_session_timeout_minutes CONSTANT number(2,0) := 20;
PROCEDURE set_last_activity_date;
FUNCTION is_session_valid
RETURN boolean;

END app_users;

image2.jpg

From SQLWorkshop, run the following to create the package body:

CREATE OR REPLACE PACKAGE BODY app_users
IS
PROCEDURE Set_Last_Activity_Date
IS
PRAGMA AUTONOMOUS_TRANSACTION;
l_current_user VARCHAR2(30);
BEGIN
l_current_user := v('APP_USER');
UPDATE users
SET last_active_date = sysdate
WHERE username = l_current_user;
COMMIT;
END;

FUNCTION Is_Session_Valid
RETURN boolean
IS
l_current_user VARCHAR2(30);
l_is_session_valid VARCHAR2(1);
BEGIN
l_current_user := v('APP_USER');
SELECT CASE
WHEN (last_active_date + APP_USERS.c_session_timeout_minutes/1440) < sysdate THEN
'N'
ELSE
'Y'
END
INTO l_is_session_valid
FROM users
WHERE username = l_current_user;
IF l_is_session_valid = 'N' THEN
return false;
ELSE
return true;
END IF;
END;
END app_users;

image3.jpg

Step 4 – Create a user-friendly “Session timed out” page

Create an ApEx page and set its “Authentication” Security Setting to “Page is Public”. This page should contain a helpful message for the user indicating that their session has timed out. Make a note of the ID of this page (we’ll assume this is page 3 for this example).

image4.jpg

Step 5 – Modify Authentication Scheme

Click “Shared Components > Security > Authentication Schemes” in Application Builder and select your authentication scheme.

image5.jpg

Enter the following into the “Post-Authentication Process” field:

APP_USERS.set_last_activity_date;

image6.jpg
Also, within this screen, set the Session Verify Function to be:

BEGIN
IF APP_USERS.is_session_valid THEN
APP_USERS.set_last_activity_date;
return true;
ELSE
OWA_UTIL.redirect_url(
owa_util.get_cgi_env('request_protocol')||
'://'||
owa_util.get_cgi_env('server_name')||
':'||
owa_util.get_cgi_env('server_port')||
owa_util.get_cgi_env('script_name')||
'/wwv_flow_custom_auth_std.logout?p_this_flow='||
:APP_ID||'&p_next_flow_page_sess='||:APP_ID||':3');
RETURN false;
END IF;
END;

In the above code, replace 3 with whatever the ID of your helpful “Your session has timed out” page is.

Step 6 – Finished, have a cup of tea

Now, whenever a user has been inactive for more than 20 minutes and they try to access another page in your application, they will be logged out and taken to a page indicating that there session has timed out.

Next time I’ll write about how we can make an ApEx application popup a message just before a user’s session is about to time out, giving them the option to remain logged in. You can now see the second part here.

 

 

Categories: ApEx