orawin.info

Niall's Oracle Pages – Oracle Opinion since 2004

Archive for November 28th, 2005

Using Active Directory in Oracle Express

with 4 comments

A recent post on the Oracle XE forum about replacing mod_ntlm as an authentication mechanism for applications on Windows prompted me to write up a mechanism you can use to authenticate users of your application against a Microsoft Active Directory. It works as follows. You create a custom authentication function for HTMLDB this must take two parameters of specific names, and only those two parameters, and return a boolean indicating success or failure. My function merely takes the username and password supplied by the end-user and attempts a simple LDAP bind against AD. By default this will work for all AD users in your organisation and the user will be authenticated. If it fails the user won’t be authenticated. The function itself can be downloaded here. A step by step guide is below:

  • Create a new database user U1 – I used the HTMLDB
    interface for user administration.

  • Login as u1 and create demo application


  • Navigate to the sql workshop

  • Load the authenticate_aduser script and edit for the
    domain controller hostname and your domain (in the post windows2000
    format)

  • Run the script

  • You should check that the script was successful

  • Return to your application in application builder and
    choose shared components>authentication schemes and create a new
    authentication scheme from scratch.


  • You only need enter a name for the scheme – I used ad_auth

  • Click the new scheme to edit it, ensure that you enter the
    authentication function as shown below.

  • Now change the authentication scheme to ad_auth and test

    • Possibly Related Posts:

    • No Related Posts found

    Written by Niall Litchfield

    November 28th, 2005 at 4:05 pm

    Posted in Uncategorized