prompt Package wsgsso... create or replace package wsgsso is -- --------------------------------------------------------------------- -- Security API functions -- These functions may be called from generated WSG applications. --------------------------------------------------------------------- -- -- Get_User: Returns user name of current user. -- function get_user return varchar2; pragma restrict_references (get_user, WNDS, WNPS); -- -- -- Get_User_Data: Returns information about a user, specified by -- p_key. This implementation accepts the key -- 'PASSWORD' only. Any other key will result in -- a null string being returned. -- function get_user_data( p_key in varchar2 ) return varchar2; -- -- -- Security_Check: Returns true if the currently logged on user is -- allowed access to the specified package. If not, -- will return false. This function will also provide -- a means for the user to log on. -- function security_check( p_package_name in varchar2 ) return boolean; -- -- -- Add_Package_Resp: Adds a respondibility to a package, allowing users -- with that responsibility to access the application. -- This is called from the generated application -- installation script if a value is supplied for -- preference SECRES. -- procedure add_package_resp( p_package_name in varchar2 , p_responsibility in varchar2 ); -- -------------------------------------------------------------------------- -- Implementation specific functions -- These functions are used only by this implementation of the -- security package. -------------------------------------------------------------------------- invalid_user exception; -- -- package_permission: checks to see if the user p_username has -- permission to access the package p_package. -- Returns true if the user permission, -- false otherwise. -- function package_permission( p_username in varchar2, p_package_name in varchar2 ) return boolean; -- -- update_session: updates the wsgsso_session table with information -- passed. Must pass true for z_direct_call. This -- prevents update_sesssion being called from a URL -- request because a boolean cannot be passed. -- The value of p_client_id passed back is the new -- client session id. This maybe different from the -- value passed in if that did not correspond to a -- currently valida row in wsgsso_sessions table. -- If p_username does not correspond to a known -- username the invalid_user exception is raised. -- procedure update_session( p_client_id in out varchar2, p_ip_address in varchar2, p_username in varchar2, z_direct_call in boolean default false ); -- -- -- Sign_On: Recieves the url login cookie from the login server after the -- login server has successfully asserted the users identity. -- It uses information decoded from the login cookie to create a -- local session and session cookie for the user. -- procedure sign_on( urlc in varchar2 ); -- -- -- Show_No_Access: Displays message to inform user that they do not -- have access to the application. Provides a link -- to the logon form. -- procedure show_no_access; -- -- -- Show_No_User: Displays message to inform user that their Login Server -- user does not correspond to any users on the Web PL\SQL -- application. Therefore, they do not have permission to -- access the application. -- procedure show_no_user; -- -- -- Logoff: Removes the current user's session, logging them off. -- Redirects to the URL p_refresh_url after p_delay seconds. -- This methods use the tag and so -- may not work with devices that do not support this. -- procedure logoff( p_refresh_url in varchar2 := wsgsso_constants.g_cancel_url, p_delay in varchar2 := '1' ); -- -- -- Create_User: Creates a user with the specified name and password -- Usernames are always stored in uppercase. This is because -- the login server usernames are case insensitive and the -- username is always passed from the Login Server in -- uppercase. -- procedure create_user( p_username in varchar2 , p_password in varchar2 ); -- end wsgsso; / show error /