Thursday, November 4, 2010

How To Configure APEX Not To Prompt For User/Password

When I installed APEX for our clinical research using EPG, we got prompted to enter anonymous username password everytime. Try google...no luck. Oracle support just refuse my ticket because they just don't support 10gR2 using EPG....so I have to figure it out by my own in meta link.

Here is the solution:

If anonymous access to XML DB repository data via HTTP is not required, then you do not have to perform this step.

If anonymous access to XML DB repository data via HTTP is required, then you must provide correct configuration information, as described in this section. The administrator must carefully consider whether anonymous access is to be allowed, given the inherent security risks.

If you wish to have anonymous access to XML DB repository data via HTTP, you must change the XML DB configuration file (located at /xdbconfig.xml in the repository) by adding an additional element "allow-repository-anonymous-access" and set this new element to true, in addition to unlocking the ANONYMOUS user account.



connect sys/password@tns_alias AS SYSDBA

-- enable anonymous access to XDB repository

SET SERVEROUTPUT ON
DECLARE
l_cfgxml XMLTYPE;
l_value VARCHAR2(5) := 'true'; -- (true/false)
BEGIN
l_cfgxml := DBMS_XDB.cfg_get();

IF l_cfgxml.existsNode('/xdbconfig/sysconfig/protocolconfig/httpconfig/allow-repository-anonymous-access') = 0 THEN
-- Add missing element.
SELECT insertChildXML
(
l_cfgxml,
'/xdbconfig/sysconfig/protocolconfig/httpconfig',
'allow-repository-anonymous-access',
XMLType('' ||
l_value ||
''),
'xmlns="http://xmlns.oracle.com/xdb/xdbconfig.xsd"'
)
INTO l_cfgxml
FROM dual;

DBMS_OUTPUT.put_line('Element inserted.');
ELSE
-- Update existing element.
SELECT updateXML
(
DBMS_XDB.cfg_get(),
'/xdbconfig/sysconfig/protocolconfig/httpconfig/allow-repository-anonymous-access/text()',
l_value,
'xmlns="http://xmlns.oracle.com/xdb/xdbconfig.xsd"'
)
INTO l_cfgxml
FROM dual;

DBMS_OUTPUT.put_line('Element updated.');
END IF;

DBMS_XDB.cfg_update(l_cfgxml);
DBMS_XDB.cfg_refresh;
END;
/




Once the "" element is set to "true", anonymous access to the XML DB repository, but not web services, is enabled by unlocking the anonymous database account.



connect sys/password@tns_alias AS SYSDBA

ALTER USER anonymous ACCOUNT UNLOCK;
Removing anonymous access to the XML DB repository, not web services, can be accomplished by locking the anonymous database account, or setting the "" element back to "false".

If you need to remove the "" element entirely, it can be accomplished using the following code:

connect sys/password@tns_alias AS SYSDBA

SET SERVEROUTPUT ON
DECLARE
l_cfgxml XMLTYPE;
BEGIN
l_cfgxml := DBMS_XDB.cfg_get();

IF l_cfgxml.existsNode('/xdbconfig/sysconfig/protocolconfig/httpconfig/allow-repository-anonymous-access') != 0 THEN
SELECT deleteXML
(
l_cfgxml,
'/xdbconfig/sysconfig/protocolconfig/httpconfig/allow-repository-anonymous-access',
'xmlns="http://xmlns.oracle.com/xdb/xdbconfig.xsd"'
)
INTO l_cfgxml
FROM dual;

DBMS_XDB.cfg_update(l_cfgxml);
DBMS_XDB.cfg_refresh;

DBMS_OUTPUT.put_line('Element deleted.');
END IF;
END;
/
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

My own Mind Map program in Java script and Python

I had been searching online mindmap apps for my study for a while and never got one that I am really happy with.  Then I asked myself what I...