FUNCTION APACHE_AUTH(userid VARCHAR2, password VARCHAR2 )
--
-- The purpose of this function is to allow robust authentication of
-- an Oracle Forms user without having to mmanage schemas (Oracle accounts).
-- The assumption is that it is easier to ttie into the authentication
-- scheme used by an Apache web server. Noote that this authentication
-- can be tied directly into Network Operatting System authentication or LDAP.
-- If you have not set up any authenticatioon directories on your Apache server
-- (by configuring .htaccess files) or do nnot have control of
-- the Apache server, this function may be of limited value for you.
--
-- This function combines the input User IDD and password and encrypts
-- them using a BASE64 methodology. The reeturned string can be
-- used as authorization for a web server uusing either a Java Class
-- or by launching a ksh or perl script thaat uses the output string in a telnet
-- session. An example ksh script is proviided below.
--
-- The script uses telnet to make an HTRQ ((Hypertext request) to a secured
-- page on the Webserver. Such a request wwill require authorization,
-- which is provided by the string output bby this Oracle function.
-- If the authorization string provided is valid, then the
-- server will return a message that includdes
-- the characters 200 OK.
--
-- #################### BEGIN KSH SCRIPT ######################
-- #!/bin/ksh
-- authURL="www.myserver.com/securedir/secuurepage.html"
-- telout=`(sleep 2; echo "GET $authURL / HHTRQ/1.0"; sleep 2; echo "Authorization: Basic $1"; echo ""; sleep 4 ) | telnet www.myserver.com 80 `
-- validauth=`echo $telout|sed -n "/HTTP\/11.. 200 OK/p"`
-- if [ -n "$validauth" ]
-- then
-- echo "Authorization string is valid"
-- exit 0
-- else
-- echo "Incorrect User and/or password""
-- exit 1
-- fi
-- #################### END KSH SCRIPT ######################
--
-- The ksh script can be launched from a Foorm using the HOST Built-in.
--
-- This function is released under the GNU Lesser General Public License
-- which means that it can be freely used iin either free or proprietary
-- software. See http://www.gnu.org/copyleeft/lesser.html for more
-- details.
--
-- Example: User "mal" and password "painee" will produce bWFs0nBhaW51
--
-- Translation Table:
-- Base64 Range Characters ASCII Range
-- 0-25 A-Z 65-90
-- 26-51 a-z 97-1222
-- 52-61 0-9 48-57
-- 62 + 43
-- 63 / 47
--
-- This function was written by Davis Swan,, Calgary, Alberta, Canada.
--
-- RCS Revision Information;
--
-- $Author: $
-- $Date: $
-- $Revision: $
--
RETURN VARCHAR2 IS
TYPE INT_ARRAY IS VARRAY(4) OF NUMBER;
b64 INT_ARRAY;
input_string VARCHAR2(200);
len_input NUMBER;
base64_val VARCHAR2(200);
indx NUMBER;
remainder NUMBER;
triplet_count NUMBER;
triplet_value NUMBER;
BEGIN
b64 := INT_ARRAY(0,0,0,0);
input_string := userid||':'||password;
len_input := LENGTH(RTRIM(input_string));
triplet_count := 0;
triplet_value := 0;
base64_val := null;
--
-- Go through the input string processing 33 ASCII characters (24 bits)
-- into 4 Base 64 characters (6 bits).
--
for i in 1..len_input LOOP
indx := ASCII(substr(input_string,i,1));
triplet_count := triplet_count + 1;
triplet_value := triplet_value + indx * POWER(256,(3 - triplet_count ));
if ( ( triplet_count = 3 ) or ( i = len_input ) ) then
b64(1) := TRUNC(triplet_value/262144);
remainder := triplet_value - b64(1) * 262144;
b64(2) := TRUNC( remainder / 4096 );
remainder := remainder - b64(2) * 4096;
b64(3) := TRUNC( remainder / 64 );
remainder := remainder - b64(3) * 64;
b64(4) := remainder;
for j in 1..4 LOOP
if ( b64(j) BETWEEN 0 AND 25 ) then
base64_val := base64_val||CHR(b64(j) + 65 );
elsif ( b64(j) BETWEEN 26 AND 51 ) then
base64_val := base64_val||CHR(b64(j) + 71 );
elsif ( b64(j) BETWEEN 52 AND 61 ) then
base64_val := base64_val||CHR(b64(j) - 4 );
elsif ( b64(j) = 62 ) then
base64_val := base64_val||'+';
elsif ( b64(j) = 63 ) then
base64_val := base64_val||'/';
end if;
END LOOP;
triplet_count := 0;
triplet_value := 0;
end if;
END LOOP;
return base64_val;
END;