Oracle APEX 5.1 – Custom Authentication for LDAP and APEX users

The case story for my project implied creating a custom authentication method, which incorporates LDAP and APEX users. Firstly, it verifies if the user can connect to LDAP. If this authentication fails, then there is a second verification taking place, which checks if the user can authenticate with APEX directly. If at least one of them succeeds, then the user is allowed to access the application. However, if both of them fail, then no access is given.

I’ve started by implementing the LDAP authentication in PL/SQL. You can check the following article for more details on how this is achieved: https://oracle-base.com/articles/misc/oracle-application-express-apex-ldap-authentication

By using this, the first part of the task is complete (I can verify if the user can connect to LDAP). The next task implied checking if the user can connect to APEX directly. Therefore, I’ve researched the APEX_UTIL package for more information. I’ve found out that there is a function called ‘IS_LOGIN_PASSWORD_VALID’, which returns a Boolean result based on the validity of the credentials of the current workspace. This is exactly what I’ve required for the second part of the case story. There is more information in the following link: https://docs.oracle.com/cd/E71588_01/AEAPI/IS_LOGIN_PASSWORD_VALID-Function.htm#AEAPI154

The final step implies putting together all the parts to create a custom authentication method. For this, we will need to go to ‘Shared Components’ > ‘Authentication Schemes’ and click on ‘Create >’. For the first setting, we’ll leave the default one active (‘Based on a pre-configured scheme from the gallery’) and click on ‘Next >’. My custom authentication scheme contains the following settings:

Finally, you just need to click on ‘Create Authentication Scheme’ and the case story is complete.
Good luck coding!