Creating different user roles in Oracle APEX

0
votes

I am supposed to create an inside web based APEX application for students working at Oracle. The login is managed via Single-Sign-On. Also, I need to have two user roles, Student and Administrator, each of them with different privileges and different pages they can see. There seems to be no obvious way to do this.

I was thinking about somehow extracting the username from e-mail used in SSO, linking it with the database of "People" and having a column there that defines the user role. Then it would be stored somewhere and will determine the rights the person has. It seems messy though and I am quite new to APEX - I guess there is a better way to do this.

I know this can be done directly in APEX itself, but it would be much better to get this working in the app.

1
oraclesingle-sign-onoracle-apexuser-roles
I'm not clear whether you want to do it the "APEX" way, or roll your own. Have you read this post? stackoverflow.com/q/7905159/257090codenheim
@mrjoltcola I want the administrators in the XY app be different from the administrators in the APEX workspace if that's what you are asking.Lea
The question @mrjoltcola linked to covers both using tables and using groups in apex. Since you use SSO I'd roll with an own table, where you store the combination of username and their granted role(s). I'd say there is no need to redefine the users again, but you will need their (hopefully) unique username - how else would you couple them together. Using apex groups is good for apex users only usually - and SSO authenticated users are not "apex users". Mind that an apex user could be an end user, and not necessarily a workspace administrator - it's definable.Tom
If you do still have an issue in figuring it out do amend your question, otherwise I'd say it's a duplicate.Tom
Hi @Tom, I wasn't insinuating that it was a duplicate, but was providing her the link as it appeared to have some good information in it. Since the other doesn't mention SSO, I tend to think this isn't a duplicate and Lea's question stands on its own.codenheim

1 Answers

1
votes

Oracle APEX has the option to use Oracle SSO for logging in, it only requires some digging until you find it (authorization schemes).

After that I was using this select statement to determine the user role:

SELECT ROLE FROM PEOPLE
WHERE E_MAIL = V('APP_USER')

Much easier that I expected it to be.