[Home] [Help]
PACKAGE BODY: APPS.FND_SSO_MANAGER
Source
1 package body FND_SSO_MANAGER as
2 /* $Header: fndssob.pls 120.10 2010/07/15 05:11:40 stadepal ship $ */
3
4 G_MODULE_SOURCE constant varchar2(80) := 'fnd.plsql.sso.fnd_sso_manager.';
5
6 -- The parameters errCode and errText can
7 -- be manually added to the Login url for additional processing.
8 --
9 -- we no longer use this method. Please refer bug 4043786
10 -- Instead we use the function with 3 parameters */
11 --function getLoginUrl(requestUrl in varchar2 ,
12 -- cancelUrl in varchar2 )
13 --return varchar2 is
14 -- l_requestUrl varchar2(2024);
15 -- l_cancelUrl varchar2(2024);
16 -- cs_anchor varchar2(2000);
17 -- cj_anchor varchar2(2000);
18 --begin
19 --
20 -- fnd_profile.get(name => 'APPS_SERVLET_AGENT',
21 -- val => cs_anchor);
22 -- fnd_profile.get(name => 'APPS_FRAMEWORK_AGENT',
23 -- val => cj_anchor);
24 -- l_requestUrl := requestUrl;
25 -- l_cancelUrl := cancelUrl;
26 --
27 -- if l_requestUrl is NULL then
28 -- l_requestUrl := 'APPSHOMEPAGE';
29 -- end if;
30 --
31 -- if l_cancelUrl is NULL then
32 -- l_cancelUrl := FND_WEB_CONFIG.trail_slash(cs_anchor)|| 'oracle.apps.fnd.sso.AppsLogin' ;
33 -- end if;
34 --
35 -- return FND_WEB_CONFIG.trail_slash(cs_anchor)|| 'oracle.apps.fnd.sso.AppsLogin?requestUrl=' || wfa_html.conv_special_url_chars(l_requestUrl) || '&' || 'cancelUrl=' || wfa_html.conv_special_url_chars(l_cancelUrl);
36 --
37 --end;
38
39 procedure synch_user_from_LDAP(p_user_name in fnd_user.user_name%type) is
40 l_module_source varchar2(256);
41 l_result pls_integer;
42 l_user_name fnd_user.user_name%type;
43 begin
44 l_module_source := G_MODULE_SOURCE || 'synch_user_from_LDAP';
45
46 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
47 then
48 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
49 end if;
50
51 l_user_name := p_user_name;
52 fnd_ldap_wrapper.synch_user_from_LDAP(p_user_name => l_user_name,
53 p_result => l_result);
54
55 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
56 then
57 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'l_result: '||l_result);
58 end if;
59
60 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
61 then
62 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
63 end if;
64
65 exception
66 when others then
67 raise;
68 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
69 then
70 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
71 end if;
72 end synch_user_from_LDAP;
73
74 /*
75 API returns true if profile APPS_SSO_USER_CREATE_UPDATE is ENABLED
76 */
77 function isUserCreateUpdateAllowed
78 return boolean is
79
80 l_apps_sso_user_create_update varchar2(10);
81 l_module_source varchar2(256);
82 l_returnVal boolean;
83
84 begin
85 l_returnVal := false;
86 l_module_source := G_MODULE_SOURCE || 'isUserCreateUpdateAllowed: ';
87
88 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
89 then
90 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
91 end if;
92
93 fnd_profile.get(name => 'APPS_SSO_USER_CREATE_UPDATE',
94 val => l_apps_sso_user_create_update);
95
96 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
97 then
98 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source,
99 'APPS_SSO_USER_CREATE_UPDATE: ' || l_apps_sso_user_create_update);
100 end if;
101
102 if (l_apps_sso_user_create_update = 'N')
103 then
104 l_returnVal := FALSE;
105 else
106 l_returnVal := TRUE;
107 end if;
108
109 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
110 then
111 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
112 end if;
113
114 return l_returnVal;
115
116 exception
117 when others then
118 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
119 then
120 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
121 end if;
122 return false;
123 end;
124
125 /*
126 Overloaded getLoginUrl function with an additional parameter
127 of langCode
128 */
129 function getLoginUrl(requestUrl in varchar2 ,
130 cancelUrl in varchar2,
131 langCode in varchar2)
132 return varchar2 is
133 l_requestUrl varchar2(2024);
134 l_cancelUrl varchar2(2024);
135 l_langCode varchar2(2024);
136 cs_anchor varchar2(2000);
137 cj_anchor varchar2(2000);
138 begin
139
140 fnd_profile.get(name => 'APPS_SERVLET_AGENT',
141 val => cs_anchor);
142 fnd_profile.get(name => 'APPS_FRAMEWORK_AGENT',
143 val => cj_anchor);
144 l_requestUrl := requestUrl;
145 l_cancelUrl := cancelUrl;
146 l_langCode := langCode;
147
148 if l_requestUrl is NULL then
149 l_requestUrl := 'APPSHOMEPAGE';
150 end if;
151
152 if l_cancelUrl is NULL then
153 -- Bug 5369045: user servlet name
154 l_cancelUrl := FND_WEB_CONFIG.trail_slash(cs_anchor)|| 'AppsLogin' ;
155 end if;
156
157 if l_langCode is NOT NULL then
158 -- Bug 5369045: user servlet name
159 return FND_WEB_CONFIG.trail_slash(cs_anchor)|| 'AppsLogin?requestUrl=' || wfa_html.conv_special_url_chars(l_requestUrl) || '&' || 'cancelUrl=' || wfa_html.conv_special_url_chars(l_cancelUrl) ||
160 '&' || 'langCode=' || wfa_html.conv_special_url_chars(l_langCode);
161 end if;
162
163 -- Bug 5369045: user servlet name
164 return FND_WEB_CONFIG.trail_slash(cs_anchor)|| 'AppsLogin?requestUrl=' || wfa_html.conv_special_url_chars(l_requestUrl) || '&' || 'cancelUrl=' || wfa_html.conv_special_url_chars(l_cancelUrl);
165
166 end;
167
168 function getLogoutUrl(returnUrl in varchar2 )
169 return varchar2 is
170 cs_anchor varchar2(2000);
171 l_returnUrl varchar2(2000);
172 l_audit_level VARCHAR2(1);
173 l_login_id NUMBER;
174 l_session_id NUMBER;
175 begin
176
177 -- fix for bug 3241092
178 l_session_id := icx_sec.getsessioncookie; ---get session_id from the cookie
179
180 select login_id into l_login_id
181 from ICX_SESSIONS
182 where SESSION_ID = l_session_id;
183
184 l_audit_level:=fnd_profile.value('SIGNONAUDIT:LEVEL');
185 if (l_audit_level is not null) and ( l_login_id is not null)
186 then
187 fnd_signon.audit_end(l_login_id); -- end audit session and resps.
188 end if;
189 --
190 l_returnUrl := returnUrl;
191 fnd_profile.get(name => 'APPS_SERVLET_AGENT',
192 val => cs_anchor);
193 if l_returnUrl is NULL then
194 -- Bug 5369045: user servlet name
195 return FND_WEB_CONFIG.trail_slash(cs_anchor)|| 'AppsLogout';
196 end if;
197
198 -- Bug 5369045: user servlet name
199 return FND_WEB_CONFIG.trail_slash(cs_anchor)|| 'AppsLogout?returnUrl=' || wfa_html.conv_special_url_chars(l_returnUrl);
200
201 end;
202
203
204 function modplsql_currentURL return varchar2 is
205 l_urlrequested varchar2(2024);
206 begin
207 l_urlrequested :=
208 lower(owa_util.get_cgi_env('REQUEST_PROTOCOL'))||'://'||
209 owa_util.get_cgi_env('SERVER_NAME')||':'||
210 owa_util.get_cgi_env('SERVER_PORT')||
211 owa_util.get_cgi_env('SCRIPT_NAME')||
212 owa_util.get_cgi_env('PATH_INFO');
213 if owa_util.get_cgi_env('QUERY_STRING') is not null then
214 l_urlrequested := l_urlrequested ||'?'|| owa_util.get_cgi_env('QUERY_STRING');
215 end if;
216
217 return l_urlrequested;
218 end;
219
220 function isPasswordChangeable(username in varchar2) return boolean
221 is
222 pValue varchar2(50);
223 p_user_id number;
224 l_profile_defined boolean;
225 l_pwd_changable boolean;
226 l_attribute varchar2(40);
227 l_fnd_user pls_integer;
228 l_oid pls_integer;
229 l_apps_sso varchar2(50);
230 l_module_source varchar2(256);
231 p_user_guid raw(256);
232
233
234 -- userNotFound exception; Bug4420380 Changed exception from local to global
235 begin
236
237 -- Bug 7700617: Changed API to reflect changes made in 11i for bug 5651619.
238 -- Added logging to API
239
240 l_module_source := G_MODULE_SOURCE || 'isPasswordChangeable';
241
242
243 if (fnd_log.LEVEL_PROCEDURE >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
244 then
245 fnd_log.string(fnd_log.LEVEL_PROCEDURE, l_module_source, 'Begin');
246 end if;
247
248 select user_id, user_guid into p_user_id, p_user_guid from fnd_user where user_name = upper(username);
249
250 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
251 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Retrieved user_id and user_guid for user '||username);
252 end if;
253
254 if (p_user_guid is not null) then
255
256 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
257 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'User: '||username||' is linked' );
258 end if;
259
260 FND_PROFILE.GET_SPECIFIC(name_z => 'APPS_SSO_LOCAL_LOGIN',
261 user_id_z => p_user_id,
262 val_z => pValue,
263 defined_z => l_profile_defined);
264
265 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
266 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'APPS_SSO_LOCAL_LOGIN for' ||username||' is '||pValue);
267 end if;
268
269
270 if (pValue is null or not l_profile_defined) then
271 l_pwd_changable := true;
272 elsif pvalue = 'LOCAL' then
273 l_pwd_changable := true;
274 elsif (pvalue = 'BOTH' or pvalue = 'SSO') then
275 l_attribute := 'userpassword';
276 fnd_ldap_wrapper.is_operation_allowed(p_realm=>fnd_oid_plug.getRealmDN(username),
277 p_direction => fnd_ldap_wrapper.G_EBIZ_TO_OID,
278 p_entity => fnd_ldap_wrapper.G_IDENTITY,
279 p_operation => fnd_ldap_wrapper.G_MODIFY,
280 x_attribute => l_attribute,
281 x_fnd_user => l_fnd_user,
282 x_oid => l_oid);
283
284 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
285 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'User is an SSO user. Verifying password can be synched');
286 end if;
287
288 if (l_oid = fnd_ldap_wrapper.G_SUCCESS AND fnd_ldap_wrapper.is_present(p_attribute =>'userpassword', p_template_attr_list =>l_attribute) )
289 then
290 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
291 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'User is an SSO user and password can be synched');
292 end if;
293
294 l_pwd_changable := true;
295 else
296 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
297 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'User is an SSO user but password cannot be synched');
298 end if;
299
300 l_pwd_changable := false;
301 end if;
302
303 end if;
304
305 else
306 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
307 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'User is not linked - password can be changed');
308 end if;
309
310 l_pwd_changable := true;
311 end if;
312
313 if (fnd_log.LEVEL_PROCEDURE >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
314 fnd_log.string(fnd_log.LEVEL_PROCEDURE, l_module_source, 'End');
315 end if;
316
317 return l_pwd_changable;
318
319 exception
320 when no_data_found THEN
321 raise userNotFound;
322 when others then
323 if (fnd_log.LEVEL_PROCEDURE >= fnd_log.G_CURRENT_RUNTIME_LEVEL) THEN
324 fnd_log.string(fnd_log.LEVEL_PROCEDURE, l_module_source, 'END -EXCEPTION '||sqlerrm);
325 end if;
326
327 return false;
328
329 end;
330
331 function get_ldap_user_name(p_user_name in fnd_user.user_name%type)
332 return varchar2 is
333
334 l_module_source varchar2(256);
335 l_result varchar2(4000);
336 begin
337 l_module_source := G_MODULE_SOURCE || 'get_ldap_user_name';
338
339 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
340 then
341 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
342 end if;
343
344 l_result := fnd_ldap_wrapper.get_ldap_user_name(p_user_name => p_user_name);
345
346 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
347 then
348 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'l_result: '||l_result);
349 end if;
350
351 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
352 then
353 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
354 end if;
355 return l_result;
356 end get_ldap_user_name;
357
358 end FND_SSO_MANAGER;