[Home] [Help]
PACKAGE BODY: APPS.FND_LDAP_WRAPPER
Source
1 package body fnd_ldap_wrapper as
2 /* $Header: AFSCOLWB.pls 120.56.12020000.2 2012/11/01 17:01:35 ctilley ship $ */
3 --
4 -- Start of Package Globals
5
6 G_MODULE_SOURCE constant varchar2(80) := 'fnd.plsql.oid.fnd_ldap_wrapper.';
7
8 -- End of Package Globals
9 --
10 -------------------------------------------------------------------------------
11 initreg boolean := false;
12 init boolean := false;
13 ssoenabled boolean := false;
14 registered boolean := false;
15 registration pls_integer := G_NO_REGISTRATION;
16 function trim_attribute(p_attr in varchar2) return varchar2;
17 --
18 -------------------------------------------------------------------------------
19
20 function CanSync( p_userid in pls_integer, p_user_name in varchar2) return pls_integer
21 is
22 l_res pls_integer;
23 begin
24 execute immediate
25 ' declare r pls_integer:=0; BEGIN if ( FND_LDAP_USER.CanSync(null,:1) ) then r:=1; END IF ; :2 := r; END;'
26 using in p_user_name, out l_res;
27 if (l_res=1) then
28 return G_SUCCESS;
29 else
30 return G_FAILURE;
31 end if;
32
33 exception when others then
34 return G_FAILURE;
35 end CanSync;
36
37 --
38 -------------------------------------------------------------------------------
39 function get_ldap_user_name(p_user_name in fnd_user.user_name%type) return varchar2 is
40
41 l_module_source varchar2(256);
42 l_result varchar2(4000);
43 l_user_guid fnd_user.user_guid%type;
44 l_found boolean;
45
46 l_apps_sso varchar2(50);
47 l_profile_defined boolean;
48 l_orclappname varchar2(256);
49 l_obj_name varchar2(256);
50 plsql_block varchar2(500);
51 sso_registration_failure exception;
52 l_sso_version varchar2(10);
53 l_allow_sync varchar2(1);
54
55 cursor cur_fnd_users is
56 select user_guid
57 from fnd_user
58 where user_name = upper(p_user_name);
59 begin
60 l_module_source := G_MODULE_SOURCE || 'get_ldap_user_name ';
61 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
62 then
63 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
64 end if;
65
66 fnd_profile.get_specific(name_z => 'APPS_SSO_LDAP_SYNC',
67 USER_ID_Z => -1,
68 RESPONSIBILITY_ID_Z => -1,
69 APPLICATION_ID_Z => -1,
70 ORG_ID_Z => -1,
71 val_z => l_allow_sync,
72 defined_z => l_profile_defined);
73
74 if (l_profile_defined and l_allow_sync = 'Y') then
75
76 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
77 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'APPS_SSO_LDAP_SYNC enabled.');
78 end if;
79
80 fnd_profile.get_specific(name_z => 'APPS_SSO',
81 val_z => l_apps_sso,
82 defined_z => l_profile_defined);
83
84 if (l_apps_sso = 'PORTAL') OR (l_apps_sso = 'SSWA')
85 then
86 ssoenabled := false;
87 else
88 ssoenabled := true;
89 end if;
90
91 if (ssoenabled) then
92 if (not init) then
93 init := true;
94 select object_name into l_obj_name from all_objects
95 where object_name = 'DBMS_LDAP' and object_type = 'PACKAGE BODY'
96 and status = 'VALID' and owner = 'SYS';
97 l_orclappname := get_orclappname;
98 -- no exception => everything is ok
99 registered := true;
100 end if;
101
102 if (registered) then
103 l_found := false;
104 open cur_fnd_users;
105 fetch cur_fnd_users into l_user_guid;
106 l_found := cur_fnd_users%found;
107
108 if (fnd_log.LEVEL_EXCEPTION >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
109 then
110 fnd_log.string(fnd_log.LEVEL_EXCEPTION, l_module_source,
111 'L_user_guid: '||l_user_guid);
112 end if;
113
114 if (l_found)
115 then
116 plsql_block :=
117 'begin :result := fnd_oid_util.get_oid_nickname(:1); end;';
118 execute immediate plsql_block using out l_result, l_user_guid;
119 else
120 if (fnd_log.LEVEL_EXCEPTION >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
121 then
122 fnd_log.string(fnd_log.LEVEL_EXCEPTION, l_module_source,
123 'no such user in FND_USER: '||p_user_name);
124 end if;
125 l_result := null;
126 end if;
127 close cur_fnd_users;
128
129 else -- if (!registered)
130 if (fnd_log.LEVEL_EXCEPTION >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
131 then
132 fnd_log.string(fnd_log.LEVEL_EXCEPTION, l_module_source,
133 'OID not registered');
134 end if;
135 l_result := null;
136 end if;
137 else -- if (!ssoenabled), simply return null
138 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
139 then
140 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source,
141 'SSO not enabled, returning true w/o changing the user name');
142 end if;
143 l_result := null;
144 end if;
145
146 else -- APPS_SSO_LDAP_SYNC not enabled.
147
148 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
149 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'APPS_SSO_LDAP_SYNC not enabled.');
150 end if;
151
152 l_result := null;
153
154 end if;
155
156 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
157 then
158 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
159 end if;
160 return l_result;
161 exception
162 when sso_registration_failure then
163 if (cur_fnd_users%isopen)
164 then
165 close cur_fnd_users;
166 end if;
167 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
168 then
169 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
170 end if;
171 l_result := null;
172 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
173 return l_result;
174 when others then
175 if (cur_fnd_users%isopen)
176 then
177 close cur_fnd_users;
178 end if;
179 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
180 then
181 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
182 end if;
183 l_result := null;
184 return l_result;
185 end get_ldap_user_name;
186 --
187 -------------------------------------------------------------------------------
188 procedure change_user_name(p_user_guid in raw,
189 p_old_user_name in varchar2,
190 p_new_user_name in varchar2,
191 x_result out nocopy pls_integer) is
192
193 l_module_source varchar2(256);
194 plsql_block varchar2(500);
195 l_fnd_user pls_integer;
196 l_oid pls_integer;
197 l_attribute varchar2(4000);
198 l_realm varchar2(4000);
199
200 begin
201 l_module_source := G_MODULE_SOURCE || 'change_user_name: ';
202
203 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
204 then
205 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
206 end if;
207
208 l_attribute := 'user_name';
209 l_realm :=get_realm_dn(p_user_guid=>p_user_guid);
210 is_operation_allowed(p_realm=> l_realm, p_direction => G_EBIZ_TO_OID,
211 p_entity => G_IDENTITY,
212 p_operation => G_MODIFY,
213 x_attribute => l_attribute,
214 x_fnd_user => l_fnd_user,
215 x_oid => l_oid);
216
217 if (l_oid = G_SUCCESS) then
218
219 plsql_block :=
220 'begin fnd_ldap_user.change_user_name(:1, :2, :3, :4); end;';
221 execute immediate plsql_block using p_user_guid, p_old_user_name, p_new_user_name, out x_result;
222
223 else -- l_oid = G_FAILURE
224
225 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
226 then
227 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'l_oid is false');
228 end if;
229 x_result := l_fnd_user;
230
231 end if;
232
233 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
234 then
235 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
236 end if;
237
238 exception
239 when registration_failure_exception then
240 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
241 x_result := G_FAILURE;
242 when others then
243 fnd_message.set_name ('FND', 'FND_SSO_UNEXP_ERROR');
244 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
245 then
246 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
247 end if;
248 x_result := G_FAILURE;
249
250 end change_user_name;
251 --
252 -------------------------------------------------------------------------------
253 procedure synch_user_from_LDAP(p_user_name in fnd_user.user_name%type
254 , p_result out nocopy pls_integer) is
255 l_module_source varchar2(256);
256 l_apps_sso varchar2(50);
257 l_profile_defined boolean;
258 l_orclappname varchar2(256);
259 l_obj_name varchar2(256);
260 plsql_block varchar2(500);
261 l_sso_version varchar2(10);
262 l_allow_sync varchar2(1);
263
264 begin
265 l_module_source := G_MODULE_SOURCE || 'synch_user_from_LDAP';
266
267 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
268 then
269 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
270 end if;
271
272 fnd_profile.get_specific(name_z => 'APPS_SSO_LDAP_SYNC',
273 USER_ID_Z => -1,
274 RESPONSIBILITY_ID_Z => -1,
275 APPLICATION_ID_Z => -1,
276 ORG_ID_Z => -1,
277 val_z => l_allow_sync,
278 defined_z => l_profile_defined);
279
280 if (l_profile_defined and l_allow_sync = 'Y') then
281
282 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
283 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'APPS_SSO_LDAP_SYNC enabled.');
284 end if;
285
286
287 fnd_profile.get_specific(
288 name_z => 'APPS_SSO',
289 val_z => l_apps_sso,
290 defined_z => l_profile_defined);
291
292 if (l_apps_sso = 'PORTAL') OR (l_apps_sso = 'SSWA') then
293 ssoenabled := false;
294 else
295 ssoenabled := true;
296 end if;
297
298
299 if (ssoenabled) then
300 if (not init) then
301 init := true;
302 select object_name into l_obj_name from all_objects
303 where object_name = 'DBMS_LDAP' and object_type = 'PACKAGE BODY'
304 and status = 'VALID' and owner = 'SYS';
305 l_orclappname := get_orclappname;
306 -- no exception => everything is ok
307 registered := true;
308 end if;
309
310 if (registered) then
311 plsql_block := 'begin fnd_oid_util.synch_user_from_LDAP(:1, :2); end;';
312 execute immediate plsql_block using in p_user_name, out p_result;
313 else
314 p_result := G_FAILURE;
315 end if;
316 else -- if (!ssoenabled), simply return success without updating TCA
317 p_result := G_SUCCESS;
318 end if;
319
320 else -- APPS_SSO_LDAP_SYNC not enabled.
321
322 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
323 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'APPS_SSO_LDAP_SYNC not enabled.');
324 end if;
325
326 p_result := G_SUCCESS;
327
328 end if;
329
330 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
331 then
332 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
333 end if;
334
335 exception
336 when others then
337 fnd_message.set_name ('FND', 'OID');
338 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
339 then
340 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
341 end if;
342 p_result := G_FAILURE;
343 end synch_user_from_LDAP;
344 --
345 -------------------------------------------------------------------------------
346 procedure create_user(p_user_name in varchar2,
347 p_password in varchar2,
348 p_start_date in date default sysdate,
349 p_end_date in date default null,
350 p_description in varchar2 default null,
351 p_email_address in varchar2 default null,
352 p_fax in varchar2 default null,
353 p_expire_password in pls_integer,
354 x_user_guid out nocopy raw,
355 x_password out nocopy varchar2,
356 x_result out nocopy pls_integer) is
357
358 l_module_source varchar2(256);
359 plsql_block varchar2(500);
360 l_fnd_user pls_integer;
361 l_oid pls_integer;
362 l_attribute varchar2(4000);
363 l_allowed boolean;
364 l_password varchar2(400);
365 l_start_date date;
366 l_end_date date;
367 l_description varchar2(400);
368 l_email_address varchar2(256);
369 l_fax varchar2(50);
370 l_realm varchar2(4000);
371 l_err_code varchar2(200);
372 l_tmp_str varchar2(4000);
373
374 begin
375
376 l_module_source := G_MODULE_SOURCE || 'create_user: ';
377
378 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
379 then
380 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
381 end if;
382
383 /*
384 * Removed userpassword
385 */
386 l_attribute := 'orclactivestartdate,orclactiveenddate,description,mail,facsimiletelephonenumber';
387 /* Not sure about this.
388 * Some times the realm cannot be determined until the user is actually created.
389 *
390 */
391 l_realm := get_realm_dn(p_user_name=>p_user_name);
392
396 x_attribute => l_attribute,
393 is_operation_allowed(p_realm=>l_realm,p_direction => G_EBIZ_TO_OID,
394 p_entity => G_IDENTITY,
395 p_operation => G_ADD,
397 x_fnd_user => l_fnd_user,
398 x_oid => l_oid);
399
400 if (l_oid = G_SUCCESS) then
401 /* don't handle userpassword now
402 l_allowed := is_present(p_attribute => 'userpassword', p_template_attr_list => l_attribute);
403 if (l_allowed and p_password<>FND_WEB_SEC.EXTERNAL_PWD and p_password<>'EXTERNAL' ) then
404 l_password := p_password;
405 else
406 l_password := null;
407 end if;
408 */
409 l_password := p_password;
410
411 l_allowed := is_present(p_attribute => 'orclactivestartdate', p_template_attr_list => l_attribute);
412 if (l_allowed) then
413 l_start_date := p_start_date;
414 else
415 l_start_date := null;
416 end if;
417
418 l_allowed := is_present(p_attribute => 'orclactiveenddate', p_template_attr_list => l_attribute);
419 if (l_allowed) then
420 l_end_date := p_end_date;
421 else
422 l_end_date := null;
423 end if;
424
425 l_allowed := is_present(p_attribute => 'description', p_template_attr_list => l_attribute);
426 if (l_allowed) then
427 l_description := p_description;
428 else
429 l_description := null;
430 end if;
431
432 l_allowed := is_present(p_attribute => 'mail', p_template_attr_list => l_attribute);
433 if (l_allowed) then
434 l_email_address := p_email_address;
435 else
436 l_email_address := null;
437 end if;
438
439 l_allowed := is_present(p_attribute => 'facsimiletelephonenumber', p_template_attr_list => l_attribute);
440 if (l_allowed) then
441 l_fax := p_fax;
442 else
443 l_fax := null;
444 end if;
445
446 plsql_block :=
447 'begin fnd_ldap_user.create_user(:1, :2, :3, :4, :5, :6, :7, :8, :9, :10, :11,:12); end;';
448 execute immediate plsql_block using in out l_realm, p_user_name, l_password,
449 l_start_date, l_end_date, l_description, l_email_address, l_fax, p_expire_password,
450 out x_user_guid, out x_password, out x_result;
451
452 else -- l_oid is G_FAILURE
453
454 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
455 then
456 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'l_oid is false');
457 end if;
458 x_result := l_fnd_user;
459
460 end if; -- l_oid
461
462 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
463 then
464 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
465 end if;
466
467 exception
468 when registration_failure_exception then
469 fnd_message.set_name ('FND', fnd_ldap_errm.FND_SSO_OID_REG_ERROR);
470 x_result := G_FAILURE;
471 when others then
472
473 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
474 then
475 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
476 end if;
477
478 l_tmp_str := sqlerrm;
479 l_err_code := fnd_ldap_errm.translate_ldap_errors(l_tmp_str);
480 fnd_message.set_name ('FND', l_err_code);
481
482 if l_err_code = fnd_ldap_errm.FND_SSO_LDAP_APPSDN_PWD_EXPIRD then
483 fnd_message.set_token('USER', l_tmp_str);
484 app_exception.raise_exception;
485 elsif l_err_code = fnd_ldap_errm.FND_SSO_LDAP_PWD_POLICY_ERR then
486 l_tmp_str := replace(l_tmp_str, 'Your', p_user_name);
487 fnd_message.set_token('REASON', l_tmp_str);
488 app_exception.raise_exception;
489 else
490 fnd_message.set_name ('FND', fnd_ldap_errm.FND_SSO_UNEXP_ERROR);
491 x_result := G_FAILURE;
492 end if;
493
494 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
495 then
496 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
497 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, 'l_err_code :' || l_err_code ||', l_tmp_str :' || l_tmp_str);
498 end if;
499
500 end create_user;
501 --
502 -------------------------------------------------------------------------------
503 procedure change_password(p_user_guid in raw,
504 p_user_name in varchar2,
505 p_new_pwd in varchar2,
506 p_expire_password in pls_integer,
507 x_password out nocopy varchar2,
508 x_result out nocopy pls_integer) is
509
510 l_module_source varchar2(256);
511 plsql_block varchar2(500);
512 l_fnd_user pls_integer;
513 l_oid pls_integer;
514 l_attribute varchar2(4000);
515 l_new_pwd varchar2(4000);
516 l_realm varchar2(4000);
517
518 begin
519 l_module_source := G_MODULE_SOURCE || 'change_password: ';
520
521 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
522 then
523 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
524 end if;
525
526 l_attribute := 'userpassword';
527 l_realm := get_realm_dn(p_user_guid=>p_user_guid,p_user_name=>p_user_name);
528
529 is_operation_allowed(p_realm=>l_realm,p_direction => G_EBIZ_TO_OID,
530 p_entity => G_IDENTITY,
531 p_operation => G_MODIFY,
532 x_attribute => l_attribute,
533 x_fnd_user => l_fnd_user,
534 x_oid => l_oid);
535
536 if (l_oid = G_SUCCESS) then
537 if (p_new_pwd<>FND_WEB_SEC.EXTERNAL_PWD and p_new_pwd<>'EXTERNAL' ) then
538 l_new_pwd := p_new_pwd;
539 else
540 l_new_pwd := null;
541 end if;
542
543 plsql_block :=
547 else -- l_oid = G_FAILURE
544 'begin fnd_ldap_user.change_password(:1, :2, :3, :4, :5, :6); end;';
545 execute immediate plsql_block using p_user_guid, p_user_name, l_new_pwd, p_expire_password, out x_password, out x_result;
546
548
549 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
550 then
551 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Password Sync Not Allowed');
552 end if;
553 x_result := l_fnd_user;
554
555 end if; -- l_oid
556
557 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
558 then
559 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
560 end if;
561
562 exception
563 when registration_failure_exception then
564 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
565 x_result := G_FAILURE;
566 when others then
567 fnd_message.set_name ('FND', 'FND_SSO_UNEXP_ERROR');
568 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
569 then
570 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
571 end if;
572 x_result := G_FAILURE;
573
574 end change_password;
575 --
576 -------------------------------------------------------------------------------
577 procedure delete_user(p_user_guid in fnd_user.user_guid%type,
578 x_result out nocopy pls_integer) is
579
580 l_module_source varchar2(256);
581 plsql_block varchar2(500);
582 l_fnd_user pls_integer;
583 l_oid pls_integer;
584 l_attribute varchar2(4000);
585 l_realm varchar2(4000);
586
587 begin
588 l_module_source := G_MODULE_SOURCE || 'delete_user: ';
589
590 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
591 then
592 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
593 end if;
594 l_realm := get_realm_dn(p_user_guid=>p_user_guid);
595
596 is_operation_allowed(p_realm=>l_realm,p_direction => G_EBIZ_TO_OID,
597 p_entity => G_IDENTITY,
598 p_operation => G_DELETE,
599 x_attribute => l_attribute,
600 x_fnd_user => l_fnd_user,
601 x_oid => l_oid);
602
603 if (l_oid = G_SUCCESS) then
604
605 plsql_block :=
606 'begin fnd_ldap_user.delete_user(:1, :2); end;';
607 execute immediate plsql_block using p_user_guid, out x_result;
608
609 else -- l_oid = G_FAILURE
610
611 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
612 then
613 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'l_oid is false');
614 end if;
615 x_result := l_fnd_user;
616
617 end if; -- l_oid
618
619 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
620 then
621 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
622 end if;
623
624 exception
625 when registration_failure_exception then
626 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
627 x_result := G_FAILURE;
628 when others then
629 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
630 then
631 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
632 end if;
633 x_result := G_FAILURE;
634
635 end delete_user;
636 --
637 -------------------------------------------------------------------------------
638 procedure link_user(p_user_name in varchar2,
639 x_user_guid out nocopy raw,
640 x_password out nocopy varchar2,
641 x_result out nocopy pls_integer) is
642
643 l_module_source varchar2(256);
644 plsql_block varchar2(500);
645 l_fnd_user pls_integer;
646 l_oid pls_integer;
647 l_attribute varchar2(4000);
648 l_realm varchar2(4000);
649
650 begin
651
652 l_module_source := G_MODULE_SOURCE || 'link_user: ';
653
654 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
655 then
656 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
657 end if;
658 l_realm := get_realm_dn(p_user_name=>p_user_name);
659
660 is_operation_allowed(p_realm=>l_realm,p_direction => G_EBIZ_TO_OID,
661 p_entity => G_SUBSCRIPTION,
662 p_operation => G_ADD,
663 x_attribute => l_attribute,
664 x_fnd_user => l_fnd_user,
665 x_oid => l_oid);
666
667 if (l_oid = G_SUCCESS) then
668
669 plsql_block :=
670 'begin fnd_ldap_user.link_user(:1, :2, :3, :4); end;';
671 execute immediate plsql_block using p_user_name,
672 out x_user_guid, out x_password, out x_result;
673
674 else -- l_oid is G_FAILURE
675
676 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
677 then
678 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'l_oid id false');
679 end if;
680 x_result := l_fnd_user;
681
682 end if; -- l_oid
683
684 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
685 then
686 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
687 end if;
688
689 exception
690 when registration_failure_exception then
691 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
692 x_result := G_FAILURE;
693 when others then
694 fnd_message.set_name ('FND', 'FND_SSO_UNEXP_ERROR');
695 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
696 then
697 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
698 end if;
699 x_result := G_FAILURE;
700
701 end link_user;
702 --
706 x_result out nocopy pls_integer) is
703 -------------------------------------------------------------------------------
704 procedure unlink_user(p_user_guid in fnd_user.user_guid%type,
705 p_user_name in varchar2,
707
708 l_module_source varchar2(256);
709 plsql_block varchar2(500);
710 l_fnd_user pls_integer;
711 l_oid pls_integer;
712 l_attribute varchar2(4000);
713 l_realm varchar2(4000);
714
715 begin
716
717 l_module_source := G_MODULE_SOURCE || 'unlink_user: ';
718
719 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
720 then
721 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
722 end if;
723 l_realm := get_realm_dn(p_user_guid=>p_user_guid,p_user_name=>p_user_name);
724
725 is_operation_allowed(p_realm=>l_realm,p_direction => G_EBIZ_TO_OID,
726 p_entity => G_SUBSCRIPTION,
727 p_operation => G_DELETE,
728 x_attribute => l_attribute,
729 x_fnd_user => l_fnd_user,
730 x_oid => l_oid);
731
732 if (l_oid = G_SUCCESS) then
733
734 plsql_block :=
735 'begin fnd_ldap_user.unlink_user(:1, :2, :3); end;';
736 execute immediate plsql_block using p_user_guid, p_user_name,
737 out x_result;
738
739 else -- l_oid is G_FAILURE
740
741 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
742 then
746
743 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'l_oid is false');
744 end if;
745 x_result := l_fnd_user;
747 end if; -- l_oid
748
749 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
750 then
751 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
752 end if;
753
754 exception
755 when registration_failure_exception then
756 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
757 x_result := G_FAILURE;
758 when others then
759 fnd_message.set_name ('FND', 'FND_SSO_UNEXP_ERROR');
760 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
761 then
762 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
763 end if;
764 x_result := G_FAILURE;
765
766 end unlink_user;
767 --
768 -------------------------------------------------------------------------------
769 function user_exists(p_user_name in varchar2) return pls_integer is
770
771 l_module_source varchar2(256);
772 l_apps_sso varchar2(50);
773 l_profile_defined boolean;
774 l_orclappname varchar2(256);
775 l_obj_name varchar2(256);
776 plsql_block varchar2(500);
777 retval pls_integer;
778 sso_registration_failure exception;
779 l_sso_version varchar2(10);
780 l_allow_sync varchar2(1);
781
782 begin
783 l_module_source := G_MODULE_SOURCE || 'user_exists: ';
784
785 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
786 then
787 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
788 end if;
789
790 fnd_profile.get_specific(name_z => 'APPS_SSO_LDAP_SYNC',
791 USER_ID_Z => -1,
792 RESPONSIBILITY_ID_Z => -1,
793 APPLICATION_ID_Z => -1,
794 ORG_ID_Z => -1,
795 val_z => l_allow_sync,
796 defined_z => l_profile_defined);
797
798 if (l_profile_defined and l_allow_sync = 'Y') then
799
800 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
801 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'APPS_SSO_LDAP_SYNC enabled.');
802 end if;
803
804 fnd_profile.get_specific(
805 name_z => 'APPS_SSO',
806 val_z => l_apps_sso,
810 ssoenabled := false;
807 defined_z => l_profile_defined);
808
809 if (l_apps_sso = 'PORTAL') OR (l_apps_sso = 'SSWA') then
811 else
812 ssoenabled := true;
813 end if;
814
815 if (ssoenabled) then
816 if (not init) then
817 init := true;
818 select object_name into l_obj_name from all_objects
819 where object_name = 'DBMS_LDAP' and object_type = 'PACKAGE BODY'
820 and status = 'VALID' and owner = 'SYS';
821 l_orclappname := get_orclappname;
822 -- no exception => everything is ok
823 registered := true;
824 end if;
825
826 if (registered) then
827 plsql_block :=
828 'begin :result := fnd_ldap_user.user_exists(:1); end;';
829 execute immediate plsql_block using out retval, p_user_name;
830 else
831 raise sso_registration_failure;
832 end if;
833 else -- if (!ssoenabled), simply return failure
834 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
835 then
836 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'SSO not enabled, returning false w/o querying OID user');
837 end if;
838 retval := G_FAILURE;
839 fnd_message.set_name ('FND', 'FND_SSO_NOT_ENABLED');
840 end if;
841
842 else -- APPS_SSO_LDAP_SYNC not enabled.
843
844 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
845 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'APPS_SSO_LDAP_SYNC not enabled.');
846 end if;
847
848 retval := G_FAILURE;
849 fnd_message.set_name ('FND', 'FND_SSO_NOT_ENABLED');
850
851 end if;
852
853 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
854 then
855 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
856 end if;
857
858 return retval;
859
860 exception
861 when sso_registration_failure then
862 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
863 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
864 then
865 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
866 end if;
867 raise;
868 when no_data_found then
869 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
870 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
871 then
872 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
873 end if;
874 raise;
875 when others then
876 fnd_message.set_name ('FND', 'FND_SSO_UNEXP_ERROR');
877 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
878 then
879 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
880 end if;
881 raise;
882
883 end user_exists;
884 --
885 -------------------------------------------------------------------------------
886 procedure update_user(p_user_guid in raw,
887 p_user_name in varchar2,
888 p_password in varchar2 default null,
889 p_start_date in date default null,
890 p_end_date in date default null,
891 p_description in varchar2 default null,
892 p_email_address in varchar2 default null,
893 p_fax in varchar2 default null,
894 p_expire_password in pls_integer,
895 x_password out nocopy varchar2,
896 x_result out nocopy pls_integer) is
897
898 l_module_source varchar2(256);
899 plsql_block varchar2(500);
900 l_fnd_user pls_integer;
901 l_oid pls_integer;
902 l_attribute varchar2(4000);
903 l_allowed boolean;
904 l_password varchar2(400);
905 l_start_date date;
906 l_end_date date;
907 l_description varchar2(400);
908 l_email_address varchar2(256);
909 l_fax varchar2(50);
910 --l_realm varchar2(4000);
911 l_err_code varchar2(200);
912 l_tmp_str varchar2(4000);
913
914 begin
915 l_module_source := G_MODULE_SOURCE || 'update_user: ';
916
917 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
918 then
919 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
920 end if;
921
922 l_attribute := 'userpassword,orclactivestartdate,orclactiveenddate,description,mail,facsimiletelephonenumber';
923 --l_realm := get_realm_dn(p_user_guid=>p_user_guid,p_user_name=>p_user_name);
924
928 if (l_oid = G_SUCCESS) then
925 -- Bug 8926610
926 l_oid := CanSync(null,p_user_name);
927
929
930 l_allowed := is_present(p_attribute => 'userpassword', p_template_attr_list => l_attribute);
931 if (l_allowed and p_password<>FND_WEB_SEC.EXTERNAL_PWD and p_password<>'EXTERNAL' ) then
932 l_password := p_password;
933 else
934 l_password := null;
935 end if;
936
937 l_allowed := is_present(p_attribute => 'orclactivestartdate', p_template_attr_list => l_attribute);
938 if (l_allowed) then
939 l_start_date := p_start_date;
940 else
941 l_start_date := null;
942 end if;
943
944 l_allowed := is_present(p_attribute => 'orclactiveenddate', p_template_attr_list => l_attribute);
945 if (l_allowed) then
946 l_end_date := p_end_date;
947 else
948 l_start_date := null;
949 end if;
950
951 l_allowed := is_present(p_attribute => 'description', p_template_attr_list => l_attribute);
952 if (l_allowed) then
953 l_description := p_description;
954 else
955 l_description := null;
956 end if;
957
958 l_allowed := is_present(p_attribute => 'mail', p_template_attr_list => l_attribute);
959 if (l_allowed) then
960 l_email_address := p_email_address;
961 else
962 l_email_address := null;
963 end if;
964
965 l_allowed := is_present(p_attribute => 'facsimiletelephonenumber', p_template_attr_list => l_attribute);
966 if (l_allowed) then
967 l_fax := p_fax;
968 else
969 l_fax := null;
970 end if;
971
972 plsql_block :=
973 'begin fnd_ldap_user.update_user(:1, :2, :3, :4, :5, :6, :7, :8, :9, :10, :11); end;';
974 execute immediate plsql_block using p_user_guid, p_user_name, l_password, l_start_date, l_end_date, l_description, l_email_address, l_fax, p_expire_password, out x_password, out x_result;
975
976 else -- l_oid is G_FAILURE
977
978 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
979 then
980 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'l_oid is false');
981 end if;
982 x_result := l_fnd_user;
983
984 end if; -- l_oid
985
986 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
987 then
988 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
989 end if;
990
991 exception
992 when registration_failure_exception then
993 fnd_message.set_name ('FND', fnd_ldap_errm.FND_SSO_OID_REG_ERROR);
994 x_result := G_FAILURE;
995 when others then
996
997 l_tmp_str := sqlerrm;
998 l_err_code := fnd_ldap_errm.translate_ldap_errors(l_tmp_str);
999 fnd_message.set_name ('FND', l_err_code);
1000
1001 if l_err_code = fnd_ldap_errm.FND_SSO_LDAP_APPSDN_PWD_EXPIRD then
1002 fnd_message.set_token('USER', l_tmp_str);
1003 app_exception.raise_exception;
1004 elsif l_err_code = fnd_ldap_errm.FND_SSO_LDAP_PWD_POLICY_ERR then
1005 l_tmp_str := replace(l_tmp_str, 'Your', p_user_name);
1006 fnd_message.set_token('REASON', l_tmp_str);
1007 app_exception.raise_exception;
1008 else
1009 fnd_message.set_name ('FND', fnd_ldap_errm.FND_SSO_UNEXP_ERROR);
1010 x_result := G_FAILURE;
1011 end if;
1012
1013 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1014 then
1015 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
1016 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, 'l_err_code :' || l_err_code ||', l_tmp_str :' || l_tmp_str);
1017 end if;
1018
1019 end update_user;
1020 --
1021 -------------------------------------------------------------------------------
1022 function validate_login(p_user_name in varchar2, p_password in varchar2) return boolean is
1023
1024 l_module_source varchar2(256);
1025 l_apps_sso varchar2(50);
1026 l_profile_defined boolean;
1027 l_orclappname varchar2(256);
1028 l_obj_name varchar2(256);
1029 plsql_block varchar2(500);
1030 retval boolean;
1031 sso_registration_failure exception;
1032 result pls_integer;
1033 l_sso_version varchar2(10);
1034 l_allow_sync varchar2(1);
1035
1036 begin
1037 l_module_source := G_MODULE_SOURCE || 'validate_login: ';
1038
1039 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1040 then
1041 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
1042 end if;
1043
1044 fnd_profile.get_specific(name_z => 'APPS_SSO_LDAP_SYNC',
1045 USER_ID_Z => -1,
1046 RESPONSIBILITY_ID_Z => -1,
1047 APPLICATION_ID_Z => -1,
1048 ORG_ID_Z => -1,
1049 val_z => l_allow_sync,
1050 defined_z => l_profile_defined);
1051
1052 if (l_profile_defined and l_allow_sync = 'Y') then
1053
1054 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1055 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'APPS_SSO_LDAP_SYNC enabled.');
1059 name_z => 'APPS_SSO',
1056 end if;
1057
1058 fnd_profile.get_specific(
1060 val_z => l_apps_sso,
1061 defined_z => l_profile_defined);
1062
1063 if (l_apps_sso = 'PORTAL') OR (l_apps_sso = 'SSWA') then
1064 ssoenabled := false;
1065 else
1066 ssoenabled := true;
1067 end if;
1068
1069 if (ssoenabled) then
1070 if (not init) then
1071 init := true;
1072 select object_name into l_obj_name from all_objects
1073 where object_name = 'DBMS_LDAP' and object_type = 'PACKAGE BODY'
1074 and status = 'VALID' and owner = 'SYS';
1075 l_orclappname := get_orclappname;
1076 -- no exception => everything is ok
1077 registered := true;
1078 end if;
1079
1080 if (registered) then
1081 plsql_block :=
1082 'begin :result := fnd_ldap_user.validate_login(:1, :2); end;';
1083 execute immediate plsql_block using out result, p_user_name, p_password;
1084 if (result = G_SUCCESS) then
1085 retval := true;
1086 else
1087 retval := false;
1088 end if;
1089 else
1090 raise sso_registration_failure;
1091 end if;
1092 else -- if (!ssoenabled), simply return false
1093 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1094 then
1095 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'SSO not enabled, returning false');
1096 end if;
1097 retval := false;
1098 fnd_message.set_name ('FND', 'FND_SSO_NOT_ENABLED');
1099 end if;
1100
1101 else -- APPS_SSO_LDAP_SYNC not enabled.
1102
1103 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1104 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'APPS_SSO_LDAP_SYNC not enabled.');
1105 end if;
1106
1107 retval := false;
1108 fnd_message.set_name ('FND', 'FND_SSO_NOT_ENABLED');
1109
1110 end if;
1111
1112 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1113 then
1114 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
1115 end if;
1116
1117 return retval;
1118
1119 exception
1120 when sso_registration_failure then
1121 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
1122 raise;
1123 when no_data_found then
1124 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
1125 raise;
1126
1127 end validate_login;
1128 --
1129 -------------------------------------------------------------------------------
1130 function get_orclappname return varchar2 is
1131
1132 l_module_source varchar2(256);
1133 orclAppName varchar2(256);
1134 sso_registration_failure exception;
1135
1136 begin
1137 l_module_source := G_MODULE_SOURCE || 'get_orclappname: ';
1138
1139 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1140 then
1141 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
1142 end if;
1143
1144 select fnd_preference.get('#INTERNAL','LDAP_SYNCH', 'USERNAME')
1145 into orclAppName
1146 from dual;
1147
1148 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1149 then
1150 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
1151 end if;
1152
1153 return orclAppName;
1154
1155 exception
1156 when no_data_found then
1157 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1158 then
1159 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
1160 end if;
1161 raise;
1162 end get_orclappname;
1163 --
1164 -------------------------------------------------------------------------------
1165 procedure is_operation_allowed(p_realm in varchar2,p_direction in pls_integer default G_EBIZ_TO_OID,
1166 p_entity in pls_integer,
1167 p_operation in pls_integer,
1168 p_user_name in varchar2,
1169 p_user_id in number,
1170 x_attribute in out nocopy varchar2,
1171 x_fnd_user out nocopy pls_integer,
1172 x_oid out nocopy pls_integer) is
1173
1174 l_module_source varchar2(256);
1175 l_apps_sso varchar2(50);
1176 l_profile_defined boolean;
1177 l_orclappname varchar2(256);
1178 l_obj_name varchar2(256);
1179 plsql_block varchar2(500);
1180 sso_registration_failure exception;
1181 l_registration pls_integer;
1182 l_sso_version varchar2(10);
1183 l_allow_sync varchar2(1);
1184
1185 -- Bug 9405673 - added for user_id and user_name args to get APPS_SSO_LDAP_SYNC
1186 -- at user level. Default to site if both are null
1187 l_user_id FND_USER.user_ID%TYPE := -1;
1188
1189
1190 begin
1191 l_module_source := G_MODULE_SOURCE || 'is_operation_allowed: ';
1192
1193 if (fnd_log.LEVEL_PROCEDURE >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1194 then
1195 fnd_log.string(fnd_log.LEVEL_PROCEDURE, l_module_source, 'Begin');
1196 end if;
1197
1198 x_fnd_user := G_SUCCESS;
1199 x_oid := G_FAILURE;
1200
1201 if (p_user_id is not null) then
1202
1203 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1204 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source,'user_id: '||to_char(p_user_id));
1205 end if;
1206
1207 l_user_id := p_user_id;
1208 elsif (p_user_id is null and p_user_name is not null) then
1209
1210 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1211 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source,'user_name: '||p_user_name||' now get userid');
1212 end if;
1213
1214 begin
1215 select user_id into l_user_id
1216 from fnd_user
1217 where user_name = p_user_name;
1218 exception when others then
1219 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1220 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source,'User not found..use site');
1221 end if;
1222 null;
1223 end;
1224 end if;
1225
1226 fnd_profile.get_specific(name_z => 'APPS_SSO_LDAP_SYNC',
1227 USER_ID_Z => l_user_id,
1228 RESPONSIBILITY_ID_Z => -1,
1229 APPLICATION_ID_Z => -1,
1230 ORG_ID_Z => -1,
1231 val_z => l_allow_sync,
1232 defined_z => l_profile_defined);
1233
1234 if (l_profile_defined and l_allow_sync = 'Y') then
1235
1236 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1237 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'APPS_SSO_LDAP_SYNC enabled.');
1238 end if;
1239
1240 get_registration(x_registration => l_registration);
1241 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1242 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source
1243 , 'Registration :: '||l_registration);
1244 end if;
1245
1246 if (l_registration = FND_LDAP_WRAPPER.G_VALID_REGISTRATION) then
1247 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1248 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source
1249 ,'Valid registration');
1250 end if;
1251 plsql_block :=
1252 'begin fnd_sso_registration.is_operation_allowed(:1, :2, :3, :4, :5, :6,null,:7); end;';
1253 execute immediate plsql_block using p_direction, p_entity, p_operation, in out x_attribute, out x_fnd_user, out x_oid,in p_realm;
1254
1255 elsif(l_registration = FND_LDAP_WRAPPER.G_INVALID_REGISTRATION) then
1256 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1257 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source
1258 ,'Invalid registration');
1259 end if;
1260 raise registration_failure_exception;
1261 elsif(l_registration = FND_LDAP_WRAPPER.G_NO_REGISTRATION) then
1262 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1263 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source
1264 ,'No registration');
1265 end if;
1266 x_fnd_user := G_SUCCESS;
1267 x_oid := G_FAILURE;
1268 end if;
1269
1270 else -- APPS_SSO_LDAP_SYNC not enabled.
1271
1272 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1273 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'APPS_SSO_LDAP_SYNC not enabled.');
1274 end if;
1275
1276 end if;
1277
1278 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1279 then
1283
1280 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source,
1281 'out values x_fnd_user: '||x_fnd_user||' x_oid: '||x_oid);
1282 end if;
1284
1285 if (fnd_log.LEVEL_PROCEDURE >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1286 then
1287 fnd_log.string(fnd_log.LEVEL_PROCEDURE, l_module_source, 'End');
1288 end if;
1289
1290 exception
1291 when registration_failure_exception then
1292 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
1293 x_fnd_user := G_FAILURE;
1294 x_oid := G_FAILURE;
1295 raise registration_failure_exception;
1296 when no_data_found then
1297 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
1298 x_fnd_user := G_FAILURE;
1299 x_oid := G_FAILURE;
1300 raise registration_failure_exception;
1301 when others then
1302 fnd_message.set_name ('FND', 'FND_SSO_UNEXP_ERROR');
1303 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1304 then
1305 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
1306 end if;
1307 raise;
1308 end is_operation_allowed;
1309 --
1310 -------------------------------------------------------------------------------
1311 procedure is_operation_allowed(p_realm in varchar2,p_operation in pls_integer,
1312 x_fnd_user out nocopy pls_integer,
1313 x_oid out nocopy pls_integer) is
1314
1315 l_module_source varchar2(256);
1316 l_apps_sso varchar2(50);
1317 l_profile_defined boolean;
1318 l_orclappname varchar2(256);
1319 l_obj_name varchar2(256);
1320 plsql_block varchar2(500);
1321 sso_registration_failure exception;
1322
1323 begin
1324 l_module_source := G_MODULE_SOURCE || 'is_operation_allowed: ';
1325
1326 if (fnd_log.LEVEL_PROCEDURE >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1327 then
1328 fnd_log.string(fnd_log.LEVEL_PROCEDURE, l_module_source, 'Begin');
1329 end if;
1330
1331 x_fnd_user := G_SUCCESS;
1332 x_oid := G_FAILURE;
1333
1334 fnd_profile.get_specific(
1335 name_z => 'APPS_SSO',
1336 val_z => l_apps_sso,
1337 defined_z => l_profile_defined);
1338
1339 if (l_apps_sso = 'PORTAL') OR (l_apps_sso = 'SSWA') then
1340 ssoenabled := false;
1341 else
1342 ssoenabled := true;
1343 end if;
1344
1345 if (ssoenabled) then
1346
1347 if (not init) then
1348 init := true;
1349 select object_name into l_obj_name from all_objects
1350 where object_name = 'DBMS_LDAP' and object_type = 'PACKAGE BODY'
1351 and status = 'VALID' and owner = 'SYS';
1352 l_orclappname := get_orclappname;
1353 -- no exception => everything is ok
1354 registered := true;
1355 end if;
1356
1357 if (registered) then
1358 plsql_block :=
1359 'begin fnd_sso_registration.is_operation_allowed(:1, :2, :3,null,:4); end;';
1360 execute immediate plsql_block using p_operation, out x_fnd_user, out x_oid,in p_realm;
1361 else
1362 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1363 then
1364 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'SSO profile enabled but improper regitration');
1365 end if;
1366 -- In this case the OID operation should be allowed so that it fail
1367 -- subsequently causing the FND operation also fail
1368 raise sso_registration_failure;
1369 end if;
1370
1371 else -- if (!ssoenabled), simply return false
1372 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1373 then
1374 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'SSO not enabled, returning false');
1375 end if;
1376 x_fnd_user := G_SUCCESS;
1377 x_oid := G_FAILURE;
1378 fnd_message.set_name ('FND', 'FND_SSO_NOT_ENABLED');
1379 end if;
1380
1381 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1382 then
1383 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source,
1384 'out values x_fnd_user: '||x_fnd_user||' x_oid: '||x_oid);
1385 end if;
1386
1387 if (fnd_log.LEVEL_PROCEDURE >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1388 then
1389 fnd_log.string(fnd_log.LEVEL_PROCEDURE, l_module_source, 'End');
1390 end if;
1391
1392 exception
1393 when sso_registration_failure then
1394 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
1395 x_fnd_user := G_SUCCESS;
1396 x_oid := G_SUCCESS;
1397 when no_data_found then
1398 fnd_message.set_name ('FND', 'FND_SSO_OID_REG_ERROR');
1399 x_fnd_user := G_SUCCESS;
1400 x_oid := G_SUCCESS;
1401 when others then
1402 fnd_message.set_name ('FND', 'FND_SSO_UNEXP_ERROR');
1403 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1404 then
1405 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
1406 end if;
1407 raise;
1408 end is_operation_allowed;
1409 --
1410 -------------------------------------------------------------------------------
1411 procedure get_registration(x_registration out nocopy pls_integer) is
1412
1413 l_module_source varchar2(256);
1414 l_apps_sso varchar2(50);
1415 l_profile_defined boolean;
1416 l_return_value pls_integer;
1417 l_sso_enabled boolean;
1418
1419 l_orclappname varchar2(256);
1420 l_obj_name varchar2(256);
1421 plsql_block varchar2(500);
1422
1423 begin
1424 l_module_source := G_MODULE_SOURCE || 'get_registration ';
1425
1426 if (fnd_log.LEVEL_PROCEDURE >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1427 then
1428 fnd_log.string(fnd_log.LEVEL_PROCEDURE, l_module_source, 'Begin');
1429 end if;
1430
1431 fnd_profile.get_specific(
1432 name_z => 'APPS_SSO',
1433 val_z => l_apps_sso,
1434 defined_z => l_profile_defined);
1435
1436 if (l_apps_sso = 'PORTAL') OR (l_apps_sso = 'SSWA')
1437 then
1438 l_sso_enabled := false;
1439 else
1440 l_sso_enabled := true;
1441 end if;
1442
1443 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1444 then
1445 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'SSO enabled ::');
1446 end if;
1447
1448
1449 if (l_sso_enabled) then
1450 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1451 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'SSO profile is enabled');
1452 end if;
1453
1454 if (not initreg) then
1455 initreg := true;
1456 select object_name into l_obj_name from all_objects
1457 where object_name = 'DBMS_LDAP' and object_type = 'PACKAGE BODY'
1458 and status = 'VALID' and owner = 'SYS';
1459
1460 l_orclappname := get_orclappname;
1461 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1462 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'l_orclappname :: '||l_orclappname);
1463 end if;
1464
1465 if(l_orclappname IS NULL) then
1466 registration := G_INVALID_REGISTRATION;
1467 else
1468 registration := G_VALID_REGISTRATION;
1469 end if;
1470
1471 -- no exception => everything is ok
1472 x_registration := registration;
1473 else
1474 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1475 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Already initialized');
1476 end if;
1477
1478 x_registration := registration;
1479 end if;
1480 else
1481 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1482 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'SSO profile not set');
1483 end if;
1484
1485 x_registration := G_NO_REGISTRATION;
1486 end if;
1487
1488 if (fnd_log.LEVEL_PROCEDURE >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1489 fnd_log.string(fnd_log.LEVEL_PROCEDURE, l_module_source, 'End');
1490 end if;
1491
1492 exception
1493 when no_data_found then
1494 registration := G_INVALID_REGISTRATION;
1495 x_registration := registration;
1496
1497 when others then
1498 fnd_message.set_name ('FND', 'FND_SSO_UNEXP_ERROR');
1499 if (fnd_log.LEVEL_ERROR >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1500 fnd_log.string(fnd_log.LEVEL_ERROR, l_module_source, sqlerrm);
1501 end if;
1502 raise;
1503 end get_registration;
1504
1505 function is_present(p_attribute in varchar2, p_template_attr_list in varchar2) return boolean is
1506
1507 is_present boolean := false;
1508 l_module_source varchar2(256);
1509 num pls_integer := 0;
1510 st pls_integer := 0;
1511 en pls_integer := 0;
1512 l_str varchar2(4000) := '';
1513 l_tmp varchar2(4000);
1514 l_tmp2 varchar2(4000);
1515 l_template_attr_list varchar2(4000);
1516
1517 begin
1518 l_module_source := G_MODULE_SOURCE || 'is_present: ';
1519 if (fnd_log.LEVEL_PROCEDURE >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1520 then
1521 fnd_log.string(fnd_log.LEVEL_PROCEDURE, l_module_source, 'Begin');
1522 end if;
1523 l_template_attr_list :=trim_attribute(p_template_attr_list);
1524 st := 1;
1525 en := INSTR(l_template_attr_list,',', st, 1);
1526
1527
1528 if(en <= 0)
1529 then
1530 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1531 then
1532 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Only one attribute en = '||en);
1533 end if;
1534 l_tmp := l_template_attr_list;
1535 if(upper(p_attribute) = upper(l_tmp) ) then
1536 is_present := true;
1537 end if;
1538 else
1539
1540 WHILE (en > 0)
1541 LOOP
1542 l_tmp := SUBSTR(l_template_attr_list, st, en-st);
1543 l_tmp := trim(l_tmp);
1544 if(upper(p_attribute) = upper(l_tmp) ) then
1545 is_present := true;
1546 end if;
1547 st := en+1;
1548 en := INSTR(l_template_attr_list,',', st, 1);
1549 num := num+1;
1550 if(en = 0) then
1551 l_tmp := SUBSTR(l_template_attr_list, st, length(l_template_attr_list)-st+1);
1552 l_tmp := trim(l_tmp);
1553 if(upper(p_attribute) = upper(l_tmp) ) then
1554 is_present := true;
1555 end if;
1556 end if;
1557
1558 END LOOP;
1559 end if;
1560
1561 return is_present;
1562
1563 end is_present;
1564
1565 function trim_attribute(p_attr in varchar2) return varchar2 is
1566
1567 l_tmp varchar2(4000);
1568 begin
1569
1570 l_tmp := trim(p_attr);
1571 l_tmp := ltrim(l_tmp, '(');
1572 l_tmp := rtrim(l_tmp, ')');
1573 l_tmp := trim(l_tmp);
1574
1575 return l_tmp;
1576
1577 end trim_attribute;
1578
1579 /*
1580 * Bug 6249845
1581 * Wrapper for FND_OID_PLUG.get_realm_dn
1582 */
1583 function get_realm_dn( p_user_guid in raw default null, p_user_name in varchar2 default null)
1584 return varchar2
1585 is
1586 l_module_source varchar2(4000);
1587 l_result varchar2(4000);
1588 plsql_block varchar2(100);
1589 BEGIN
1590 l_module_source := G_MODULE_SOURCE || 'get_realm_dn';
1591 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1592 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
1593 end if;
1594 if (oid_synchronization_enabled) then
1595 plsql_block := 'begin :1 := fnd_oid_plug.get_realm_dn(:2, :3); end;';
1596 execute immediate plsql_block using out l_result, p_user_guid,p_user_name;
1597 else
1598 l_result := null;
1599 end if;
1600 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1601 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'END->'||l_result);
1602 end if;
1603 return l_result;
1604
1605
1606
1607 END get_realm_dn;
1608
1609 function oid_synchronization_enabled return boolean
1610 is
1611 l_module_source varchar2(4000);
1612 l_result boolean;
1613 l_profile_defined boolean;
1614 l_allow_sync varchar2(1);
1615 registration pls_integer;
1616
1617 begin
1618 l_module_source := G_MODULE_SOURCE || 'oid_synchronization_enabled ';
1619 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1620 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
1621 end if;
1622 get_registration(registration);
1623
1624 if ( registration=G_VALID_REGISTRATION) then
1625
1626 fnd_profile.get_specific(name_z => 'APPS_SSO_LDAP_SYNC',
1627 USER_ID_Z => -1,
1628 RESPONSIBILITY_ID_Z => -1,
1629 APPLICATION_ID_Z => -1,
1630 ORG_ID_Z => -1,
1631 val_z => l_allow_sync,
1632 defined_z => l_profile_defined);
1633
1634 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1635 if (l_profile_defined) then
1636 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source ,'SITE APPS_SSO_LDAP_SYNC='||l_allow_sync );
1637 else
1638 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source ,'APPS_SSO_LDAP_SYNC not defined' );
1639 end if;
1640 end if;
1641 l_result := l_profile_defined and l_allow_sync = 'Y';
1642 else
1643 l_result := false;
1644 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1645 if(registration = FND_LDAP_WRAPPER.G_INVALID_REGISTRATION) then
1646 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source ,'Invalid registration');
1647 elsif(registration = FND_LDAP_WRAPPER.G_NO_REGISTRATION) then
1648 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source ,'No registration');
1649 else
1650 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source ,'Unknown returning status:'||registration);
1651 end if;
1652 end if;
1653 end if;
1654
1655
1656 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1657 if (l_result) then
1658 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'END-> TRUE');
1659 else
1660 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'END-> FALSE');
1661 end if;
1662 end if;
1663 return l_result;
1664 exception when others then
1665 if (fnd_log.LEVEL_UNEXPECTED >= fnd_log.G_CURRENT_RUNTIME_LEVEL) then
1666 fnd_log.string(fnd_log.LEVEL_UNEXPECTED, l_module_source ,'Unexpected exception '||sqlerrm);
1667 raise;
1668 end if;
1669
1670 end oid_synchronization_enabled;
1671
1672 procedure unlink_ebiz_user(p_user_name in varchar2) is
1673
1674 l_module_source varchar2(256);
1675 l_user_id fnd_user.user_id%type;
1676 l_user_name fnd_user.user_name%type;
1677 l_user_guid fnd_user.user_guid%type;
1678 l_local_login varchar2(10);
1679 l_profile_defined boolean;
1680 l_result pls_integer;
1681
1682 l_del_prof boolean;
1683
1684 cursor ebiz_users is
1685 select user_name, user_id, user_guid
1686 from fnd_user
1687 where user_name like upper(p_user_name)
1688 and user_guid is not null;
1689
1690 begin
1691
1692 l_module_source := G_MODULE_SOURCE||'unlink_ebiz_user';
1693
1694 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1695 then
1696 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Begin');
1697 end if;
1698
1699 if (p_user_name is not null) then
1700
1701 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1702 then
1703 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'User name was passed - get linked users');
1704 end if;
1705
1706 open ebiz_users;
1707
1708 LOOP
1709 fetch ebiz_users into l_user_name, l_user_id, l_user_guid;
1710 exit when ebiz_users%NOTFOUND;
1711
1712 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1713 then
1714 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Unlink user '||l_user_name);
1715 end if;
1716
1717 update fnd_user
1718 set user_guid = null
1719 where user_name = l_user_name and user_guid is not null;
1720
1721 fnd_profile.get_specific(
1722 name_z => 'APPS_SSO_LOCAL_LOGIN',
1723 user_id_z => l_user_id,
1724 val_z => l_local_login,
1725 defined_z => l_profile_defined);
1726
1727 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1728 then
1729 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Got local login profile '||l_local_login);
1730 end if;
1731
1732 if (l_local_login = 'SSO' or l_local_login = 'BOTH') then
1733 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1734 then
1735 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Local login is SSO - delete user level profile');
1736 end if;
1737
1738 l_del_prof := fnd_profile.delete(
1739 x_name => 'APPS_SSO_LOCAL_LOGIN',
1740 x_level_name => 'USER',
1741 x_level_value => l_user_id);
1742 end if;
1743
1744 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1745 then
1746 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Delete APPS_SSO_LDAP_SYNC user level profile');
1747 end if;
1748
1749 l_del_prof := fnd_profile.delete(
1750 x_name => 'APPS_SSO_LDAP_SYNC',
1751 x_level_name => 'USER',
1752 x_level_value => l_user_id);
1753
1754 -- Attempt to unlink the user in OID
1755 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1756 then
1757 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Attempt to unlink user in OID');
1758 end if;
1759
1760 begin
1761 unlink_user(l_user_guid,l_user_name,l_result);
1762 exception when others then
1763 null;
1764 end;
1765
1766 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1767 then
1768 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'User has been unlinked - flush the wf_attribute_cache for user_name: '||l_user_name);
1769 end if;
1770
1771 wf_entity_mgr.flush_cache('USER', l_user_name);
1772
1773 END LOOP;
1774 close ebiz_users;
1775
1776 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1777 then
1778 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'Done unlinking FND users');
1779 end if;
1780
1781 END IF;
1782
1783 if (fnd_log.LEVEL_STATEMENT >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1784 then
1785 fnd_log.string(fnd_log.LEVEL_STATEMENT, l_module_source, 'End');
1786 end if;
1787
1788 exception when others then
1789 if (fnd_log.LEVEL_EXCEPTION >= fnd_log.G_CURRENT_RUNTIME_LEVEL)
1790 then
1791 fnd_log.string(fnd_log.LEVEL_EXCEPTION, l_module_source, 'Failed to unlink user');
1792 end if;
1793 end unlink_ebiz_user;
1794
1795 end fnd_ldap_wrapper;
1796