Wordcamp Wilmington Wordpress 101
Your SlideShare is downloading.
×
Check these out next
Recommended
More Related Content
Slideshows for you (20)
Similar to APEX & Cookie Monster (20)
More from Christian Rokitta (16)
Recently uploaded (20)
APEX & Cookie Monster
- 1. Apex & Cookie Monster Christian Rokitta
- 2. Apex & Cookie Monster Christian Rokitta This presentation uses cookies. EU regulations require us to gain your consent before continuing. No, thanks Accept
- 3. Agenda • Cookie Basics • Anatomy of a Cookie • Cookies in APEX • Use Case: Another Approach to Authentication
- 4. Cookie Basics - HTTP
- 5. What are Cookies…. Really? • Small bits of text data that are stored in and shared by the browser. • Can be for any purpose:
- 6. Are Cookies Bad For You? • Cookies have been given a bad reputation o Developer Designs o Hackers o Advertisers • Cookies can be useful • As with real cookies … Too many is probably not good for you
- 7. Anatomy of a Cookie
- 8. Domain • Cookies from different sites are separated by Domain • Browsers only send cookies for the current domain • Super Cookies (*.com, *.org) are (and should be) blocked by most browsers
- 9. Path • Setting a Path dictates when a cookie is sent by the browser. • Path cookies are hierarchical, meaning that cookies at higher path value will be sent when lower paths are requested Example: hbp://domain/applica6on/area/sub_area Cookie for: /applica6on/area/sub_area Cookie for: /applica6on/area Cookie for: /applica6on Cookie for: /
- 10. Expires • Session: When the browser is closed, the cookie value will be lost • Date: Configurable date to allow persistence of a cookie after the browser has been closed
- 11. HTTP_ONLY • Modern browsers respect the separation of cookies that should not be available to JavaScript • Reduces the risk of malicious JavaScript from reading or adjus6ng the cookie values
- 12. Secure • Only sent (by browser) when using HTTPS • Secure cookies can be received via HTTP
- 13. Tools • Different browsers provide different tools • Cookies can be added, removed, and edited • Most modern browsers will include easy visibility into the cookies being used
- 14. APEX & Cookies
- 15. Page Render • “I just did set it! Where did it go …?” • You cannot read a cookie that you just did set to use in your current page rendering
- 16. Why use? The reason cookies are not seen as valuable to APEX users is because of easy DB access and session framework. How can cookies provide value to an APEX application?
- 17. Demo – Cookie Authentication
- 18. PL/SQL Packages • SYS.UTL_HTTP is not available (by default grants) • OWA_COOKIE • OWA_UTIL
- 19. OWA Cookie Record TYPE vc_arr IS TABLE OF VARCHAR2(4000) INDEX BY BINARY_INTEGER; TYPE COOKIE IS RECORD ( name VARCHAR2(4000), vals vc_arr, num_vals INTEGER);
- 20. APEX JavaScript API • apex.storage.getCookie(pName) • apex.storage.setCookie(pName,pValue)
- 21. Resources & Kudos • Demo Application https://apex.oracle.com/pls/apex/f?p=63242:1:::::: • Blog Post (explaining the demo application) http://rokitta.blogspot.nl/2012/10/remember-me-apex-autologin.html • Many thanks to: Tim St. Hilaire, the original Cookie Monster http://wphilltech.com/apex-authentication-with-cookie/
- 22. Fragen & Antworten http://rokitta.blogspot.com @crokitta christian@rokitta.nl http://www.themes4apex.com http://plus.google.com/+ChristianRokitta http://nl.linkedin.com/in/rokit/
