SlideShare a Scribd company logo
1 of 22
Apex &
Cookie
Monster
Christian Rokitta
Apex &
Cookie
Monster
Christian Rokitta
This presentation uses cookies.
EU regulations require us to gain your
consent before continuing.
No, thanks Accept
Agenda
• Cookie Basics
• Anatomy of a Cookie
• Cookies in APEX
• Use Case:
Another Approach to Authentication
Cookie Basics - HTTP
What are Cookies…. Really?
• Small bits of text data that are stored in and
shared by the browser.
• Can be for any purpose:
Are Cookies Bad For You?
• Cookies have been given a bad reputation
o Developer Designs
o Hackers
o Advertisers
• Cookies can be useful
• As with real cookies …
Too many is probably not good for you
Anatomy of a Cookie
Domain
• Cookies from different sites are separated by
Domain
• Browsers only send cookies for the current
domain
• Super Cookies (*.com, *.org) are (and should
be) blocked by most browsers
Path
• Setting a Path dictates when a cookie is sent by the
browser.
• Path cookies are hierarchical, meaning that cookies at
higher path value will be sent when lower paths are
requested
Example: hbp://domain/applica6on/area/sub_area
Cookie for: /applica6on/area/sub_area
Cookie for: /applica6on/area
Cookie for: /applica6on
Cookie for: /
Expires
• Session: When the browser is closed, the
cookie value will be lost
• Date: Configurable date to allow persistence
of a cookie after the browser has been closed
HTTP_ONLY
• Modern browsers respect the separation of
cookies that should not be available to
JavaScript
• Reduces the risk of malicious JavaScript from
reading or adjus6ng the cookie values
Secure
• Only sent (by browser) when using HTTPS
• Secure cookies can be received via HTTP
Tools
• Different browsers provide different tools
• Cookies can be added, removed, and edited
• Most modern browsers will include easy
visibility into the cookies being used
APEX & Cookies
Page Render
• “I just did set it! Where did it go …?”
• You cannot read a cookie that you just did set
to use in your current page rendering
Why use?
The reason cookies are not seen as valuable to
APEX users is because of easy DB access and
session framework.
How can cookies provide value to an APEX
application?
Demo – Cookie Authentication
PL/SQL Packages
• SYS.UTL_HTTP is not available
(by default grants)
• OWA_COOKIE
• OWA_UTIL
OWA Cookie Record
TYPE vc_arr IS TABLE OF VARCHAR2(4000)
INDEX BY BINARY_INTEGER;
TYPE COOKIE IS RECORD (
name VARCHAR2(4000),
vals vc_arr,
num_vals INTEGER);
APEX JavaScript API
• apex.storage.getCookie(pName)
• apex.storage.setCookie(pName,pValue)
Resources & Kudos
• Demo Application
https://apex.oracle.com/pls/apex/f?p=63242:1::::::
• Blog Post (explaining the demo application)
http://rokitta.blogspot.nl/2012/10/remember-me-apex-autologin.html
• Many thanks to: Tim St. Hilaire, the original
Cookie Monster
http://wphilltech.com/apex-authentication-with-cookie/
Fragen & Antworten
http://rokitta.blogspot.com
@crokitta
christian@rokitta.nl
http://www.themes4apex.com
http://plus.google.com/+ChristianRokitta
http://nl.linkedin.com/in/rokit/

More Related Content

What's hot

Develop and Scale with PHP
Develop and Scale with PHPDevelop and Scale with PHP
Develop and Scale with PHP
Bo Wang
 

What's hot (20)

Wordcamp Wilmington Wordpress 101
Wordcamp Wilmington Wordpress 101Wordcamp Wilmington Wordpress 101
Wordcamp Wilmington Wordpress 101
 
Word press 2017 hosting
Word press 2017   hostingWord press 2017   hosting
Word press 2017 hosting
 
SSL and Wordpress
SSL and WordpressSSL and Wordpress
SSL and Wordpress
 
Develop and Scale with PHP
Develop and Scale with PHPDevelop and Scale with PHP
Develop and Scale with PHP
 
The Accessible Web
The Accessible WebThe Accessible Web
The Accessible Web
 
Should you be using WordPress as your web platform?
Should you be using WordPress as your web platform?Should you be using WordPress as your web platform?
Should you be using WordPress as your web platform?
 
WordPress optimization
WordPress optimizationWordPress optimization
WordPress optimization
 
How to encrypt and protect your moodle site for free with let's encrypt
How to encrypt and protect your moodle site for free with let's encryptHow to encrypt and protect your moodle site for free with let's encrypt
How to encrypt and protect your moodle site for free with let's encrypt
 
Building WordPress sites with AngularJS and the RESTful plugin JSON API @ Dev...
Building WordPress sites with AngularJS and the RESTful plugin JSON API @ Dev...Building WordPress sites with AngularJS and the RESTful plugin JSON API @ Dev...
Building WordPress sites with AngularJS and the RESTful plugin JSON API @ Dev...
 
Multisite core concepts final
Multisite core concepts finalMultisite core concepts final
Multisite core concepts final
 
Best Practices for Building Sites in dotCMS
Best Practices for Building Sites in dotCMSBest Practices for Building Sites in dotCMS
Best Practices for Building Sites in dotCMS
 
Web development using ASP.NET MVC
Web development using ASP.NET MVC Web development using ASP.NET MVC
Web development using ASP.NET MVC
 
Going Multi-Tenant with dotCMS
Going Multi-Tenant with dotCMSGoing Multi-Tenant with dotCMS
Going Multi-Tenant with dotCMS
 
Unobtrusive javascript
Unobtrusive javascriptUnobtrusive javascript
Unobtrusive javascript
 
Cookies in servlets.ppt
Cookies in servlets.pptCookies in servlets.ppt
Cookies in servlets.ppt
 
Building WordPress sites with AngularJS and the RESTful plugin JSON API
Building WordPress sites with AngularJS and the RESTful plugin JSON APIBuilding WordPress sites with AngularJS and the RESTful plugin JSON API
Building WordPress sites with AngularJS and the RESTful plugin JSON API
 
Getting SEO performance in Angular Meteor with ngmeta
Getting SEO performance in Angular Meteor with ngmetaGetting SEO performance in Angular Meteor with ngmeta
Getting SEO performance in Angular Meteor with ngmeta
 
Cache
CacheCache
Cache
 
WordPress Optimization Tips for Performance & Speed
WordPress Optimization Tips for Performance & SpeedWordPress Optimization Tips for Performance & Speed
WordPress Optimization Tips for Performance & Speed
 
Using MAMP for Web Development
Using MAMP for Web DevelopmentUsing MAMP for Web Development
Using MAMP for Web Development
 

Similar to APEX & Cookie Monster

5 Common Mistakes You are Making on your Website
 5 Common Mistakes You are Making on your Website 5 Common Mistakes You are Making on your Website
5 Common Mistakes You are Making on your Website
Acquia
 
Ch4(saving state with cookies and query strings)
Ch4(saving state with cookies and query strings)Ch4(saving state with cookies and query strings)
Ch4(saving state with cookies and query strings)
Chhom Karath
 

Similar to APEX & Cookie Monster (20)

Cookie testing
Cookie testingCookie testing
Cookie testing
 
Token Handler Pattern
Token Handler PatternToken Handler Pattern
Token Handler Pattern
 
PHP COOKIES AND SESSIONS
PHP COOKIES AND SESSIONSPHP COOKIES AND SESSIONS
PHP COOKIES AND SESSIONS
 
OWASP AppSec USA 2017: Cookie Security – Myths and Misconceptions by David Jo...
OWASP AppSec USA 2017: Cookie Security – Myths and Misconceptions by David Jo...OWASP AppSec USA 2017: Cookie Security – Myths and Misconceptions by David Jo...
OWASP AppSec USA 2017: Cookie Security – Myths and Misconceptions by David Jo...
 
Http only cookie
Http only cookieHttp only cookie
Http only cookie
 
USG Rock Eagle 2017 - PWP at 1000 Days
USG Rock Eagle 2017 - PWP at 1000 DaysUSG Rock Eagle 2017 - PWP at 1000 Days
USG Rock Eagle 2017 - PWP at 1000 Days
 
Php 07-cookies-sessions
Php 07-cookies-sessionsPhp 07-cookies-sessions
Php 07-cookies-sessions
 
Advance java session 7
Advance java session 7Advance java session 7
Advance java session 7
 
5 Common Mistakes You are Making on your Website
 5 Common Mistakes You are Making on your Website 5 Common Mistakes You are Making on your Website
5 Common Mistakes You are Making on your Website
 
Mini-Training: To cache or not to cache
Mini-Training: To cache or not to cacheMini-Training: To cache or not to cache
Mini-Training: To cache or not to cache
 
Ch4(saving state with cookies and query strings)
Ch4(saving state with cookies and query strings)Ch4(saving state with cookies and query strings)
Ch4(saving state with cookies and query strings)
 
Website essentials things every library website should have
Website essentials  things every library website should haveWebsite essentials  things every library website should have
Website essentials things every library website should have
 
Session and Cookies
Session and CookiesSession and Cookies
Session and Cookies
 
Session and cookies,get and post
Session and cookies,get and postSession and cookies,get and post
Session and cookies,get and post
 
Web Browser-add ons.pptx
Web Browser-add ons.pptxWeb Browser-add ons.pptx
Web Browser-add ons.pptx
 
SharePoint Development Workshop
SharePoint Development WorkshopSharePoint Development Workshop
SharePoint Development Workshop
 
Enterprise java unit-2_chapter-2
Enterprise  java unit-2_chapter-2Enterprise  java unit-2_chapter-2
Enterprise java unit-2_chapter-2
 
WCBos13 intermediate workshop
WCBos13 intermediate workshopWCBos13 intermediate workshop
WCBos13 intermediate workshop
 
Session and cookies,get and post methods
Session and cookies,get and post methodsSession and cookies,get and post methods
Session and cookies,get and post methods
 
16 cookies
16 cookies16 cookies
16 cookies
 

More from Christian Rokitta

"Native" Apps with APEX and PhoneGap
"Native" Apps with APEX and PhoneGap"Native" Apps with APEX and PhoneGap
"Native" Apps with APEX and PhoneGap
Christian Rokitta
 
Face off apex template and themes - 3.0 - k-scope11
Face off   apex template and themes - 3.0 - k-scope11Face off   apex template and themes - 3.0 - k-scope11
Face off apex template and themes - 3.0 - k-scope11
Christian Rokitta
 

More from Christian Rokitta (16)

Keep me moving goin mobile
Keep me moving   goin mobileKeep me moving   goin mobile
Keep me moving goin mobile
 
Hitchhiker's guide to the Universal Theme
Hitchhiker's guide to the Universal ThemeHitchhiker's guide to the Universal Theme
Hitchhiker's guide to the Universal Theme
 
Browser Developer Tools for APEX Developers
Browser Developer Tools for APEX DevelopersBrowser Developer Tools for APEX Developers
Browser Developer Tools for APEX Developers
 
Bootstrapify Universal Theme
Bootstrapify Universal ThemeBootstrapify Universal Theme
Bootstrapify Universal Theme
 
Plugins unplugged
Plugins unpluggedPlugins unplugged
Plugins unplugged
 
Challenges going mobile
Challenges going mobileChallenges going mobile
Challenges going mobile
 
5 x HTML5 worth using in APEX (5)
5 x HTML5 worth using in APEX (5)5 x HTML5 worth using in APEX (5)
5 x HTML5 worth using in APEX (5)
 
Oracle APEX URLs Untangled & SEOptimized
Oracle APEX URLs Untangled & SEOptimizedOracle APEX URLs Untangled & SEOptimized
Oracle APEX URLs Untangled & SEOptimized
 
Browser Developer Tools
Browser Developer ToolsBrowser Developer Tools
Browser Developer Tools
 
Responsive Web Design & APEX Theme 25 (OGh APEX World 2014)
Responsive Web Design & APEX Theme 25 (OGh APEX World 2014)Responsive Web Design & APEX Theme 25 (OGh APEX World 2014)
Responsive Web Design & APEX Theme 25 (OGh APEX World 2014)
 
"Native" Apps with APEX and PhoneGap
"Native" Apps with APEX and PhoneGap"Native" Apps with APEX and PhoneGap
"Native" Apps with APEX and PhoneGap
 
Apex & jQuery Mobile
Apex & jQuery MobileApex & jQuery Mobile
Apex & jQuery Mobile
 
Face off apex template and themes - 3.0 - k-scope11
Face off   apex template and themes - 3.0 - k-scope11Face off   apex template and themes - 3.0 - k-scope11
Face off apex template and themes - 3.0 - k-scope11
 
Responsive Web Design & APEX Theme 25
Responsive Web Design & APEX Theme 25Responsive Web Design & APEX Theme 25
Responsive Web Design & APEX Theme 25
 
Confessions of an APEX Design Geek
Confessions of an APEX Design GeekConfessions of an APEX Design Geek
Confessions of an APEX Design Geek
 
Oracle APEX & PhoneGap
Oracle APEX & PhoneGapOracle APEX & PhoneGap
Oracle APEX & PhoneGap
 

Recently uploaded

Mastering Windows 7 A Comprehensive Guide for Power Users .pdf
Mastering Windows 7 A Comprehensive Guide for Power Users .pdfMastering Windows 7 A Comprehensive Guide for Power Users .pdf
Mastering Windows 7 A Comprehensive Guide for Power Users .pdf
mbmh111980
 

Recently uploaded (20)

CompTIA Security+ (Study Notes) for cs.pdf
CompTIA Security+ (Study Notes) for cs.pdfCompTIA Security+ (Study Notes) for cs.pdf
CompTIA Security+ (Study Notes) for cs.pdf
 
Workforce Efficiency with Employee Time Tracking Software.pdf
Workforce Efficiency with Employee Time Tracking Software.pdfWorkforce Efficiency with Employee Time Tracking Software.pdf
Workforce Efficiency with Employee Time Tracking Software.pdf
 
AI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning FrameworkAI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning Framework
 
StrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi.pdf
StrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi.pdfStrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi.pdf
StrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi.pdf
 
Crafting the Perfect Measurement Sheet with PLM Integration
Crafting the Perfect Measurement Sheet with PLM IntegrationCrafting the Perfect Measurement Sheet with PLM Integration
Crafting the Perfect Measurement Sheet with PLM Integration
 
Mastering Windows 7 A Comprehensive Guide for Power Users .pdf
Mastering Windows 7 A Comprehensive Guide for Power Users .pdfMastering Windows 7 A Comprehensive Guide for Power Users .pdf
Mastering Windows 7 A Comprehensive Guide for Power Users .pdf
 
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product UpdatesGraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
 
Naer Toolbar Redesign - Usability Research Synthesis
Naer Toolbar Redesign - Usability Research SynthesisNaer Toolbar Redesign - Usability Research Synthesis
Naer Toolbar Redesign - Usability Research Synthesis
 
Lessons Learned from Building a Serverless Notifications System.pdf
Lessons Learned from Building a Serverless Notifications System.pdfLessons Learned from Building a Serverless Notifications System.pdf
Lessons Learned from Building a Serverless Notifications System.pdf
 
AI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in MichelangeloAI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in Michelangelo
 
How to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabberHow to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabber
 
Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024
 
Malaysia E-Invoice digital signature docpptx
Malaysia E-Invoice digital signature docpptxMalaysia E-Invoice digital signature docpptx
Malaysia E-Invoice digital signature docpptx
 
IT Software Development Resume, Vaibhav jha 2024
IT Software Development Resume, Vaibhav jha 2024IT Software Development Resume, Vaibhav jha 2024
IT Software Development Resume, Vaibhav jha 2024
 
5 Reasons Driving Warehouse Management Systems Demand
5 Reasons Driving Warehouse Management Systems Demand5 Reasons Driving Warehouse Management Systems Demand
5 Reasons Driving Warehouse Management Systems Demand
 
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdfMicrosoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
 
COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...
COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...
COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...
 
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
 
Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...
Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...
Facemoji Keyboard released its 2023 State of Emoji report, outlining the most...
 
Odoo vs Shopify: Why Odoo is Best for Ecommerce Website Builder in 2024
Odoo vs Shopify: Why Odoo is Best for Ecommerce Website Builder in 2024Odoo vs Shopify: Why Odoo is Best for Ecommerce Website Builder in 2024
Odoo vs Shopify: Why Odoo is Best for Ecommerce Website Builder in 2024
 

APEX & Cookie Monster