Category Archive for "Security"

APEX 5 New Authorization Evaluation Point Features

In APEX 4 you can define Authorization Schemes. This is a very useful feature to prevent code repetition all over the place. For instance and Authorization Scheme “Is Admin” might use a select on one or more tables (or web

Read More
APEX 5 New Substitution Syntax Features

You’ve probably all heard about XSS, a.k.a. Cross Site Scripting. One of the ways you make yourself vulnerable to XSS is by creating JavaScript in your APEX applications that accepts unescaped user input – either direct or data retrieved from

Read More
APEX 5 New Runtime API Lockdown Features

In APEX 4.x the developer could implement a feature that involves a call to the APEX API. E.g. you could create new pages on the fly if you would like to (just examine an export file for the how-to). You

Read More
Automatically Add License Protection and Obfuscation to PL/SQL

Yesterday we released the new version 2.0 of our product PFCLObfuscate. This is a tool that allows you to automatically protect the intellectual property in your PL/SQL code (your design secrets) using obfuscation and now in version 2.0 we have

Read More
Using LDAP for Authentication and Authorization within APEX

One of my current customers would like to use their LDAP (Microsoft Active Directory) server for authentication and authorization of APEX applications. Of course we tried to set up a standard LDAP Authenication that’s available within APEX. But we couldn’t

Read More

Check and Secure your Apex application

How secure is your application??   Have a look at the following blog posting to see some items where to check your Apex application. http://recxltd.blogspot.com/2011/10/securing-oracle-apex-big-bad-blog-part.html http://recxltd.blogspot.com/2011/10/securing-oracle-apex-big-bad-blog-part_14.html

Read More