Home > Managing Application Security > Providing Security Through ... > Creating an Authorization S...
Before you can attach an authorization scheme to an application or an application component or control, you must first create it.
To create an authorization scheme:
On the Workspace home page, click the Application Builder icon.
Select an application.
On the Application home page, click Shared Components.
The Shared Components page appears.
Under Security, select Authorization Schemes.
Click Create.
Specify how to create an authorization scheme by selecting one of the following:
From Scratch
As a Copy of an Existing Authorization Scheme
Follow the on-screen instructions.
To edit attributes of an existing authorization scheme:
On the Workspace home page, click the Application Builder icon.
Select an application.
On the Application home page, click Shared Components.
The Shared Components page appears.
Under Security, select Authorization Schemes.
The Authorization Schemes page appears. By default, each scheme displays as an icon.
To access a detail view of all schemes, select Details from the View list.
The Authorization Schemes page appears. You can change the appearance of the page by making a selection from the View list. Available options include:
Icons (the default) displays each authentication scheme as a large icon. To edit an authorization scheme, click the appropriate icon.
Details displays each application item as a line in a report. To edit an authorization scheme, select the scheme name.
You can specify when your authorization scheme is validated in the Evaluation Point attribute. You can choose to have your authorization scheme validated once for each session or once for each page view.
Keep in mind, if you specify that an authorization scheme should be evaluated once for each session and the authorization scheme passes, the underlying code, test, or query will not be executed again for the duration of the application session. If your authorization scheme consists of a test whose results might change if evaluated at different times during the session, then you should specify that the evaluation point be once for each page view.
If an authorization scheme is validated once for each session, Oracle Application Express caches the validation results in each user's session cache. You can reset a session's authorization scheme state by calling the APEX_UTIL.RESET_AUTHORIZATIONS
API.
Calling this procedure nulls out any previously cached authorization scheme results for the current session. Be aware that this procedure takes no arguments and is part of the publicly executable APEX_UTIL
package.