Another non Ext JS related post, we’ll be back on topic soon, we’ve just had a few disruptions recently. Today’s post focuses on security. 
It’s great that in 3.2 we get some extra security features for max session length and max session idle time, but sometimes you need to get out the big stick for users you want to immediately lock out of your application. A simple technique is to create an application level process that runs before header and use some code/design based on the following code extract…
--
-- If the account is locked then we log them out immediately
--
IF r_user_details.account_locked = 'Y' THEN
owa_util.redirect_url(v('LOGOUT_URL'));
END IF;
The user will be logged out and redirected to the login page when they either branch to another page or refresh the current page within the application.
Note: Just make sure it doesn’t run on your login page, i.e. add a condition on the process based on “Current Page is Not in ….”
