This content has been marked as final. Show 22 replies
You may be missunderstand me: i am login with user 1 which is assiged to role at runtime and i need to run reports by this user so i face that you have to set the role in the report also but for some reason i remove the setting option . And i try to pass the schema owner as parameter when calling reports my problem is the reports is not recognize to passing user but recognize only to login user .why ?
After re-reading what you posted, I don't fully understand the problem. It sounds like you are saying that by default, "user1" does not have permission to access the data needed to run the report. At runtime, you grant the needed permissions then attempt to run the report.
"... i face that you have to set the role in the report also but for some reason i remove the setting option . And i try to pass the schema owner as parameter when calling reports my problem is the reports is not recognize to passing user but recognize only to login user .why ? ..."Even more confusing is your code snippet that you provided. Why are you trying to pass the uname and password? Does your report use a parameter form? This would be the only reason to do this. Also, do you think it is really such a good idea to be granting permission at runtime then, I suspect trying to revoke it at runtime??? You do understand that if there is a failure before revoking occurs that the user will keep what you granted, unless you are doing this at the session level? I don't see this as a good approach. Create a view if you are concerned about users have editing permissions on the data. Granting and revoking at runtime seems sloppy in my opinion.
Anyway, if none of this gets you going in the right direction, I recommend providing more clear details about the problem. You should include complete product version information. Do not simply say something like "I am using 10g". This does not represent a version number or a particular product. Provide the db version and Forms/Reports version. Explain your goal. What are you trying to accomplish. Share more of the code, so we can see exactly what you are doing. In short, be specific. We don't know your application nor do we know what you are thinking.
Thanks for replay ,
I appreciate your help.
Oracle Form : 10.1.2.0.2
Oracle Database : 10.2.0.1.0.
lets review my issue again.
Suppose I have owner schema Scema1 (Which contain my Applications).
And I create more than one database user example : user1,user2 ....user_n.
At Runtime when any of the application users login i grant him a role using Dbms_Session.Set_Role , and i Revoke from him a role when the user exit from my application.
You notify to me that when the form crach the user still have granted to this role But you mention "unless you are doing this at the session level".What About Dbms_Session.Set_Role?
Ok lets back to my main quesion.
So to run also the report you have also grant role at report level.But I am facing problem in this area i can't set the role at report level " For Security Reason".
So i am go throw workaround solution which is passing the owner schema Schema as parameters using form parameter "User" with the password and the current database.then i encrypted it as you see in the code
but the problem is the report is not recognize to this user still recognize to current connect user not the passing parameter user I don't know why?
This is the part of passing schema owner as parameters
V_Hidden_Action := V_Hidden_Action ||'&user='
V_Hidden_Action := V_Report_Servlet||'?_hidden_server='||V_Report_Server_Name||F_1_Encode_Url(V_Hidden_Action);
--V_Hidden_Action := V_Report_Servlet||'?_hidden_server='||V_Report_Server_Name||V_Hidden_Action;
V_Report_Message := Run_Report_Object(V_Report_Object_Id,P_Param_List);
V_Rep_Status := Report_Object_Status(V_Report_Message);
If V_Rep_Status = 'FINISHED' Then
If V_OutPut_Val = 'Cache' Then
V_Job_id := SubStr(V_Report_Message,Length(V_Report_Server_Name)+2,Length(V_Report_Message));
Message('Error Runing Report');
Edited by: kingadmin on Sep 10, 2012 4:40 PM
kingadmin wrote:And what security reason might that be which doesn't allow you to change roles at runtime but doesn't care about passing the password of the schemaowner as plain text parameter in the URL?!?
But I am facing problem in this area i can't set the role at report level " For Security Reason".
Why don't you prefix your database objects with the schemaowner in your report or use private synonyms instead?