This discussion is archived
1 Reply Latest reply: Apr 26, 2013 5:40 AM by Michael Ferrante (Oracle) RSS

Oracle forms server HTTP Traffic Encryption/Encoding

1005104 Newbie
Currently Being Moderated
There is an applet based application which I am accessing through oracle forms server. I am trying to capture the HTTP requests getting transmitted form applet client to forms server. The values of HTTP headers in the request like User-Agent, Host, Accept, Proxy-connection etc. are in plain text but the body is in some non-human readable form. A sample body of the HTTP request is: *è#µÛ+¯n¾Ìö€ +å*'É(Ïÿ*
What kind of encryption or encoding is been used here and can it be switched off so that the I can view the body of the HTTP request?
  • 1. Re: Oracle forms server HTTP Traffic Encryption/Encoding
    Michael Ferrante (Oracle) Guru Moderator
    Currently Being Moderated
    Unless you are using a very old Forms version, Forms messages are obfuscated and not encrypted. Encryption was used when Forms used its own "server". To encrypt the traffic in any of the newer versions (9.x+) you need to enable SSL. Enabling SSL has nothing to do with Forms and is a function of the web server (e.g. OHS).

    To expose the obfuscated traffic, set FORMS_MESSAGE_ENCRYPTION=FALSE

    In the future, please indicated exactly which product versions you are using when posting questions. Also not that terms like 10g, 6i, 12c, are not product versions. These are part of the product name. A product version should include at least 4 sets of numbers (e.g. 10.1.2.3)

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points