securing reports server
Hallo,
we use Oracle Application Server forms & reports 10.1.2.3 and we have a very mystic occurence:
We intended to secure the server with diagnostic=no and setting a password to die identifier attribute in the ORAHOME/reports/conf/server_name.conf file.
First we used this:
https://forums.oracle.com/forums/message.jspa?messageID=504821#504821
And this hasn't work. The reports stayed unsecure, the server status remained visible after first call with URL with password. We looked in the ORAHOME/reports/conf/server_name.conf file, the pasword was ecrypted after stop-start.
Then we set the pass in clear format in the dentifier attribute in the ORAHOME/reports/conf/server_name.conf file, stopped and started the server and called an request without any password. And then the password in the conf file was eccrypted, the reports became callable only with password and the server status call gets REP-52262. The server was a little bit better secured.