Oracle Analytics Named a Leader in the 2025 Gartner® Magic Quadrant™ Oracle Analytics whas been recognized as a Leader in the 2025 Gartner Magic Quadrant for Analytics and BI Platform
Oracle Analytics New Product Roadmap June 2025 Oracle Analytics June '25 roadmap: OAC & FDI updates, fresh look, enhanced features.
Join the Oracle Analytics & AI Community Happy Hour at Oracle AI World! Secure your spot for a limited-seating, private happy hour at Oracle AI World to network with peers and Oracle experts!

Oracle Transactional Business Intelligence Idea Lab

Security concern due to visible password while calling "PublicReportService"

Submitted

Views

Comments

Priya Gupta-184819 Rank 1 - Community Starter

Nov 5, 2020 9:40PM edited May 8, 2025 10:26PM in Oracle Transactional Business Intelligence Idea Lab

Organization Name

King County

Description

OIC interface is calling the OTBI public report service SOAP wsdl "https://serverURL.oraclecloud.com/xmlpserver/services/PublicReportService?wsdl"
OTBI is requiring the password as cleartext in the request payload and there is not going to be a secure solution for this use case. The username/password should not be part of payload rather it should be part of header (Basic Authentication)

Regards

Priya

Use Case and Business Need

This is a major security concern as prod password is visible and can be misused.

Original Idea Number: 185b66b90f

1 votes

MFA for Oracle Community

Oracle Transactional Business Intelligence Idea Lab

Categories

Security concern due to visible password while calling "PublicReportService"

Organization Name

Description

Use Case and Business Need

Submitted · Last Updated Mar 30, 2023 7:16PM