Categories
- All Categories
- 130 Oracle Analytics News
- 24 Oracle Analytics Videos
- 14.5K Oracle Analytics Forums
- 5.5K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 50 Oracle Analytics Trainings
- 8 Oracle Analytics Data Visualizations Challenge
- 4 Oracle Analytics Career
- 8 Oracle Analytics Industry
- Find Partners
- For Partners
Protecting Pages in Oracle BI EE from Attack
Dear Experts,
We are using OBIEE 12.2.1.4.x on window server 2016
1) What is the exact meaning of the Protecting Pages in Oracle BI EE from Attack ? what is the basic idea?
2)if we use below tag adding in to the instanceconfig.xml file that is the meaning of Protecting Pages in Oracle BI EE from Attack technically ?
<Security>
<InIFrameRenderingMode>prohibit</InIFrameRenderingMode>
</Security>
3) How to test weather protecting pages in obiee from attack? testing methods ?
Please check below doc for reference
Thanks
Answers
-
Hi,
Sorry to ask but, why do you want to mitigate something which maybe doesn't concern you?
Is your OBIEE publicly accessible?
3808468 wrote:Protecting Pages in Oracle BI EE from Attack
This doesn't literally mean anything.
In OBIEE I'm more scared by users being allowed to build analysis with 154 columns and dumping out millions of rows in Excel files than if somebody, inside the company network, will try to setup a fake page for clickjacking (https://en.wikipedia.org/wiki/Clickjacking ).
That setting will prevent OBIEE from being rendered in an iframe as the doc says. Some people used to embed OBIEE content into iframes to embed it into some portals or other websites. With that parameter in the instanceconfig.xml, embedding OBIEE by iframe will not work anymore.
0 -
+1'000
Wrong question from completely undefined starting point pretty much invalidates the question in itself.
Take 5 steps back and think about how your solution is architected.
0
