Categories
- All Categories
- 70 Oracle Analytics News
- 7 Oracle Analytics Videos
- 13.9K Oracle Analytics Forums
- 5.2K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 38 Oracle Analytics Trainings
- 56 Oracle Analytics Data Visualizations
- 2 Oracle Analytics Data Visualizations Challenge
- 2 Oracle Analytics Career
- 4 Oracle Analytics Industry
- Find Partners
- For Partners
How to hide Credentials when LWSSO is disable
Hi All
LWSSO is disabled and we don't want to enable; We are using Oracle forms 11g and opening our dashboards with webutil.client (dashboard URL) function. Our client raised objection that we should not display credentials on address bar as shown in Fig.1.
Is there any solution, Can we hide credentials?
Fig.1, Username and password is visible at Address bar
Answers
-
Implement a proper SSO, credentials will not need to be sent to OBIEE.
If you take the shortcut of using nqUser and nqPassword in the URL you accept by default to have the information available in the URL and exposed in various logs etc. as it isn't protected in any possible way.
0 -
+1 to Gianni. Using the username/password in the URL means you have chosen a solution which is unsecure by default.
In order to supply info on the LDAP approach you'd have to provide more info on your environment.
0 -
If we enable SSO then end user has to re-authenticate the BI login page for dashboard when open from oracle application by using webutil.client_host which is not acceptable to our end users.
Currently our end user is able to open his/her dashboard from our inhouse developed application menu and there is no re-authentication but credentials are visible at address bar.
0 -
Our organization is a cancer hospital, we have developed our inhouse application (6000+ front end objects) in oracle 11g forms and reports and database oracle 12c, application is called as "HMIS" (Hospital Management Information System). There are almost 200+ management end users at one location and there 10 locations right now who will use the dashboards for their routine job.
recently We started development in OBIEE and developed many dashboards (Financial, Clinical, Diagnostic and administrative) based on presentation layer of RPD for the management, management is happy to use these dashboards especially without re-authentication but our Quality Assurance department raised objection that credentials should not be visible --- I admit their concern is genuine.
If you need more information for LDAP approach suggestion please write.
0 -
Rai Qaiser Hussain wrote:If we enable SSO then end user has to re-authenticate the BI login page for dashboard when open from oracle application by using webutil.client_host which is not acceptable to our end users.
The point of an "SSO" is to have a "Single Sign On". Gianni said "proper SSO" which was an abbreviated way of saying
"Lightwweight SSO is not a full SSO and only covers the /analytics and /dv deployments inside an OBIEE implementation. Lightweight SSO is not an SSO for integration with other applications"
0 -
Rai Qaiser Hussain wrote:If you need more information for LDAP approach suggestion please write.
The key information was "Oracle Forms 11g". That means you need to SSO-enable both Oracle Forms and OBIEE.
Forms: https://docs.oracle.com/cd/E48391_01/doc.11120/e24477/sso.htm#FSDEP267
The main question obviously being: Is there an SSO which can cover both OBIEE and something as old as Forms 11g
0 -
Thanks, This document is lengthy, needs some time to understand and implementation, I shall update soon
0