Oracle Analytics Publisher

Home Oracle Analytics Oracle Analytics Forums Oracle Analytics Cloud and Server Oracle Analytics Publisher

Categories

Welcome to the Oracle Analytics Community: Please complete your User Profile and upload your Profile Picture

issue while accessing the report from 3rd party application which is integrated with OBI 12.2.1.4

Received Response
81
Views
15
Comments
2»

Answers

  • [Deleted User]
    [Deleted User] Rank 7 - Analytics Coach

    Hello Manoj

    Thank you for the document. Your using Oracle BI Publisher issue should be clearer with that description. I will move the thread over to the Bi Publisher forum.

  • Gianni Ceresa
    Gianni Ceresa Mod

    @ManojWadhwa ,

    I didn't read the doc you posted, but if you are looking at Publisher embedding, keep an eye on this :

    https://community.oracle.com/products/oracleanalytics/discussion/21391/embedding-oracle-publisher-report-content-into-applications

    I believe that if/when an answer is provided there you could probably benefit from it.

  • ManojWadhwa
    ManojWadhwa Rank 2 - Community Beginner

    Hi Gianni,

    SSO is by default enabled in OBI version 12.2.1.4, and this is the main cause of the issue for which report url prompts for login credentials.

    in older version of OBI i.e. 12.2.1.3 SSO is not enabled by default and it allows to create the guest user which help to call the report url without prompting for the credentials.

    regards

    Manoj

  • ManojWadhwa
    ManojWadhwa Rank 2 - Community Beginner

    Hi Gianni,

    SSO is by default enabled in OBI version 12.2.1.4, and this is the main cause of the issue for which report url prompts for login credentials.

    in older version of OBI i.e. 12.2.1.3 SSO is not enabled by default and it allows to create the guest user which help to call the report url without prompting for the credentials.

    regards

    Manoj

  • Gianni Ceresa
    Gianni Ceresa Mod

    I know that the lightweight SSO changed from not existing at all, to being there but not enabled by default to enabled by default.

    A similar example to what you say is: "I want Internet Explorer as browser, and it's there by default in my Windows 7. Now I updated to Windows 10 and it isn't there anymore. How can I have Internet Explorer?". Well … no luck it is end of life and has been removed.

    Features change over versions, and the lightweight SSO is a key requirement for the product to work, because DV (VA) is a big part of the product and it does require the lightweight SSO. Then it become even more important, to the point that disabling the lightweight SSO will "break" the product.

    For many years the system was "abused" by passing credentials in the URL and using that as a form of "guest" account. But it doesn't mean that this was the official way the product was meant to be embedded. It just happened to work and be often very simple.

    The issue was a security risk because you are passing credentials in an unsecured way in URL that can be logged by various layers etc.