Oracle Transactional Business Intelligence Idea Lab

Welcome to the Oracle Analytics Community: Please complete your User Profile and upload your Profile Picture

Security concern due to visible password while calling "PublicReportService"

91
Views
8
Comments

Organization Name

King County

Description

OIC interface is calling the OTBI public report service SOAP wsdl "https://serverURL.oraclecloud.com/xmlpserver/services/PublicReportService?wsdl"
OTBI is requiring the password as cleartext in the request payload and there is not going to be a secure solution for this use case. The username/password should not be part of payload rather it should be part of header (Basic Authentication)


Regards

Priya

Use Case and Business Need

This is a major security concern as prod password is visible and can be misused.

Original Idea Number: 185b66b90f

Tagged:
2
2 votes

Submitted · Last Updated

Welcome!

It looks like you're new here. Sign in or register to get started.

Comments

Welcome!

It looks like you're new here. Sign in or register to get started.