Skip to Main Content

Oracle Forms

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Form compilation issue - R12 FORMS_PATH

VinodAug 23 2011 — edited Aug 24 2011
Hi Gurus,

I have a slightly tricky issue.
We have a custom form ABC.fmb in 11.5.10 and it working fine.
Now we have copied/converted the same to R12, but it does not compile in linux.
When I open it in Forms Builder 10g in windows, it compiles perfectly.

I believe it is something to do with my FORMS_PATH environment variable.
Should it be
$AU_TOP/resource;$AU_TOP/resource/stub;

OR

$AU_TOP/resource;$AU_TOP/resource/stub; $AU_TOP/forms/US;

From the errors, I can see it is failing to load APPSTAND.fmb.

Any pointers pls.

Thanks,
Vinod

Comments

843854
Typically yes, clear text, the JDBC spec does not make assumptions as to what the driver does with the password. The encryption needs to be negociated by the server and the jdbc driver. Check if your back-end supports password encryption, then check if the jdbc driver supports that feature. Type 4 means that the driver implements the network protocol to "speak" to the dbms in java. So the whole thing (Driver plus network library) is in written in java.

hth.
843854
I'm a bit new to Java but it seems there's a security issue here ... I'm using a Mysql web server and would like to write a client front-end in Java for misc. users.

I'm not worried about the passwords being sent because these are encrypted but I'm worried about the fact that passwords in Java pseudocode (compiled classes) are plain text. Well with most development languages this is true, strings are stored in plain text. But Java is very unlike the other languages: Java pseudocode can easily be decompiled.

From what I've read, obfuscators only make decompiled pseudocode harder to read but they do not protect strings.

My question is: is there a way to protect the connection strings ? or at least the passwords ? Something can certainly be done but what ?
843854
I reallty need an answer here please !

Thanks !
I reallty need an answer here please !
And what would the question be?

If you distribute a java application that can connect to your database regardless of how you encrypt it I can hack it and get to your database.

So your choices are:
-Don't worry about it. Trust your users. Maybe back up a lot.
-Don't distribute the piece that talks to the database. Use a front end that talks to a server. That server actually talks to the database. This is one of the points of a web server.

843854
Hey ,

I am also trying same thing... I am using JDBC type 4 driver to connect to SYBASE/Oracle/MS SQL Server 2000. Password is just a plain text while transmitting.How can I encrypt this.

Thanks for any help.

Sreenivas
843854


hello,

Just read the usermanual of the JDBC Driver you are using. There should be some options that can be set via the jdbc url or jdbc properties. If you are sure that the DB supports password encryption.. i guess MSSQL does.. , and you cannot find out the options in the JDBC driver, make a call to their tech support and ask if they supports it.

-Jer
843854
Thanks Jer...

Yes... MS SQL supporting password encryption but not Oracle & Sybase... Is there any way to handle this encryption issue for these two DB's also.

Thanks in advance
Sreenivas
843854
Yes... MS SQL supporting password encryption
cryption but not Oracle & Sybase... Is there any way
to handle this encryption issue for these two DB's
also.
The password is always encrypted when using Oracle thin or oci driver. Oracle also has the ability to encrypt the text using oci.
843854
Here is an additional link on how to encrypt DATA using the Oracle thin driver.
843854
Thanks a lot...... where is the link?
843854
Thanks a lot...... where is the link?
Didn't you mean, where is the link please? :)

Sorry, here you go:

http://otn.oracle.com/sample_code/deploy/security/files/secure_thin_driver/readme.html
843854
Of course my friend.. Thanks A LOT once again ;)
843854
Can anybody help on how to encrypt the password while transmitting to SYABASE Data Server using JDBC driver

Thanks
Sreenivas
843854
Sreenivas,
To support encryption, the sybase driver should be used with SSL (Security Sockets Layer).
Wouldn't it just be easier to keep the database and application server in a secure domain?
843854
Wouldn't it just be easier to keep the database and
application server in a secure domain?
Can you say "n-Tier Architecture": boys and girls?
... I knew you could. ;-)
1 - 16
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Sep 21 2011
Added on Aug 23 2011
1 comment
777 views