Skip to Main Content
Forums

DevOps, CI/CD and Automation

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Reports Security - SSO and custom security authorization

524285Jul 20 2006 — edited Aug 23 2006
Currently, we have 3000+ reports deployed on web using SSO authentication. We are now required to add additional level of security so not all in the company can access the reports but only certain workgroups. We have these userids in a table already, so we are looking for a way to pass the SSO user info and do a authorization check against a table. We don't want to touch all 3000 reports to do this so looking for an answer that can be done on the application server side or before report is ran. We are still required to use SSO. Any suggestions would be appreciated.

Comments

392879
You can achieve this using reports plugin security. You have to implement Reports security interface and provide custom implementation. SSO userid will be passed automatically to security plugin and you can perform authorization check in jobCommandCheck method implementation.

Security API doc,
http://download-west.oracle.com/docs/cd/B14099_17/bi.1012/b14049/oracle/reports/server/Security.html

Details on reports security configuration
http://download-west.oracle.com/docs/cd/B14099_17/bi.1012/b14048/pbr_conf.htm#sthref247
524285
Thanks for the reply. The application server is shared with other LOB who do not require the additional security. Can we put authorization on a certain list of reports while all other reports deployed on the application server are just using SSO authentication?
406582
I was looking at the example
http://www.oracle.com/technology/products/reports/apis/plugSecurity/resources.html

where do I get the classes that are referenced in SecurityPlugin.java class?


package oracle.reports.plugin.security.xml;

import oracle.reports.server.Security;
import oracle.reports.server.Job;

import oracle.reports.RWException;
import oracle.reports.utility.Utility;
import oracle.reports.utility.CommandParser;

import java.util.Properties;
import java.sql.Time;

import java.io.FileReader;
import java.io.File;
import java.io.StringReader;
import java.io.FileNotFoundException;
import java.io.IOException;

// imports required for Oracle XML Parsers

import org.w3c.dom.NodeList;
import org.w3c.dom.Node;
import org.w3c.dom.NamedNodeMap;
import org.xml.sax.SAXException;

import oracle.xml.parser.v2.DOMParser;
import oracle.xml.parser.v2.XMLParseException;
import oracle.xml.parser.v2.XMLConstants;
import oracle.xml.parser.v2.XMLDocument;
1 - 3
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Sep 20 2006
Added on Jul 20 2006
#reports
3 comments
339 views