1 Reply Latest reply: Apr 26, 2013 7:40 AM by Michael Ferrante-Oracle RSS

    Oracle forms server HTTP Traffic Encryption/Encoding

    1005104
      There is an applet based application which I am accessing through oracle forms server. I am trying to capture the HTTP requests getting transmitted form applet client to forms server. The values of HTTP headers in the request like User-Agent, Host, Accept, Proxy-connection etc. are in plain text but the body is in some non-human readable form. A sample body of the HTTP request is: *è#µÛ+¯n¾Ìö€ +å*'É(Ïÿ*
      What kind of encryption or encoding is been used here and can it be switched off so that the I can view the body of the HTTP request?
        • 1. Re: Oracle forms server HTTP Traffic Encryption/Encoding
          Michael Ferrante-Oracle
          Unless you are using a very old Forms version, Forms messages are obfuscated and not encrypted. Encryption was used when Forms used its own "server". To encrypt the traffic in any of the newer versions (9.x+) you need to enable SSL. Enabling SSL has nothing to do with Forms and is a function of the web server (e.g. OHS).

          To expose the obfuscated traffic, set FORMS_MESSAGE_ENCRYPTION=FALSE

          In the future, please indicated exactly which product versions you are using when posting questions. Also not that terms like 10g, 6i, 12c, are not product versions. These are part of the product name. A product version should include at least 4 sets of numbers (e.g. 10.1.2.3)