How To Secure Showjobs Web Command In A Non Secured Reports Server In Oracle Report 11g (Doc ID 1242614.1)

Last updated on NOVEMBER 07, 2016

Applies to:

Oracle Reports Developer - Version 11.1.1.1.0 and later
Information in this document applies to any platform.

Goal

The goal of this Support Note is to configure the webcommandaccess element that specifies access permission for rwservlet keywords (Web commands) for a non-secure server to avoid that all end users have access to the SHOWJOBS Reports Server page and be able to open/view all report outputs.

 

There is another option to configure Reports Security Policies for web commands that enables you to specify the servers, Web command, and user role combinations for which you want to define security policies (more granular method) that allows you to specify which users and roles can run which Web commands.This option is not covered in this Support Note.

 

This support note will answer the following question configuring the webcommandaccess element for rwservlet.

Is there any way to protect SHOWJOBS Reports Server page that only an authenticated user or an Admin user have access to open/view confidential reports?

In a non secured Reports server all users have access to the SHOWJOBS Reports Server page and if there are confidential reports then that information will be exposed.

SHOWJOBS URL Example

SHOWJOBS Page Example

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms