How to Secure Showjobs Web Command in A Non Secured Reports Server in Oracle Report 11g
(Doc ID 1242614.1)
Last updated on MAY 02, 2023
Applies to:
Oracle Reports Developer - Version 11.1.1.1.0 to 11.1.2.2.0 [Release 11g]Information in this document applies to any platform.
Goal
The goal of this Support Note is to configure the webcommandaccess element that specifies access permission for rwservlet keywords (Web commands) for a non-secure server to avoid that all end users have access to the SHOWJOBS Reports Server page and be able to open/view all report outputs.
There is another option to configure Reports Security Policies for web commands that enables you to specify the servers, Web command, and user role combinations for which you want to define security policies (more granular method) that allows you to specify which users and roles can run which Web commands.This option is not covered in this Support Note.
This support note will answer the following question configuring the webcommandaccess element for rwservlet.
Is there any way to protect SHOWJOBS Reports Server page that only an authenticated user or an Admin user have access to open/view confidential reports?
In a non secured Reports server all users have access to the SHOWJOBS Reports Server page and if there are confidential reports then that information will be exposed.
SHOWJOBS URL Example
SHOWJOBS Page Example
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Goal |
| Solution |
| References |