Removing Opensso Version as X-DSAMEVersion Attribute From the Http Headers
(Doc ID 1442144.1)
Last updated on MARCH 08, 2017
|This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.|
Some people might find this as being a sensitive information about the version and name of security product (Sun AM/OpenSSO in this case) that they are running with, and some would like the product to possibly remove this info as captured from the HTTP Headers.
An example from a captured info of this as from the HTTP Headers is :
"X-DSAMEVersion: Oracle OpenSSO 8.0 Update 2 Patch1 Build 6.1(2010-November-11 07:56)"
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!