Non-Authenticated Users Can Access Content Web URL Content in WebCenter Content: Records (WCCREC)
Last updated on FEBRUARY 07, 2018
Applies to:Oracle WebCenter Content: Records - Version 10.1.3.5.0 and later
Information in this document applies to any platform.
In the URM application, if any user obtains the Web URL for a piece of content within the URM application, they are able to view the item without any prompt to log into the system. No errors are thrown.
Steps to replicate
1. Set the option: "SpecialAuthGroups=Public"
2. Create 3 supplemental markings: M1, M2, M3
3. Check in 3 items; one to each supplemental marking
4. Obtain the web URL for one of the items
5. On a new machine, ensured that you are not logged into WCCREC
6. Copied the web URL into the browser.... the content was displayed with no login challenge
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms