User name and password are passed on to
15.4.1 Authorization Process
Authorization occurs after a user is authenticated using Single Sign-On or Non-SSO Oracle Internet Directory-based, File-based in case of JPS-based security, and Embedded ID store methods. Once the user is authenticated, the report request must go through the authorization process, as shown in Figure 15–4 . Figure 15–4 Authorization Process Flow The following numbered steps map to the numbers in Figure 15–5 :1. Reports Server validates the user privileges against the policies defined in the
Policy Store. Reports Server validates the user privileges against the policies defined in Policy Store JAZN-XML, LDAP, or Portal repository by the user. Reports Server checks whether the user has the necessary privileges to run the report on the parameters specified in the Policy Store. If the validation check fails for any reason, then an error condition is returned to the user and the process terminates.2. If the user is authorized to execute the report, Reports Server executes the report
request and passes the report output to rwservlet. Note: If Oracle Portal is configured to perform authorization, and the report request is launched from within Oracle Portal rather than rwservlet, Oracle Reports will similarly validate the users privileges on the report before running it. Even for unauthenticated PUBLIC users viewing public pages, Oracle Reports Services verifies that the PUBLIC user account has appropriate privileges on the report. Note: If the user is executing rwservlet Web commands such as showjobs and getserverinfo, instead of executing a report, Reports Server verifies and authorizes the user based on Policy Store settings. Securing Oracle Reports Services 15-15 Reports Server delegates the job to an engine that accesses the data source, retrieves the data, and formats the report.3. Report output is passed to Oracle HTTP Server
.4. Report output is passed to the user
. The completed output is sent to the specified destination. Depending upon the destination, the output may be served back to the browser as shown in Figure 15–5 , sent to a printer, stored in a file for future reference, sent to an FTP server, and so on.15.4.2 Additional Step When Using JPS for Authorization
Reports policies are granted to application roles. You must associate all users in your ID store embedded ID store of Oracle WebLogic Server or an external Oracle Internet Directory with one of the Reports application roles. You must add the oracle.security.jps.enterprise.user.class property in the jps-config-jse.xml file. In Enterprise Manager, you can complete this task as follows:1. Navigate to the WebLogic Domain menu.
2. Choose Security Application Roles.
The Application Roles page is displayed. In this page, you can map users to application roles. Alternatively, you can complete this task by manually editing the DOMAIN_ HOMEconfigfmwconfigsystem-jazn-data.xml file. This step is required if you want to use JPS to authorize your users in Oracle Internet Directory. Search for the reports application in the XML file and add a user in the members section. For example, to add a user called orcladmin, add: member classweblogic.security.principal.WLSUserImplclass nameorcladminname member15.4.3 Defining Security Policies for Reports
Out-of-the-box, default users, roles, and permissions are already created. As administrator, you can specify the reports to which a particular user has access by defining a security policy for each report. In the security policy, you can also specify the server, destination name desname, destination type destype, and other parameters. The security policy is checked when the user provides the user name and password.15.4.3.1 Defining Security Policies for JPS-Based Security
Refer to Section 7.8.2, Defining Security Policies for Reports to use Oracle Enterprise Manager to update the report security policies.15.4.3.2 Defining Security Policies for Portal-Based Security
For Portal-based security, you can create a security policy in Oracle Portal. For more information, see the Securing Oracle Portal in the Oracle Fusion Middleware Administrator’s Guide for Oracle Portal.Parts
» Oracle Fusion Middleware Online Documentation Library
» Oracle Reports Client Oracle Reports Runtime
» Oracle Reports Servlet Introduction to Oracle Reports
» Oracle Reports Server Introduction to Oracle Reports
» Overview Oracle Reports Services
» The Oracle HTTP Server, a Web server provided by Oracle Fusion Middleware. It
» The module mod_weblogic, used by the Oracle HTTP Server to redirect requests
» The module mod_osso, used by the Oracle HTTP Server to connect to Single
» Oracle Reports Servlet Oracle Reports Services Components
» The Custom Tag Handler, which processes custom Oracle Reports tags included
» The Reports Server rwserver, which processes client requests, including
» The Reports Server Cache, which securely stores completed job outputs.
» The Reports Engine, which includes components for running SQL-based and
» The pluggable data sources, a set of design-time and runtime Java APIs that
» The pluggable engines, which are custom engines that use Java APIs to pass jobs
» Oracle Reports Services Runtime Process
» Click OK, and follow the instructions getServerRef
» runReport executeReport getServerRef Oracle Reports Services Communication Architecture
» Server Discovery Using the COS Naming Service
» Choosing the Types of Requests You Will Service
» Choosing Oracle Reports Servlet, JSP, or Web Services
» Choosing Single or Multiple-Machine Configurations
» Maintaining High Availability Setting Up a High Availability Environment
» From the Reports menu, select System MBean Browser.
» Select rwservlet from the list.
» Configuring Reports Server for High Availability
» Enter a valid folder name in the Cluster Cache Directory fiel Click Apply.
» Using Oracle Enterprise Manager
» Checking Oracle Reports Servlet
» Checking Reports Server Verifying the Reports Server Environment
» Backward Compatibility and Interoperability
» Understanding the Oracle Fusion Middleware Installation Structure Granting Access to RWbuilder
» Overview of the Oracle Fusion Middleware Upgrade Assistant
» Overview of the Upgrade Process
» What is Upgraded? Oracle Fusion Middleware Online Documentation Library
» Summary of the Upgraded Files
» For More Information Oracle Fusion Middleware Online Documentation Library
» From the Reports Server main page, navigate to Reports Control menu, and
» Alternative Methods of Starting and Stopping Reports Server
» Starting and Stopping the Oracle Reports Bridge from the Command Line
» Set the TNS_ADMIN environment variable to your TNS_ADMIN directory.
» Starting Reports Standalone Server
» Starting and Stopping the COS Naming Service
» Starting, Stopping, and Restarting Oracle Reports Components Using Oracle Enterprise Manager
» Starting and Stopping the In-process Reports Server Using Oracle Reports Servlet
» Configuring Reports Server for Oracle Enterprise Manager
» Viewing the Component Topology
» Starting, Stopping, and Restarting Oracle Reports Components
» Log in to Oracle Enterprise Manager.
» Navigate to the Reports Server Home Page.
» From the Reports menu, select Administration Basic Configuration
» In the Reports Server Parameters content pane, enter the name of the mail server
» Select the Enable SSL for Mail Server checkbox if the mail server is secure.
» Enter the mail server username and CSF key of the password in the Mail Server
» Defining Oracle Enterprise Manager Administration Roles
» From the Reports menu, select Reports Jobs Jobs Page.
» Enter desired information in the Owner, Output Type, and Output Format fields
» Log in to Oracle Enterprise Manager. Navigate to the Reports Server Home page see
» Perform any available operation on any job.
» From the Reports menu, select Reports Jobs Schedule New Job.
» Click Submit to schedule a job.
» From the Reports menu, select Administration Advanced Configuration.
» In the Reports Security section, check Enable Security, then select Security
» From the Reports menu, select Administration Manage Reports Security
» Log in to Oracle Enterprise Manager. Navigate to the Reports Application Home page see
» Click Create or Edit to enter appropriate values for the elements on the page.
» Click Apply. Enabling and Disabling Single Sign-On
» Log in to Oracle Enterprise Manager and navigate to WebLogic Domain
» Use the button Delete to remove a selected item key or map in the table. Note
» Click Create Map to display the Create Map dialog.
» Click OK to return to the Credentials page. The new credential map name is
» Click Create Key to display the Create Key dialog.
» In this dialog, select a map from the pull-down list Select Map where the new key
» Click OK when finished to return to the Credentials page. The new key is shown
» From the Reports menu, select Administration FormsReports Common
» In the Diagnostics section, change the Log Options to TRACE:1 and click Apply.
» From the Reports menu, select Log View Log Messages to view the log
» Problems Viewing Reports Metrics When Reports is Configured for Secure Sockets Layer SSL
» Click the Certificate Path tab and select the first entry in the list of certificates.
» Click View Certificate to display a second Certificate dialog box.
» Click the Details tab on the Certificate window.
» Click Copy to File to display the Certificate Manager Export wizard.
» In the Certificate Manager Export wizard, select Base64 encoded X.509 .CER
» Log in to Oracle Enterprise Manager. Navigate to the desired component’s home page see
» From the Reports menu, select Logs View Log Messages.
» View the trend metrics; that is, how many errors of each type Incident Error,
» Use the search options available in the page to search inside log files with various
» Log in to Oracle Enterprise Manager. Navigate to the component’s home page see
» From the Reports menu, select Logs Log Configuration.
» Click Apply Configuring Log Levels
» Modifying Reports Server Audit Configuration
» Registering Pluggable Destinations with Reports Server
» Configuring Proxy Information Oracle Fusion Middleware Online Documentation Library
» Displaying a Consolidated Job Queue
» In the High Availability Parameters section, in the Cluster Cache Directory field,
» When should I use the Oracle Fusion Middleware System MBean Browser?
» About Reports Configuration MBeans
» Modifying Reports Configuration Settings Using the System MBean Browser
» Change the Maximum Log File Size MB and Maximum Size of all Log Files
» Diagnosing Font Issues Diagnosing Issues
» Oracle Reports Services Configuration Files
» Reports Server Configuration Elements
» Dynamic Environment Switching Reports Server Configuration File
» Oracle Reports Servlet Configuration Elements
» remoteBridge Start the Oracle Reports Bridge.
» remoteBridges Start the Oracle Reports Bridge.
» Network Configuration Elements Network Configuration File
» Editing the Server Configuration File
» opmn.xml Entering Proxy Information
» Creating a New Reports Server
» Creating a New Bridge Component Type
» About BPEL Overview of SOA Integration
» Using RWWebservice to Submit Jobs to the Reports Server
» Optimizing the Deployment of Reports
» Sample system-jazn-data.xml File
» Configuring Reports Managed Server Enabling HTTPS for Oracle Reports
» Fonts in Oracle Reports Builder
» Specifying Aliasing Information Font Aliasing
» Font Aliasing Mechanism Font Aliasing
» Font Aliasing File Verification
» Unicode Type1 Fonts Font Types
» Verifying Report Output on Different Platforms
» Running a Unicode Report using TTFTTC Fonts
» General Printing Mechanism UNIX Printing Overview
» Oracle Reports Printing Mechanism on UNIX and Windows
» Printing Support UNIX Printing Overview
» Installing a Printer on UNIX
» Environment Variables Configuring the Printing Environment
» Overview of Files Printer-Related Files
» PPD Files Printer-Related Files
» HPD Files Printer-Related Files
» Font Metrics Files Printer-Related Files
» uifont.ali Printer-Related Files
» uiprint.txt Printer-Related Files
» Editing the Printer-Related Files
» Setting Up a Single Server for Printing
» Multibyte Character Set Printing
» DEBUG_SLFIND Debugging Options
» TK_DEBUG_POSTSCRIPT Debugging Options
» ScreenPrinter Removing DISPLAY and Printer Dependencies on UNIX
» Advanced Imaging Support Removing DISPLAY and Printer Dependencies on UNIX
» If you have multiple printer queue entries in uiprint.txt and you want to set
» PCL Printing Issues Frequently Asked Questions
» PostScript Printing Issues Frequently Asked Questions
» Click OK. The Paper Layout view should now be able to read the boundary.
» Compression PDF Features Included in Oracle Reports
» Choose Edit Preferences Page Display. Select Smooth Text, Smooth Line Art, and Smooth Images.
» Font Feature Summary Click OK.
» Precedence of Execution PDF Features Included in Oracle Reports
» In Acrobat Writer 6.0 or later, open the PDF document.
» Select Document Security Restrict Opening and Editing.
» In the password prompt, enter the appropriate password as specified in
» In the dialog box that displays, make desired changes to passwords and
» Accessibility Taxonomy PDF Features Included in Oracle Reports
» Font Subsetting Generating a Bidirectional BiDi PDF File
» Font Aliasing Generating a Multibyte PDF File
» Set NLS_LANG=JAPANESE_JAPAN.JA16SJIS or JA16EUC on UNIX
» Set the REPORTS_PATH environment to the font directory in which the TrueType
» Open the uifont.ali file and edit the [PDF:Subset] section to specify the
» Font Subsetting Generating a Barcode PDF File
» Font Lookup Overview of the Font Model
» Font Availability On Different Platforms
» Development platform Fixing Font-Related Issues
» Deployment platform Fixing Font-Related Issues
» Same comment holds for all the subsequent sections where you have asked to
» Client platform Fixing Font-Related Issues
» Create a new report. While creating your report ensure that you leave additional
» Copy all the TTF and TTC files, which are used in the report, to the REPORTS_
» Remove any unnecessary aliasing from the uifont.ali file. For example, Arial is
» Run the Report. Deploying Your Report
» The PPD file that you modified should be picked up. If it is not picked up it is
» The AFM files that you have copied to AFM directory should be picked up
» Frequently Asked Questions Generating HTMLCSS, RTF, or Web Output
» Designing Your Report Generating Single-Byte PDF Output
» Copy the Windows TTF files that you have used in your report to the fonts
» Add the path to the TTF files in the REPORTS_PATH environment variable. This
» Designing Your Reportin Pre-11g Version That Uses Motif Tool Kit Mechanism
» Locate the TTF files corresponding to the fonts used in your report. Convert these
» Post-conversion, remove the .afm extension in the AFM file name. For example:
» Frequently Asked Questions Generating Multibyte PDF Output
» Designing Your Report in Pre-11g Version That Uses Motif Tool Kit Mechanism
» Deploying Your Report Frequently Asked Questions
» Pluggable Destinations from Oracle Forms Services.
» Submitting Reports to Pluggable Destinations from Oracle Forms Services
» JDBC Configuration File Configuring and Using the JDBC PDS
» Oracle Reports Builder rwbuilder.conf Reports Server: jdbcpds.conf
» Oracle Reports Builder rwbuilder.conf
» Reports Server: jdbcpds.conf
» jdbcpds.conf Oracle Fusion Middleware Online Documentation Library
» Running a JDBC Report Using Oracle Reports Services
» Text Configuration File Configuring and Using Text PDS
» Overview Introduction to Oracle Reports Security
» Resources Protected Introduction to Oracle Reports Security
» Credential Store Introduction to Oracle Reports Security
» Out-of-the-Box Behavior Oracle Fusion Middleware Online Documentation Library
» User requests the report through a URL
» Oracle HTTP Server routes the request to rwservlet deployed on Oracle rwservlet
» User name and password are passed on to
» Reports Server authenticates the user that is, verifies the user name and
» Authentication Scenarios for JPS-Based Security
» Authentication Scenario for Portal-Based Security
» Report output is passed to Oracle HTTP Server
» Report output is passed to the user
» Navigate to the WebLogic Domain menu.
» Choose Security Application Roles.
» Defining Security Policies for Reports
» In the Permissions field, enter the permissions.
» Log in to Enterprise Manager.
» Navigate to the Reports Application home page.
» From the Reports menu, select Security Application Roles.
» In the Role Name field, enter the name of the application role to search.
» Click the right arrow button to search application roles.
» End-to-End Security Scenarios Oracle Fusion Middleware Online Documentation Library
» Recommended Production Scenario for JPS-Based Security
» Recommended Production Scenario for Portal-Based Security
» From the Domain Structure window on the left pane of the console, select
» Click the Users and Groups tab.
» Click New to add users. Click OK.
» Enter appropriate values in the Security Configuration for Reports page. Click OK
» Click Configure. Configuring External Oracle Internet Directory for In-Process Servers
» Provide the Oracle Internet Directory and JPS root node details and click OK.
» Log in to Oracle Enterprise Manager. Navigate to your Reports Application home page.
» From Reports menu select Administration Reports OID Association.
» Click OK. Reassociating Reports with Oracle Internet Directory
» Under jpsContext name=default add the following: Under serviceInstances, add the following:
» Under serviceProviders, add the following: Save and restart WLS_REPORTS.
» Forms and Reports Security Recommendations
» Intermediate-level Security for Forms and Reports
» Using DAS and Editing the Server Configuration File
» Configuring Proxy User Authentication in the Database
» Obtaining Proxy Access Information
» Configuration Settings in Reports Configuration Files
» Security Features Provided by Oracle Portal
» Security Interfaces Oracle Fusion Middleware Online Documentation Library
» Default Reports-Related Groups Creating Reports Users and Named Groups
» Portal Password in Credential Store
» On the Server Definition page: Click Next.
» Optional Enter a Custom Destination Type, if you have defined a custom Click Next.
» Optional Enter the Availability Calendar name or click the list button to select
» Click Finish. Registering a Reports Server
» Click Close to close this page and return to the Oracle Reports Security page.
» Log in as an administrator to Oracle Portal.
» Click the Oracle Reports Security Settings link in the Oracle Reports Security
» Click the Create Reports Definition File Access link in the Reports Definition
» On the resulting page, the Name internal name and the Portal DB Provider
» Click Next. Registering a Report
» Select the Parameter Form Template and click Preview Template to see what the
» Define the limits for the reports existing parameters on the Optional Parameters
» Navigate to the Builder page.
» Click the Create Reports Printer Access link in the Reports Printer Access
» On the resulting page, the Name internal name and Portal DB Provider fields
» Click Next. Registering a Printer
» Click Finish. Click Close to close this page and return to Oracle Portals Oracle Reports
» Click the Create Reports Simple Calendar Access link in the Reports Calendar
» On the resulting page, the Name internal name and Portal DB Provider fields Click Next.
» Optionally, enter a description of the calendar under Description.
» Click Next. Creating an Availability Calendar
» On the DateTime Availability page, define the parameters for the calendar:
» On the Summary page, click the Show Calendar button to preview your
» On the Summary page, click Finish to complete the availability calendar.
» Creating a Combined Availability Calendar
» Click the Create Reports Combined Calendar Access link in the Reports Calendar
» Optional Enter a description of the Availability Calendar in the Description field.
» On the Selection page, highlight the calendars on the Availability Calendars list
» Click the right arrow to move the selected calendars to the Selected Availability
» On the Exclude page, highlight the calendars on the Availability Calendars list
» Click the right arrow to move the selected calendars to the Excluded Availability
» On the Summary page, click the Show Calendar button to preview your calendar.
» Click Finish to complete creation of the combined calendar.
» Click Close to close this page and return to Oracle Portals Oracle Reports
» The Manage Portlet Registering Oracle Reports Components
» Creating a Provider for Your Reports
» If you are not already on the Builder page, click Builder at the top of the page.
» In the Page Groups portlet, choose the name of the page group in which you want
» Create a new page by clicking Create a Page or edit an existing page by entering
» In the page region where you wish to add your report portlet, click the Add
» Drill down through the Portlet Repository to the provider that contains the report
» Click the name of your report portlet to add it to the Selected Portlets list.
» Click OK. Adding the Report Portlet to a Page
» Click Customize in the upper right corner of your report portlet.
» Enter parameter values in the Parameter tab and, if desired, schedule the job to
» Run a report with the following URL:
» In Oracle Portal, go to the page specified in the URL and make sure the report is
» Click Customize at the bottom of the Develop tab for the report. Connecting to Oracle Portal
» In the 9.0.4 IM ORACLE_HOME, open the following file in a text editor:
» Prerequisites Oracle Fusion Middleware Online Documentation Library
» Oracle Identity Management and OracleAS Single Sign-On Infrastructure
» Launch Oracle Delegated Administration Services and go to the Home tab.
» Click the Configuration tab.
» Click the Preferences sub tab and you should see a page similar to the one in
» Under Default Resource Access Information, click Create.
» Click Next. Enabling and Disabling Data Source Security
» Click Submit. Enabling and Disabling Data Source Security
» Login as the administrator orcladmin.
» Under Configure Resource Type Information, click Create and you should see a
» Click Submit. Your resource type is created and you can now reference it in the
» Connecting to Oracle Internet Directory
» Oracle Reports Servlet The Reports URL Syntax
» Transfer the report file RDF, REP, XML, or JSP and its associated files for
» Running a Report with a Paper Layout
» Deploying a JSP Report to the Web and to Paper
» Running a JSP-Based Web Report from a Browser
» Running a JSP report with a Paper Layout
» Running with the WE8MSWIN1252 Character Set on UNIX
» Publishing a Report in Oracle Portal
» Specifying a Report Request from a Web Browser
» Sending a Request to the URL Engine
» Running Reports Through a Web Service
» From your present working directory, run the following command:
» Create the ReportsTools directory as follows:
» Copy the tools-logging.xml file as follows:
» Copy the tools-log-template.xml file as follows:
» Copy the rwnetwork.conf file as follows:
» Replace the following macros in the copied files:
» Understanding Key Mapping Using a Key Map File
» Enabling Key Mapping Using a Key Map File
» Adding Key Mapping Entries to a Key Map File
» Using a Key with Non-JSP Reports
» Using a Key with a Report Run as a JSP
» Additional Parameters Overview Oracle Fusion Middleware Online Documentation Library
» Start a Oracle WebLogic Server instance, where the Oracle Reports instance
» Enter the following URL in the address field of your browser:
» View the Oracle Reports Web service WSDL.
» Click the WSDL link on the RWWebService Web page to view the Oracle Reports
» From the Operation drop-down list, select getAPIVersion.
» Navigate to the Test Web Service page in Oracle Enterprise Manager. See steps 1-3
» From the Operation drop-down list, select getServerInfo.
» runJob Click Test Web Service.
» From the Operation drop-down list, select runJob.
» Using RWWebServiceUtil to Test RWWebService
» Distribution Overview Oracle Fusion Middleware Online Documentation Library
» The distribution.dtd File Using Variables Within Attributes
» destinations Elements of a Distribution XML File
» foreach mail Elements of a Distribution XML File
» body Elements of a Distribution XML File
» attach Elements of a Distribution XML File
» include Elements of a Distribution XML File
» file Elements of a Distribution XML File
» printer Elements of a Distribution XML File
» destype Elements of a Distribution XML File
» property Elements of a Distribution XML File
» foreach Examples Distribution XML File Examples
» mail Examples Distribution XML File Examples
» file Examples Distribution XML File Examples
» printer Examples Distribution XML File Examples
» destype Examples Distribution XML File Examples
» Using a Distribution XML File at Runtime
» Delimited Output Limitations with Using Distribution
» Dynamic Format Values Limitations with Using Distribution
» Creating and Manipulating a Parameter List
» Including non-ASCII Characters in Parameter Names and Values
» Submitting a Job The Event-Driven Publishing API
» Checking for Status The Event-Driven Publishing API
» Debugging Applications that Use the Event-Driven Publishing API
» Invoking a Report from a Database Event
» Creating a Queue That Holds Messages of Type SRW_PARAMLIST
» Creating the Dequeuing Procedure
» Customization Overview Oracle Fusion Middleware Online Documentation Library
» Required XML Tags Creating XML Customizations
» Changing Styles Changing a Format Mask
» Adding Formatting Exceptions Creating XML Customizations
» Creating Multiple Data Sources Linking Between Data Sources
» Creating Group Hierarchies Within Each Data Source
» Creating Cross-Product Matrix Groups
» Creating Formulas, Summaries, and Placeholders at Any Level
» Creating Parameters Creating XML Data Models
» Applying an XML Report Definition at Runtime
» rwbuilder Debugging XML Report Definitions
» Writing XML to a File for Debugging
» Defining the Language and Territory
» Character Set Design Considerations If you are designing a multilingual
» Font Aliasing Considerations There may be situations where you create a
» DEVELOPER_NLS_LANG and USER_NLS_LANG Environment Variables
» Specifying a Character Set in a JSP or XML File
» Modify the page directive to read
» Enhanced BIDI Reshaping Bidirectional Support
» Translating Applications Troubleshooting Globalization Issues
» Diagnosing Engine Crashes Logging Enhancements
» Oracle Enterprise Manager Performance Analysis Tools
» About WLST Performance Analysis Tools
» listLogstarget=opmn:instance1ohs1 displayLogstail=100
» displayLogsquery=ECID equals Logging-Related WLST Commands
» Metrics Related WLST Commands
» Audit Configuration WLST Commands
» Tracing Report Execution Performance Analysis Tools
» Load the rw_server.sql file to a database this file is included with your Oracle
» Set the repositoryconn property of the jobStatusRepository element in
» SHOWJOBS Command Line Keyword
» Efficient SQL Performance Analysis Tools
» PLSQL Performance Analysis Tools
» Java Stored Procedures Performance Analysis Tools
» The Java Importer Performance Analysis Tools
» Tuning Reports Server Configuration
» Non-SQL Data Sources Accessing the Data
» Database Indexes Accessing the Data
» Calculations Accessing the Data
» Redundant Data Accessing the Data
» Break Groups Accessing the Data
» Group Filters Accessing the Data
» Paper Layout Formatting the Data
Show more