Category list

Securing OracleAS Discoverer 10g

Securing OracleAS Discoverer 10 g

The examples we have walked through up to this point allow anyone with access to the URL that begins execution of Discoverer Plus to create, modify, and delete Discoverer Workbooks and Worksheets. Limiting unauthorized access to Discoverer Plus and Discoverer Viewer by validating users through Oracle s Single Sign-On mechanism is a relatively simple process, but it requires modification of an Apache configuration file on the server. In the $ORACLE_HOME/Apache/Apache/conf directory, a file named mod_osso.conf needs the following modifications (back up the file before modifying it):

Open the file mod_osso.conf file located on the middle tier .
Find the following line: # # Insert Protected Resources: .................

Add the following lines immediately after the line mentioned in step 2:

<Location /discoverer/plus>
require valid-user
AuthType Basic
</Location>
<Location /discoverer/viewer>
Header unset Pragma
OssoSendCacheHeaders off
require valid-user
AuthType Basic
</Location>

Summary

OracleAS Discoverer 10 g gives end users incredible flexibility when viewing complex reports over the Web. By having the complex aspects of SQL encapsulated in the Discoverer End- User Layer, you enable end users to manipulate reports without having to master the intricate details of SQL syntax. By giving end users the power to manipulate reports, multiple benefits are realized, including these:

Empowering end users to make decisions quicker and with greater confidence
Decreased burden on programming, QA, and implementation staff
Increased understanding of data through the use of graphs
The ability to export data into tools like Excel for further analysis and reporting

OracleAS provides a production-quality web-based development environment, Discoverer Plus, which decreases Total Cost of Ownership (TCO) by reducing licensing fees and maintenance fees involved in maintaining client PC configurations. Discoverer Plus provides wizards for virtually every aspect of Discoverer report development, allowing developers to change aspects of their reports on the fly before saving the finished product to the database. As Discoverer Workbooks and Worksheets are stored within the database, viewing them over the Web requires no conversion work whatsoever, something that is not true for Oracle Forms and Oracle Reports.

Discoverer Viewer is a powerful web-based application that allows end users to view Discoverer Workbooks and Worksheets over the Web. All advanced Discoverer features used in Discoverer Plus, such as drill- downs and LOVs, are available to end users in Discoverer Viewer. Discoverer Viewer includes a powerful export feature that allows end users to export Discoverer data into various formats for further analysis or reporting.

The features, along with OracleAS Discoverer 10 g ˜s integration with Oracle Identity Management and Oracle Web Cache, make Discoverer a true world-class solution for virtually any organization s reporting needs.

Chapter 6: Deploying Oracle Tools to the Web

Overview

A book with Oracle Web Development in the title would be of use mainly as a paperweight if it didn t discuss the issues and methods surrounding deploying and running applications over the Web. Up until this point, we have looked at development tools that were not specifically created for the development of web-enabled applications (IV, which discuss Oracle Portal and Java respectively, will discuss development environments that have their basis in web deployment). This potential limitation is mitigated by the advanced features of Oracle Application Server 10 g that provide developers and administrators the ability to serve these components over the Web in an environment that is secure, stable, and scalable. This chapter will discuss techniques for deploying these components in such a way as to minimize the impact of moving to a deployment architecture that is fundamentally different from the client/server architecture you may be accustomed to. As we will see, Oracle has made a great effort to make the transition of these legacy applications to the Web simple, while giving developers and administrators all of the benefits of web-based applications.

Note

It is important to note that when discussing web applications in this chapter, we are referring to intranet-based or extranet-based web applications. Due to performance, download times, footprint, and JInitiator requirements, it is not practical to deploy these applications in an Internet environment.

Note	In this chapter, Form(s) with a capital F refers to the form(s) developed with the Oracle Forms Builder tool that comes as part of the Oracle Development Suite as opposed to an HTML form, and Report(s) with a capital R refers to reports developed with Oracle Reports .

If Oracle provides environments such as Oracle Portal and tools such as JDeveloper that have their basis in web deployments, why even bother with tools such as Oracle Forms, Oracle Reports, and Oracle Discoverer? There are many reasons for this (discussed in the appropriate chapters), but some of the prevalent reasons include:

Legacy applications and legacy knowledge. The move to the Web greatly decreases administration costs, particularly for large installations where many users are spread over a large distance. Keeping the client machines (which probably have different versions of operating systems, different service packs , etc.) consistent enough to allow all of them to run Oracle s tools (Forms runtime, Discoverer Desktop, etc.) can be daunting at best and impossible at worst. Moving applications to the Web allows system administrators to simplify their deployment environments, but does your organization have the resources to rewrite all of your applications in a web-based tool such as Oracle Portal or Java? Most organizations will not take on the task of rewriting all of the applications that drive their business for the Web. In many organizations, the knowledge regarding the business rules and practices of the organization has been accumulated by developers that do not have the skills in Oracle Portal or Java to translate those business rules into web-based applications quickly without a significant investment in training.
Tool feature set incompatibilities and complexity. Oracle Portal has wizards that allow the development of forms and reports, but these Portal components do not have all of the functionality of the respective Oracle Forms and Oracle Reports products. Oracle JDeveloper 10 g allows complete control of all aspects of your application, but has a much higher learning curve.
Impedance mismatch. This term refers to the inherent difficulties between working with an object-oriented language such as Java and the relational aspects of a relational database such as Oracle. Oracle provides an extremely robust tool called TopLink that simplifies and eliminates many of the barriers of communication between Java and Oracle, but it is one more tool that your developers will need to be trained on.

In Chapter 1, we discussed the different types of Oracle Application Server 10 g installations. You will recall that there were three different types of installations:

J2EE and Web Cache Provides a HyperText Transfer Protocol (HTTP) server and Oracle Application Server Containers for J2EE (OC4J) containers for the deployment of Java applications.
Portal and Wireless Provides all of the components in the J2EE and Web Cache installation plus support for wireless devices and the Oracle Portal environment.
Business Intelligence and Forms Includes support for serving Oracle Forms, Oracle Reports, and Oracle Discoverer workbooks and worksheets over the Web. This chapter focuses on the Business Intelligence and Forms features of Oracle Application Server 10 g .

In Chapter 14). There are many issues when moving these components to the Web, not the least of which is the fundamental architecture change from client/server to web deployment. This chapter addresses the major issues and provides a road map for a seamless transition of Oracle Forms, Reports, and Discoverer workbooks and worksheets to the Web.