The examples we have walked through up to this point allow anyone with access to the URL that begins execution of Discoverer Plus to create, modify, and delete Discoverer Workbooks and Worksheets. Limiting unauthorized access to Discoverer Plus and Discoverer Viewer by validating users through Oracle s Single Sign-On mechanism is a relatively simple process, but it requires modification of an Apache configuration file on the server. In the $ORACLE_HOME/Apache/Apache/conf directory, a file named mod_osso.conf needs the following modifications (back up the file before modifying it):
Open the file mod_osso.conf file located on the middle tier .
Find the following line: # # Insert Protected Resources: .................
Add the following lines immediately after the line mentioned in step 2:
<Location /discoverer/plus> require valid-user AuthType Basic </Location> <Location /discoverer/viewer> Header unset Pragma OssoSendCacheHeaders off require valid-user AuthType Basic </Location>