15.10 Forms and Reports Security Recommendations

The following security model is recommended for applications using Reports and Forms.

If Reports is Using Portal-Based Security

If Reports is using JAZN security

If Reports is using JPS-based security, by default, an in-process server uses the embedded ID store of WebLogic Server as the ID store and an XML-based Policy store. A standalone server uses JAZN-XML. Forms uses Oracle Internet Directory based authentication for security. In this scenario:

  • It is recommended that you configure Reports to use Oracle Internet Directory-based ID store. Forms and Reports should use the same Oracle Internet Directory.

    For more information about configuring external Oracle Internet Directory, see, Configuring External Oracle Internet Directory for In-Process Servers, and Configuring External Oracle Internet Directory for Standalone Servers

  • It is recommended that you migrate reports policies from JAZN-XML to JAZN-OID. Forms and Reports should use the same Oracle Internet Directory.

  • It is recommended that you enable Single Sign-On

    Perform the following steps to enable Single Sign-On:

    1. Log in to Oracle Enterprise Manager.

    2. Navigate to the Reports Application page.

    3. From the Reports menu, select Administration > Advanced Configuration.

      The Reports Application Advanced Configuration page is displayed.

    4. From the Reports Security window, select the Enable Single Sign-On check box.

    5. Click Apply.