Securing Your EPM Workspace Production Environment

For security purposes, the following Oracle Hyperion Enterprise Performance Management Workspace parameters are disabled and are not available by default. To enable these parameters, set the Client Debug Enabled parameter in the Server Setting to Yes.

  • Configuration URL—See EPM Workspace Configuration Information for details about system configuration which requires administrative credentials to access.

  • EPM Workspace test modulewksp.widgets contains test cases and debugging utilities and is accessible when EPM Workspace is running in debug mode.

  • Client-side debug mode—Client-side debug console – pass debug = true, which is used for debugging purposes. This enables the debug console which shows client debug messages and also forces the application to use the uncrunched Javascript code.

EPM Workspace ships with uncrunched JavaScript code for troubleshooting.

To remove this code so that it cannot be accessed:

  1. Follow the instructions to Extracting a File in the EPM Workspace Web Application.

  2. Delete the .js files under bpmstatic/js and static/js that do not match the directory name in which they exist.

    For example, remove all files in /js/com/hyperion/bpm/web/common except for /js/com/hyperion/bpm/web/common/Common.js.

  3. Follow the instructions about Repacking a File in the EPM Workspace Web Application.

    Note that applying service fixes restores these files.