| Oracle® Retail Merchandising Security Guide Release 15.0 E65442-01 |
|
 Previous |
 Next |
Customization and extending capabilities is an important part of any application. This chapter discusses how to securely implement customizations and extensions such that they do not jeopardize application security.
If customization is required it should be done in such a way that no built-in explicit security features would be circumvented. For example, many VO queries in ReIM use RMS data security views. These queries should not be modified to expose data by removing the usage of the view. It is recommended to perform secure code analysis after code customization to identify potential secure coding standard violations.
If additional integration credentials are required, the customization should store them in the Secure Credential Store along with all other ReIM credentials. Credential population should be done by the script provided with the application.
