Oracle Web Server security

From: Robert Gordon <rgordon_at_acpub.duke.edu>
Date: 1997/03/07
Message-ID: <33202661.58491296_at_news.duke.edu>#1/1

I want to put digest security on one of the services that retrieves sensitive data for internal users. I've defined digest security for the listener, put the privileged id MGR_USER into a privileged group MGR_GROUP and it into a realm MGR_REALM. And I've set security for the vpath to the cgi directory containing owa.exe and representing the name of the privileged service, ie the URL is:

http://www.myserver.com:8000/mgr_user/owa/procname

directory mapping is

c:\orant\ows10\bin /mgr_user

and service is defined for MGR_USER with an appropriate Oracle Id/pw with privileges to select from the secured table.

In the protection section of ows8000.cfg:

file		type		realm
----		-------		---------
/mgr_user	DIGEST	MGR_REALM

I though I coverec all the bases. But even though I get a security pop up window warning me about unsecrued data being transferred (the one with the checkbox disabling seeing the message again) I do not get prompted for ID and password. So I assume the report service is not secured.

What am I missing?

BTW I'm using Webserver 1.0 and BTW, the Oracle documentation stinks.

Does Webserver 2.x have features worth shelling out the extra $$$$ for?

Thanks

Robert Gordon Received on Fri Mar 07 1997 - 00:00:00 CET

This message: [ Message body ]
Next message: ObjectSearch Group: "SR. ORACLE DEVELOPER - PERM - TORONTO"
Previous message: Shawn Odekirk: "Re: Controlling MDI window in forms 4.5"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message