Oracle Forms 12.2.1.4.0 - New Security Handling for userid
Posted by Dirk Nachbar on Tuesday, October 01, 2019
In the latest Oracle Forms 12.2.1.4.0 Release, Oracle has implemented a new cool feature for security handling of the userid parameter.
Classically within the formsweb.cfg you are defining your section for your Forms Application, e.g.
Classically within the formsweb.cfg you are defining your section for your Forms Application, e.g.
# # The values for userid are provided in cleartext [demo] WebUtilArchive=frmwebutil.jar,jacob.jar WebUtilLogging=off WebUtilLoggingDetail=normal WebUtilErrorMode=Alert WebUtilDispatchMonitorInterval=5 WebUtilTrustInternal=true WebUtilMaxTransferSize=16384 baseHTML=webutilbase.htm baseHTMLjpi=webutiljpi.htm archive=frmall.jar lookAndFeel=oracle form=test.fmx userid=scott/tiger@prod
Now, with Oracle Forms 12.2.1.4.0, after you started the AdminServer of your Oracle Forms & Reports 12.2.1.4.0 environment, the value for the parameter userid will be automatically encrypted.
This is managed via the new parameter forms.userid.encryption.enabled=true for $EXTRA_JAVA_PROPERTIES inside the $DOMAIN_HOME/bin/setDomainEnv.sh script.
After you have started up your AdminServer the value for the parameter userid inside the formsweb.cfg will be encrypted:
#
# After the startup of the AdminServer the value
# for the parameter userid is encrypted
[demo]
WebUtilArchive=frmwebutil.jar,jacob.jar
WebUtilLogging=off
WebUtilLoggingDetail=normal
WebUtilErrorMode=Alert
WebUtilDispatchMonitorInterval=5
WebUtilTrustInternal=true
WebUtilMaxTransferSize=16384
baseHTML=webutilbase.htm
baseHTMLjpi=webutiljpi.htm
archive=frmall.jar
lookAndFeel=oracle
form=test.fmx
userid={AES}E/vW+IIt0wtgdExtevDqrg==
Categories: Oracle, Oracle Forms 12c
