Hide Userid/Password in URL

Similar Messages

• How can we hide userid & password from browser

  How can we hide the userid,password and connectionstring from the address bar of explorer when we run 9i forms on browser

  Ok - I have 9.0.4 and I want to disable this hiding of password, as I have the follwing problem: Forms creates a temporary local file which contains javascript. Per default in xp service pack 2 it is not allowed to run javascript from local file. Is there any parameter in webforms.cfg to disabel the creation of this temporary file?

• Hide UserID, Password, and Report Path when call Report from Report

  Hi,
  I have been able to call Report from Report using the hyperlink.
  I put these code in my Field on the Report caller.
  function F_3FormatTrigger return boolean is
    temp varchar2(2000);
  begin
    temp := 'http://<computer_name>:8889/reports/rwservlet?';
    temp := temp || 'server=repsrv' || '&' ||
                       'report=C:\MyReport\rep_detail.jsp' || '&' ||
                       'userid=scott/tiger@orcl' || '&' ||
                       'desformat=htmlcss' || '&' ||
                       'destype=cache' || '&' ||
                       'P_1=' || :ItemID || '&' ||
                       'P_2=' || :ItemName;
    SRW.Set_Hyperlink(temp);
    return (TRUE);
  end;The hyperlink showed, and I can see the rep_detail.jsp showed in the same browser after I clicked the hyperlink.
  The problem is, the hyperlink has to include the reports path and also userid and password.
  If I did not put the userid and password, it will showed in another browse that
  "The report has uncompiled PL/SQL"
  How can I hide those userid, password, and the reports path?
  BTW, Is there anyway to show the report callee in different page (precisely, open another IE) from the report caller?
  Any help would be grateful.
  Many thanks,
  Buntoro

  Hi,
  Thanks for the answers.
  Yet, I am still doubt about using cgicmd.dat.
  I have looked around in this forum saying that it is not secure to use cgicmd.dat. Because all report request does not use authentication (the client can directly open report without login).
  In Form, I can use the On-Logon to do the Oracle Form login (to do logon to the database), and then I use my own custom user login to restrict the menu for each user.
  I do this since I want to restrict the user,
  i.e user A can only view the sales form as well as sales report,
  user B can only view the purchasing form as well as purchasing report.
  Well, I am not so fond about the SSO itself.
  It comes to my mind, since I don't have to re-login (to the database) each time I call another form (login database is only once at the first Form, On-Logon). It also goes to when calling the report caller.
  What is RAD?
  How can we use it?
  Is OID = Oracle Internet Directory?
  If true, maybe, I won't use it since I don't understand about it also.
  Why we don't have to specify the userid and password when Form calls Report1 (using Run_Report_Object and Web.Show_Document())?
  But we have to specify the userid and password when Report1 calls Report2.
  Any help is appreciated.
  Many thanks,
  Buntoro

• Hide userid on unsecured report in report 10g

  I am using unsecured report on 10g and using servlet implementation. How can I hide userid/password from URL - looking for a solution in server setting? Thanks

  Hello,
  You can specify userid= in the URL, the DBAUTH HTML page will be displayed.
  else you can use the CGICMD.DAT to store the parameter userid=user/password@db
  Regards

• How to hide Dynamic Parameter userid/password prompts on infoview

  Hi,
  I want to hide Userid/password for each dynamic parameter, which gets prompts while refreshing or scheduling a report
  I do enter userid and password at CMC->database level but when report has dynamic parameter it still does prompts for each parameter.
  Please advise.
  Megha

  I tried what you suggested..
  Well I run into different error now while refreshing report suing dynamic prompt.
  Error says 'List of Values failure: fail to get values.[Cause of error:Failed to the connetion.ProductName]
  ProductName is my dynamic Parameter.
  Please advise.
  thanks
  Megha

• How can I hide the password and user name in url???

  Hi experts,
  I'm creating a login page and know I have a problem.
  The Username and password are verified in a Java class, after checking the user and password, the user should be linked to the portal.
  So far everything has worked well.
  But when I call the lin like this
  res.sendRedirect ("/ irj / portal j_user =" + UserN + "& j_password =" + passw);
  then the user name and Pwasswort appears in the url.
  Can someone tell me how can I hide the password and user name???
  It will be very helpful.
  Thank you
  Edited by: Cilvaring on Aug 5, 2011 12:00 PM

  If there is no specific reason that you have to use sendredirect...thne you can try request.forward.....
  RequestDispatcher rd = request.getRequestDispatcher("pathToResource");
    rd.forward(request, response);

• Hide password in url?

  We are parsing connection-information to Discoverer so that the user does not have to log in themselves. But in the url you can se
  username, password and database name.
  How do I hide the connect string in the URL, or at least show the password as *****?

  The Password cannot be hidden unless and otherwise you are using Oracle Portal, The reason is that in Oracle Portal which has the concept of Single User Login, enables you to hide the Password and not in other web Servers.
  Thanks,
  Selva.

• Convert a web service which has userid/password hard coded......

  Hi,
  We have created a web service in our ECC 5.0 abap system. In SICF we hardcoded the userid/password, the web service works fine and can be called successfully to read the required data from SAP.
  Now we wish to change the process so that the users calling the web service have to pass their userid/password, now things don't work!!
  How do we change things around to the new format?
  Options we are considering are as follows:
  1) Change the function module so that it has import parameters of userid and password (don't think this will work!)
  2) Somehow update the wsdl file so that it includes userid/password, is this possible?
  3) SICF/wsconfig/wsadmin config, but don't know what to do though!!
  Any ideas anyone?
  Thanks.

  > Now we wish to change the process so that the users calling the web service have to pass their userid/password
  1. Do you want to have authorize access to webservice or,
  2. do you want to user supply user/password as a parameter within service.
  for 1st you don't have to do anything just goto SOAMANAGER transaction and select basic http authentication for service endpoint. Every user who want to access (even url of wsdl) need to supply user/password.
  for 2nd option you can integrate user/password field in FM but you need to include code which check and confirm if they are valid credential.
  Regards,
  gourav

• I want hide userid/pass when run forms app...

  i use sql*forms3.0 -_-;;;;
  i want hide userid/pass when run froms program.
  ex1) runforms30 fromname ( id/pass )
  ex2) runrep reportname ( id/pass )
  everyone show id/pass when this typing.
  "ps -ef | grep forms"
  Does someone knows if it is possible ?
  Thanks

  Though I did not use forms 3.0, you can try using on-logon trigger (if it exists in 3.0)
  At on-logon trigger write logon('username@connectstring', 'password'). Then mentioning (id/pass) is not required with runforms30. Check it out!

• Hide oracle password on Unix command line call?

  Does anyone know whether you can hide the password for a command line call to rwrun60 under Unix? For other Oracle products like sqlplus you can hide the password by supplying it using the redirection operator. i.e. sqlplus userid @script &lt;&lt;EOD and then put the password or password@sid on the next line and then EOD on the 3rd line to end the redirection. This virtually hides the password from anyone able to look at processes on the system. Can this also be done for rwrun60? If you just put the userid after userid= will reports prompt you for a password?

  Take a look at http://java.sun.com/features/2002/09/pword_mask.html.
  Hope this helps,

• Retrieving data from a password protected URL

  Hi guys,
  I was hoping that someone might be able to advise me on how to read data into java from a password protected URL. The first page has a "login" area, where the username and password must be supplied before access to the next pages are allowed. It is from these following pages that I wish to get the data.
  I have a user name and password, and when I log in the usual way no cookie is created, nor is the username or password displayed as a part of the URL. Therefore, when I run my HTML parsing program to parse those pages, I get a message saying that I have to login first.
  You can have a look at the site should you wish (I strongly advise this to get an understanding of the problem): http://news.ft.com/home/uk/
  If anybody has some source code that could resolve this issue, I would be terribly grateful.
  Thanks!

  Hi.
  Usually you should be able to access
  password-protected sites using a URL of the
  form:http://username:[email protected]
  -page.com/If you're trying to access those sites without using a
  browser, you still have to encode the username and
  password with base64-encryption, which is usually done
  by the browser.
  cheers,
  kelysarMy program accesses this site without using a browser.....
  In this case would you or anybody else be able tell me how to go through the process from start to finish? I just haven't got a clue!

• Use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature?

  Dear all,
  I am looking to setup the use of active directory userid/password authentication instead of SAP R/3 User/Password for digital signature. We SSO to the backened ABAP AS via an SAP NW Portal to which SPNEgo kerberos authentication is setup. Today we specify R3 user id/password to digitally approvae a lot release. The idea is to have users maintain one AD password and don't have to remember the R/3 password anymore and also our Security team to avoid password maintenance.
  I know there are 3 options for digital signature and
  System signature with authorization by user ID and password (We use this currently)
  Digital User signature with verification - (We would like to use this with AD userid/password, so the system still ask the users their AD userid/password for the authentication when they try to "sign" a document.)
  User signature without verification
  Do you think there is a way to configure the system in order to ask and check the active directory userid/password instead of SAP R/3 password? Where can I found documentation about it ?
  I have several different versions of AS ABAP starting from NW 7.02 to NW 7.31.
  My active directory is based on Windows 2008.
  Thanks in advance!!
  Dhee

  Actually enabling Kerberos for SSO purposes and enabling Kerberos for digital signatures are two different topics although the latter is because of the former. I'm interested in the topic as well and I'm currently looking at different options. SAP provides a BAdI for the digital signature API which can be used for external authentication but they do not provide the solution to invoke Kerberos authentication based on username and password. SAP provides a semi solution with NWSSO 2.0 SP2 which works only on Windows with classic dynpros meaning SAP GUI for Windows is assumed. The solution is based on an ActiveX component which does the actual Kerberos authentication using the Secure Login Client which is part of the NWSSO suite. Extending that implementation to non-Windows and non-GUI applications would require some sort of web enabled service that could be used to authenticate the user with username and password. In case authentication is successful, a Kerberos token would be returned to SAP which would then be validated. All the required pieces are there since SAP has Kerberos support now in both stacks of the NetWeaver Application Server, some bits are still missing though which leaves customers looking at 3rd party or custom solutions.

• What are the userid,password, and host name for oracle 9i?

  HI Guys.
  I am a research student at the University and the I recently downloaded Oracle 9i for my research. But the problems is also with seting it up. Please could you show me the userid, password, and host name for oracle 9i.
  Thanks in advance for your cooperations.
  Malinga R
  [email protected]

  I believe that starting with 9.2, you have to specify different passwords when you install (can't be the default).
  Justin

• Dynamic UserID/Password for file Adapter

  Hi,
  How to use dynamic UserId/Password for file adapter ?
  (Sender/Receiver)
  In our case the Id/Pwd of FTP Site changes freguently.
  Can anyone help.
  Thanks in Advance
  Regards
  Chemmanz

  Hi Chemmanz,
  >>>>In our case the Id/Pwd of FTP Site changes freguently.
  but do you have those passwords in the message payload?
  if not then you will still have to fill it somewhere right?
  BTW
  the only way would be to use java proxies and write a simple ftp adapter inside it (or your own adapter)
  but this is not possible in standard I believe
  Regards,
  michal

• Need work around for image gallery with password protected URLs

  Is there a way to display an image gallery that has password protected URLs?
  I can build the image gallery in Siena using an excel table with a list of the images and when I preview the app inside Siena I get the expected credentials prompt from IE, and I enter the credentials and the images load and display with their captions perfectly.
  There are 4-6 images in the gallery.
  When I publish and produce a store app, the app errors out with can’t connect and obviously fails on
      var GenericInitError = "The app could not connect to the server. Please try again later.",
          GenericInitTitle = "Network error";
  Most likely because Siena wants to preload everything and there is no way with preload to enter credentials.
  I am looking for any alternatives that would let me get around this.
  TIA
  -- Barb Bowman

  On Mon, 24 Mar 2014 05:10:01 +0000, Radu Gruian (MSFT) wrote:
  >One possible thing to do would be download and embed the images into your app, eliminating the need for password-based authentication.
  Nope. The app accesses a group of IP Security cameras. Static images would not
  make any sense. And authentication is required. Not negotiable.
  -- Barb Bowman