Oracle® Application Server Personalization Administrator's Guide
10g Release 2 (10.1.2) B14050-01 |
|
Previous |
Next |
This chapter describes issues associated with Oracle Application Server Personalization (OracleAS Personalization) security and internationalization.
OracleAS Personalization follows the Oracle database server security policy. OracleAS Personalization implements the following measures:
Any data that needs to be protected is encrypted using standard Oracle security tools.
Transmission of sensitive data is encrypted between various OracleAS Personalization components.
The database administrator (DBA) grants access to qualified users.
The OracleAS Personalization Administrative user interface (UI) uses secure SSL technology to access the Oracle HTTP Server.
The DBA is responsible for creating database users and setting up proper privileges for them so that they can access OracleAS Personalization.
The OracleAS Personalization user is required to log in with a valid username and password over SSL to the remote customer database. For the OracleAS Personalization Schema Creation Wizard, the SSL encryption services are leveraged.
The Oracle Application Server application administrator needs to know the following in order to access the OracleAS Personalization component:
the customer database SYS password
the connect string information (TNS, Alias)
JDBC connection information (SID, HOST, PORT)
OracleAS Personalization controls user access by providing two database roles:
OP_ADMIN: This role allows the user to access the OracleAS Personalization product as an OracleAS Personalization Administrator. This means having access to the entire OracleAS Personalization product, including the Message Viewer.
OP_REPORT: This role allows the user to view OracleAS Personalization reports and access the Report Viewer URL (https://<hostname>:<port>/OP/Admin/ReportsPage
).
By default, the MOR schema owner (the user named MOR) is the OracleAS Personalization administrator, and thus has the full privileges to access the OracleAS Personalization product.
For new OracleAS Personalization users, the DBA can grant either full privileges (OP_ADMIN) or more limited privileges (OP_REPORT, access only to the OracleAS Personalization reports) as follows:
SQL> grant OP_ADMIN to <new_user>;
SQL> grant OP_REPORT to <new_user>;
For existing database users, the DBA must grant one of the two roles to allow the user access to the OracleAS Personalization product at the appropriate level.
By default, Oracle Application Server 10g does not enable SSL connections.
To enable SSL, you must edit the ORACLE_HOME/opmn/conf/opmn.xml
file and change ssl-disabled
to ssl-enabled
.
Then restart the opmn
managed processes using the commands
opmnctl stopall opmnctl startall
This section describes some issues associated with running OracleAS Personalization in an environment that supports more than one language or character set.
OracleAS Proxy Plug-in is designed to support many languages and character sets. In addition, the OracleAS Personalization UI, the online help for the UI, and all OracleAS Personalization messages are translated by Oracle into several European and Asian languages.
When OracleAS Personalization is installed, no default value is specified for NLS_LANGUAGE, an MOR configuration parameter. By default, OracleAS Personalization uses the same character set as the database character set (for databases of native character sets).
You can specify a value in NLS_LANGUAGE. OracleAS Personalization verifies that the value specified is supported and then uses it instead of the database default language for the server code.
If neither this value nor the database default indicates one of the supported languages, OracleAS Personalization defaults to AMERICAN. This value also specifies the language used for email notification.
Supported languages and their character sets are as shown in Table 2-1, below:
Table 2-1 Supported Languages and Their Character Sets
NLS Language | HTML_CHARSET |
|
---|---|---|
AMERICAN |
ISO-8859-1 |
US7ASCII |
FRENCH |
ISO-8859-1 |
WE8IS08859P1 |
GERMAN |
ISO-8859-1 |
WE8IS08859P1 |
ITALIAN |
ISO-8859-1 |
WE8IS08859P1 |
SPANISH |
ISO-8859-1 |
WE8IS08859P1 |
BRAZILIAN PORTUGESE |
ISO-8859-1 |
WE8IS08859P1 |
JAPANESE |
SHIFT_JIS |
JA16EUC |
KOREAN |
EUC-KR |
KO16KSC5601 |
SIMPLIFIED CHINESE |
GB2312 |
ZHS16CGB231280 |