Oracle Reports Server Oracle Application Server Tips by Burleson Consulting

The Oracle Reports server component allows for the fast deployment of reports, documents and spreadsheets, all using data from the Oracle database.  To achieve this function the Oracle reports server must interface with an Oracle9iAS instance (and Oracle Portal) to manage the incoming report requests and send the completed reports back to the requesting user. To understand the Oracle Reports server, let?s take a simple example and following the report steps (figure 1.12).

• Invocation - The Reports server is invoked via the end-user entering a URL (or clicking a link on a web page).

• Routing - The Oracle9iAS instance intercepts the HTML or XML request, and directs the request to the Reports CGI (or Reports servlets).

• Request validation - Oracle reports then parses the HTML or XML request and determines the report and the security rules for the report.  If secure, Oracle Reports send an HTML page back to the end-user to accept a user name and password.

• Execution - The verified request is then queued for execution in the Reports server. Please note that you can configure multiple runtime engines for each reports server.

• Formatting - Upon completion of the execution, the Reports server formats the output as HTML and forwards the completed report to the Oracle9iAS instance.

• Delivery - The Oracle9iAS instance then completes the request by sending the completed report to the end-user.

Figure 12: The Oracle9iAS Report Server at runtime

Oracle9iAS Single Sign-On (SSO)

Single Sign-On (SSO) allows a client to sign onto the application once and be automatically authenticated for other components within the application server and also to external applications if properly setup.  SSO provides a central authentication repository rather than having a separate authentication for each application on the server.  SSO uses the Infrastructure instance to validate a user as they move from application to application without forcing the user to reauthenticate. 

The SSO component interacts with the Oracle HTTP Server (OHS) and allows the formatting of single sign-on information as an open-source Apache header.  It is important to note that SSO only functions within the domain of your Oracle system.  Many distributed eCommerce systems communicate with third party portals, and SSO cannot be extended to service these external clients.  For example, and Oracle eCommerce site might need to process a payment request with Cybercash, and Cybercash would require its own, independent SSO mechanism.  Hence, many Oracle9iAS administrators must develop XML Data Type Definition (DTD) protocols for communication with external third-party systems.

We will be discussing SSO and other components of Oracle9iAS security in great detail in Chapter 12, Oracle9iAS Security.

This is an excerpt from "Oracle 10g Application Server Administration Handbook" by Don Burleson and John Garmany.