Focal Point Banner


As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.

Join the TIBCO Community
TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.

  • From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
  • Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
  • Request access to the private WebFOCUS User Group (login required) to network with fellow members.

Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.


Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     How to integrate with ASP pages?

Read-Only Read-Only Topic
Go
Search
Notify
Tools
How to integrate with ASP pages?
 Login/Join
 
<Nailesh>
posted
Hi,
How to integrate fex files with ASP pages?
I am using frames to execute fex files. But this is not secure enough. The user can get the URL of the fex file(by right clicking on the frame) and can get access to it with out login to the application. Is there a better way to integrate it?
Is there any manual available from IBI on how to integrate with other applications?

Any help would be greatly appreciated..

Thanks,
Nailesh.
 
Report This Post
Member
posted Hide Post
CGI or Servlet???
If it servlet based you could use role based security to secure the url.
If you are using the CGI you could web based security to protect the alias.
Another option would be to use the WebFOCUS callable exit and programmatically reject the request based criteria you set.
 
Posts: 5 | Registered: May 20, 2003Report This Post
Master
posted Hide Post
I hear you there... the fact that the browser supports "view source" and allows users to see URLs in the status bar when a drilldown is hovered can be a problem for security-minded sites. What's more, any ASP or Web application has this problem - it's really a problem of the browser!

The good news is you can suppress the user's ability to right-click on the window for any given page without jumping through too many hoops... although you do need to be somewhat comfortable with browser scripting.

There are JavaScript functions that run in every browser version and which let you suppress support for a user right-click on the browser window and for the URL display on a hover. Easiest way to suppress hover display is to disable the status bar; this can be done with a security policy for Internet Explorer.

Here is a sample script that allows right mouse click suppression. You can place it in the ASP file that contains a WebFOCUS report and it will prevent the user from using right-click to view properties of a hyperlink or even using right-click to download stuff from your app (like images).

Note that due to limitations in this posting forum, I had to mangle a few commands - remove "DELETE#" from those commands and replace them with, respectively, the letter S for script and the letter O for the last three..

<DELETE#cript language="JavaScript1.2">
if (window.Event)
document.captureEvents(Event.MOUSEUP);

function nocontextmenu() {
event.cancelBubble = true, event.returnValue = false;

return false;
}

function norightclick(e) {
if (window.Event) {
if (e.which == 2 || e.which == 3) return false;
}
else if (event.button == 2 || event.button == 3) {
event.cancelBubble = true, event.returnValue = false;
return false;
}
}

if (document.layers)
document.captureEvents(Event.MOUSEDOWN);

document.DELETE#ncontextmenu = nocontextmenu;
document.DELETE#nmousedown = norightclick;
document.DELETE#nmouseup = norightclick;
//--></script>

Hope this helps!!!
 
Posts: 919 | Registered: March 26, 2003Report This Post
<dcroxton>
posted
quote:
Originally posted by Bob Jude Ferrante:
[qb]...
The good news is you can suppress the user's ability to right-click on the window for any given page without jumping through too many hoops... although you do need to be somewhat comfortable with browser scripting.

There are JavaScript functions that run in every browser version and which let you suppress support for a user right-click on the browser window and for the URL display on a hover. [/qb]
This is not very good security either, since all the user has to do is turn off JavaScript to get around it. Admittedly, most users won't know about this, but then, you're not worried about most users.
 
Report This Post
Member
posted Hide Post
Can this same code be used in a .htm file? I can't seem to get it to work. Thanks.
 
Posts: 16 | Location: Houston, Texas | Registered: May 13, 2003Report This Post
Master
posted Hide Post
Friends--
I've actually found an even easier way to do this. Just add the event code

onContextMenuDelete="return false"

inside the BODY tag.

A very simple wisp of code which completely disables the right-click menu in Internet Explorer. Even easier to implement than the more lengthy JavaScript function method I previously provided. Remember to take out the word "Delete" from the above code before using it.
 
Posts: 919 | Registered: March 26, 2003Report This Post
  Powered by Social Strata  

Read-Only Read-Only Topic

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     How to integrate with ASP pages?

Copyright © 1996-2020 Information Builders