Focal Point Banner


As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.

Join the TIBCO Community
TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.

  • From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
  • Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
  • Request access to the private WebFOCUS User Group (login required) to network with fellow members.

Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.


Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     Hide IBIC_User and IBIC_Pass [Solved]

Read-Only Read-Only Topic
Go
Search
Notify
Tools
Hide IBIC_User and IBIC_Pass [Solved]
 Login/Join
 
Erney
Gold member
posted
Morning everyone, I am currently trying to hide the ibic_user and ibic_password hidden values on a html launch page.

Anyone know of a fairly simple way to do this, also not I am not the administrator so i think changing any files on the web focus server side is pretty much out.

This is what i am working with.
<INPUT id=IBIC_user type=hidden value="Username" name=IBIC_user>
<INPUT id=IBIC_pass type=hidden value="password" name=IBIC_pass>


When I run the page and "view source" the user name and password are viewed plain as day. I need to remove these from view but still be able to pass them to the servlet from the html launch page.


Any help would be greatly appreciated, thanks.
Jeff

This message has been edited. Last edited by: Erney,


WF 7.1.7- Windows XP
 
Posts: 63 | Registered: August 28, 2007Report This Post
Waz
Expert
posted Hide Post
Jeff, I would suggest using javascript to create the variables.

But you have not given much info.

Have the users already logged in ?

Is there a WebFOCUS session cookie ?


Waz...

Prod:WebFOCUS 7.6.10/8.1.04Upgrade:WebFOCUS 8.2.07OS:LinuxOutputs:HTML, PDF, Excel, PPT
In Focus since 1984
Pity the lost knowledge of an old programmer!

 
Posts: 6347 | Location: 33°49'23.0"S, 151°11'41.0"E | Registered: October 31, 2006Report This Post
Erney
Gold member
posted Hide Post
No users will be logging in, this is a permanent username/password set up just to access the db2 tables that are needed for the reports.

Would you mind showing me a quick example of how to create those varibles with javascript?


WF 7.1.7- Windows XP
 
Posts: 63 | Registered: August 28, 2007Report This Post
GinnyJakes
Expert
posted Hide Post
If this is a permanent id for a connection to a data base, why don't you put the connect string to the DB2 connection in the global profile (edasprof.prf) and then encrypt it? Hard-coding the IBIC variables is like not having security on at all so use a default id to connect to the server (can set this up in the Remote Servers section of the WebFOCUS client console) and then a permanent set of credentials in edasprof to connect to the data base.


Ginny
---------------------------------
Prod: WF 7.7.01 Dev: WF 7.6.9-11
Admin, MRE,self-service; adapters: Teradata, DB2, Oracle, SQL Server, Essbase, ESRI, FlexEnable, Google
 
Posts: 2723 | Location: Ann Arbor, MI | Registered: April 05, 2006Report This Post
Waz
Expert
posted Hide Post
I agree with Ginny, either have them in the EDASPROF or a connect string in the program.

Is this a secure site ? If so, you may need to lock down the access, as hardcoding the UID/Pass will allow anyone to access the information.


Waz...

Prod:WebFOCUS 7.6.10/8.1.04Upgrade:WebFOCUS 8.2.07OS:LinuxOutputs:HTML, PDF, Excel, PPT
In Focus since 1984
Pity the lost knowledge of an old programmer!

 
Posts: 6347 | Location: 33°49'23.0"S, 151°11'41.0"E | Registered: October 31, 2006Report This Post
Erney
Gold member
posted Hide Post
We ended up adding two more input boxes, one for the mainframe user and one for the mainframe password then pass them as the ibic_user and ibic_password.

This way, each user had to be assigned to the database table on our mainframe through our security department.

Basically, anyone can see the webpage and run the report if they knew the url but the report would return wrong username/password if they were not defined or added to the database.


WF 7.1.7- Windows XP
 
Posts: 63 | Registered: August 28, 2007Report This Post
Darin Lee
Virtuoso
posted Hide Post
That works, too. Just need to be careful about sending those credentials over an open wire (without https or some encryption) as they are sent in plain text by default as part of the URL string)


Regards,

Darin


In FOCUS since 1991
WF Server: 7.7.04 on Linux and Z/OS, ReportCaster, Self-Service, MRE, Java, Flex
Data: DB2/UDB, Adabas, SQL Server Output: HTML,PDF,EXL2K/07, PS, AHTML, Flex
WF Client: 77 on Linux w/Tomcat
 
Posts: 2298 | Location: Salt Lake City, Utah | Registered: February 02, 2007Report This Post
  Powered by Social Strata  

Read-Only Read-Only Topic

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     Hide IBIC_User and IBIC_Pass [Solved]

Copyright © 1996-2020 Information Builders