1. Introduction

One of the most compelling benefits of Internet computing, universally accessible information, is also one of the greatest causes of concern for Web site administrators. A Web site must ensure that only those authorized to see information can do so. Oracle Reports security allows administrators to control the access the execution of the reports.

Oracle Reports provides two levels of security:

• at the data level, managed by the Data Source itself. For example the database connection information
• at the Report Server level, on a secured server, it controls if a report or a command could be executed.

The Security API of the Reports Software Development Kit (RSDK) allows you to develop a new security for your server.

Oracle Reports enables you to "plug" in any security you wish, using the provided API. This tutorial will show you how to write your own security, using an XML File to store the athorization information.

At the end of this tutorial, you will be able to:

• Implement a Security class with Oracle Reports
• Register a Security class with Oracle Reports
• Use the Security with Oracle Reports

Note that the XML file-based security sample is certified with Oracle Reports 9i.