Reports 12c: FolderAccess Wildcard Does Not Work -- REP-177 & REP-56133
Oracle Reports Developer - Version 220.127.116.11.0 and later
Information in this document applies to any platform.
In Oracle Reports 12c v. 18.104.22.168.0, when using the folderAccess, the wildcard (*) does not work.
See 12c Documentation :
Steps to Reproduce:
Other Scenarios :
New install of Oracle Fusion Middleware 12c v. 22.214.171.124.0
Due to a security mandate, this Reports 12c folderAccess wildcard (*) feature has changed and the online documentation has changed accordingly to reflect the fact this feature will only work in a sub-directory :
See Bug: 22334822 in Reports 12c :
Bug:22334822 : ISSUE WITH FOLDER ACCESS NOT SUPPORTING '*' TO ALLOW READ/WRITE TO ANY LOCATION
Please perform the following solution:
1. You will need to download and apply the following patch:
Note: Please review the Readme file for instructions on how to install the patch.
WARNING: This patch is not subject to the same rigorous level of testing as done for Oracle patchsets. One-off patches are inherently more risky than patchsets, since they have not gone through our full QA regression testing. Customers who take one-offs should both understand this risk, and conduct whatever backups and/or additional testing they feel necessary to be comfortable with the patch before moving it into their production environment.
2. PLEASE NOTE: Due to a security mandate, this Reports 12c folderAccess wildcard (*) feature has changed and the online documentation has been revised accordingly.
The REVISED Reports 12c folderAccess wildcard (*) Feature is expected to function as follows :
a. Reports will allow all the sub-directories below a directory like /dir/*
Example 1 (single location):
desname=/tmp/a/b/output.pdf ==> tested OK
desname=/tmp/a/output.pdf ==> tested OK
desname=/tmp/output.pdf ==> tested OK
All sub-directories under /tmp were tested to work.
Example 2 (multiple locations):
PLEASE NOTE: Make sure the user has full OS permissions (ie. chmod 777) to the folder(s)/directories being written to.
Otherwise, it may fail with the following error:
... and the following may be seen in the rwserver_diagnostic.log:
b. The following is NOT allowed as it leads to security vulnerabilities :
In other words...
The implementation will not allow <write>/*</write> or <write>*</write> for security reasons.
A folder needs to be defined for the <write> tag and when using it with "/folder/*"
then any sub-directory under "/folder/" can be used.