X

The Latest Oracle E-Business Suite Technology News direct from
Oracle E-Business Suite Development & Product Management

EBS Security Feature Allowed Resources Now Available for EBS 12.1.3

Elke Phelps
Product Management Director

I am pleased to announce the availability of the Allowed Resources security feature for Oracle E-Business Suite 12.1.3. The Allowed Resources feature is available for Oracle E-Business Suite 12.1.3 with Patch 30110924

What protection is provided with Allowed Resources?

Oracle E-Business Suite is delivered with JavaServer Pages (JSPs) and servlets. Most customers use only a subset of these provided resources. The Allowed Resources feature allows you to reduce your attack surface by disabling resources that are not used in your environment. You can allow or deny resources at the family, product, or resource level.

The Allowed Resources feature allows you to define a whitelist of allowed resources for your Oracle E-Business Suite 12.1.3 environment. When enabled, accessing resources that are not configured in your whitelist is not allowed. 

With Oracle E-Business Suite Release 12.1.3, you may use one of the following Allowed Resources user interfaces in order to configure the feature:

  • Management by Product Hierarchy to easily allow or deny access by product families

  • Management by Resource to easily allow or deny access to individual resources

Your users will see an error message if access to a resource is blocked by the Allowed Resources feature.

Refer to the documentation for more information on how to to deploy and configure the Allowed Resources feature.

Where can I learn more?

References

Related Articles

Join the discussion

Comments ( 5 )
  • YZ Monday, May 4, 2020
    Hi Elke,
    Thanks for the posting.
    In patch 30110924 README it has the following statements that I have seen in many patches' README's.
    My question is that does it apply to database tier with version 12c or 19c?
    If yes, would it be possible to make them explicit or clear?
    Thanks.

    DB version check [required]
    As a standalone patch this can be applied with DB version 10G/11G.
    Following Pre-Requisites are required to be followed.
    . R12/DB Ver. 11G : No Pre-Reqs.
    . R12/DB Ver. 10GR2 : No Pre-Reqs.
    . R12/DB Ver. 10GR1 : For 10gR1, DB Version must be 10.1.0.4 or greater.

    Additionally the following parameter need to be set to "true" before applying this patch
    "_plsql_conditional_compilation"=true ( refer note 338821.1)
  • Elke Phelps (Oracle Development) Monday, May 4, 2020
    YZ -

    Thanks for the bringing this to my attention. This appears to be a documentation issue. I've reached out to the development team to make the necessary updates README.

    Regards,
    Elke
  • Elke Phelps (Oracle Development) Wednesday, May 6, 2020
    YZ -

    Please note that the README for this patch has now been updated. The database dependencies were not a requirement.

    We've also addressed the issue of the database dependencies being pulled into future READMEs. Thanks again for bringing this to our attention.

    We would appreciate an update on your experience with Allowed Resources with Oracle E-Business Suite 12.1.3. You may send me an email at elke.phelps@oracle.com.

    Regards,
    Elke
  • YZ Wednesday, May 6, 2020
    Hi Elke,

    Thanks for quick response and action!!
    I saw the README has been updated.
    I will update once I find a chance to implement it.

    I currently have a SR about a patch in which it has the same DB version
    check [required] for 10G/11G. That's what "triggered" me. :--)
    The oracle support is not helping, to be honest. They just read the README letter by letter. It's frustrating I have to admit. I don't really want to blame them because that's probably what they are trained to do. :--(

    Over the years I have seen many READMEs that have the same "copy/paste". Most of time I just ignore them but the what-if is always in my mind.

    Thanks again for the prompt response. That's what I have been looking for in Oracle a while.

    Have a good one.
    YZ
  • Elke Phelps (Oracle Development) Wednesday, May 6, 2020
    YZ- You're quite welcome. Glad to be of assistance.

    The README issues are not simply due to copy and paste, but rather inherited information from included/dependent patches. For this patch, the dependent patch has now been updated to exclude the DB dependencies from the README. That will help with future patches if this dependency exists.

    I'v also discussed with the team and we will also do a better job reviewing the READMEs prior to release of a new patches in the future.

    Hopefully you will see fewer issues such; however, it may happen again. If it does, please let us know.

    We are here to help you and all of our customers.

    If you email me (elke.phelps@oracle.com) the SR number for your other patch that has listed DB dependencies, I can take a look at it, too.

    Regards,
    Elke
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.