X

The Latest Technology Stack News Directly from EBS Development

Secure Oracle E-Business Suite 12.2 with Allowed JSPs/Resources

Elke Phelps
Product Management Director

Oracle E-Business Suite is delivered with JSPs and servlets. Most customers use only a subset of these provided resources. The Allowed JSPs or Allowed Resources feature allows you to reduce your attack surface by disabling JSPs or servlets that are not used in your environment. You can allow or deny resources at the family, product or resource level.

The Allowed JSPs feature allows you to define a whitelist of allowed JSPs for your Oracle E-Business Suite 12.2 environment. When enabled, accessing JSPs that are not configured in your whitelist is not allowed.

The Allowed Resources feature expands upon the concept of the Allowed JSPs feature and allows you to define a whitelist of allowed JSPs and servlets for your Oracle E-Business Suite 12.2 environment. When enabled, accessing JSPs or servlets that are not configured in your whitelist is not allowed.

Your users will see an error message if a resource is blocked by the Allowed JSPs or Allowed Resources feature.

Refer to the documentation for more information on how to to deploy and configure the Allowed JSPs or Allowed Resources feature.

Which EBS Releases include Allowed JSPs or Allowed Resources?

  • Allowed JSPs is delivered with Oracle E-Business Suite Release 12.2.4
  • Allowed Resources can be enabled with Oracle E-Business Suite 12.2.6+.
  • Allowed Resources with a new user interface and recommendations to provide ease of configuration is on by default with Oracle E-Business Suite 12.2.7.

Where can I learn more?

Related Articles

References

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.