Oracle Application in Demilitarized Zone (DMZ)

DMZ is the way of exposing organization specific files to outside firewall.In Oracle Aplications we can achieve this.Oracle Application architecture consists of fleet of nodes ( FND_NODES). First we need to decide which nodes we need to expose to public.Using the profile "Node Trust Level" we can set a node to public or private ( Normal -> private,External -> public ).

Following table shows the entries of FND_NODES table.

FND_NODES

SVD0ORACS03

SVD0OAPS01

AUTHENTICATION

SVD0OAPS02

SVD0OAPS03

SVD0OAPS04

SVD0SSWEBS1

SVD0SSWEBS2

SVD0ORACS01

SVD0ORACS02

Following is the picture of "Node Trust Level" profile.

Node

Node Trust Level

SVD0ORACS03

Normal

SVD0OAPS01

Normal

AUTHENTICATION

Normal

SVD0OAPS02

Normal

SVD0OAPS03

Normal

SVD0OAPS04

Normal

SVD0SSWEBS1

External

SVD0SSWEBS2

External

SVD0ORACS01

Normal

SVD0ORACS02

Normal

In the above listed nodes two nodes are identified as External (SVD0SSWEBS1 and SVD0SSWEBS2). Rest others are Internal.

Following picture shows the profile setting of "Node Trust Level" for SVD0SSWEBS2.

In Responsibilities level also we can decide weather to expose it to inside or outside firewall.This can be achieved by using another profile "Responsibility Trust Level".

I will explain this profile with an example.I will create a responsibility and i will set the "Responsibility Trust Level" to External.So when user invokes the application from outside then he/she can view the responsibility.

1) Create a form function which points to an OAF page as shown below.

2) Assign the above function to a responsibility.

3) Set the "Responsibility Trust Level" of above created responsibility to "External".

4) Set the "Responsibility Trust Level" of Employee Self-Service responsibility to "External".

5) "Responsibility Trust Level" of Web ADI responsibility is "Normal".

Note: Run autoconfig to complete the configuration.

When user tries to access application from inside firewall following responsibilities will display under his/her user.

1) Employee Self Service
2) Login Info
4) Oracle Web ADI

When he/she tries to access application from outside firewall following responsibilities will list.

1) Employee Self Service
2) Login Info





Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About



Oracle Apps Technical Consultant,Bengaluru Area

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today