Integration

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Forms and reports firewall access control

user5483620Jan 30 2009 — edited Feb 2 2009

Hi,

I have installed Oracle application server 10g R2, forms and reports standalone. The server will host multiple applications. The security administrator requires that there is some kind of firewall access control over who has access to individual application. In theory this can be done with different ip address for each application, different port, by using proxy, filtering the url... For us any solution is acceptable.

What will prevent the following scenario: there are let’s say 2 applications:

http://app1.com:7778/forms/frmservlet?config=app1

http://app2.com:7779/forms/frmservlet?config=app2

Let’s say that the user with access to app2 is allowed only to 7779. But if the user tries the following url:

http://app2.com:7779/forms/frmservlet?config=_app1_

he will gain access to app1. As far as I am aware, there is no port control on the level of forms server, only on http server.

Regards,

Vasko

Locked Post

New comments cannot be posted to this locked post.

Locked on Mar 2 2009

Added on Jan 30 2009

#application-servers, #oracle-application-server-general

2 comments

648 views