Classification of Technologies used in Oracle E-business suite

Classification of Technologies used in Oracle E-business suite

• Oracle Application Object Library (AOL)
• Java Technology Foundation (JTF)

AOL applications are Oracle Forms developed using Oracle Developer and are usually
referred to as Forms-based applications. JTF applications are Java Server Pages (JSPs)
developed using Oracle JDeveloper and are usually referred to as HTML-based
applications. Each type of application accesses the same database and can share
information with the other.

The product interfaces are accessed by providing the Uniform Resource Locator (URL)
for the environment in an Oracle Applications 12-compliant Web browser and
navigating to the hyperlink for the login page for the specific technology stack. You can
also provide the URL for the specific login page. This URL is referred to as your login
URL.

Oracle Applications URL
Use this URL to navigate to the Personal Home Page URL or the CRM Home page URL.
http://:/
* To navigate to the Personal Home Page URL, choose Apps Logon Links >Personal
Home Page.
* To navigate to the CRM Home Page URL, choose Apps Logon Links >CRM Home
Page.

CRM Home Page URL
This URL is sometimes referred to as the Apache or JTF login URL. Use this URL to
open the login page for HTML-based applications.
http://:/OA_HTML/jtflogin.jsp

Personal Home Page URL
This URL is sometimes referred to as the Self-Service Web Applications or SSWA login
URL. Use this URL to open the login window for Oracle Applications via the Personal
Home Page. You can access Forms-based or HTML-based applications from the
Personal Home Page.
http://:/OA_HTML/US/ICXINDEX.htm

Forms URL
Use this URL to open the login page for Forms-based applications. This login URL is
Dependencies and Integration Points 2-11
typically used by system administrators, not end users.
http://:/dev60cgi/f60cgi

User Accounts
An application user is an authorized user of Oracle Applications and is uniquely
identified by a username. After the user account has been defined, the application user
can sign on to Oracle Applications at the CRM Home Page, Personal Home Page, or
Forms login.
Note: Oracle Applications is installed with a system defined username
and password.
* Username: sysadmin
* Password: sysadmin

An application user enters a username along with a password to sign on to Oracle
Applications. The password assigned by the system administrator is temporary. When
signing on for the first time, the application user will be prompted to change the
password. Access to specific functionality and data will be determined by the
responsibilities assigned to your user account.

Regards
Manoj

Broken Pipe

Broken Pipe
-----------

Create two named pipes, p1 and p2. Run the commands:

echo -n x | cat - p1 > p2 &
cat p1

On screen, it will not appear that anything is happening, but if you run top (a command similar to ps for showing process status), you'll see that both cat programs are running like crazy copying the letter x back and forth in an endless loop.

After you press ctrl-C to get out of the loop, you may receive the message “broken pipe”. This error occurs when the process reading the pipe closes its end while a process is writing to a pipe. Since the reader is gone, the data has no place to go. Normally, the writer will finish writing its data and close the pipe. At this point, the reader sees the EOF (end of file) and executes the request.

Whether or not the “broken pipe” message is issued depends on events at the exact instant the ctrl-C is pressed. If the second cat has just read the x, pressing ctrl-C stops the second cat, pipe1 is closed and the first cat stops quietly, i.e., without a message. On the other hand, if the second cat is waiting for the first to write the x, ctrl-C causes pipe2 to close before the first cat can write to it, and the error message is issued. This sort of random behavior is known as a “race condition”.

Source (online linux journal)

Regards
Manoj

Apps Account Locking

Topic
------
"Apps" Account Locking in E-business suite.

ADI(Application Desktop Integrator) is a software runs on Windows systems and uses the net8 client to talk to the database. However, user's logon as their application ID and password, not directly to the database.

In order for this to work, the application goes to the database with a public username/password that must never be changed for the application to function. The username/password is APPLYSYSPUB and the password is PUB (this is openly documented). This database account is able to find the APPS schema and encrypted password in the database. It then unencrypts the password and uses it to connect to the database.


Problem
---------
There is a know issue with customers using ADI(Application Desktop Integrator).

When ever there are unsuccessful logins (failed login attempts count) number of attempts by an application user using desktop ADI, apps account will get locked (timed). This can be confirmed by checking by checking database listener log.

Solution
--------
1. Increase failed login attempts.

2. Recommend customers to use web ADI instead of Desktop ADI.

3. Educate ADI users not to make unsuccessful attempts to login more than than times that you have specified in "failed login attempts".

Metalink users can educate thyself through note:400743.1

Security Issues
---------------

The version of ADI (Application Desktop Integrator) 7.1.1.10.1, contains a major security breach.

Whenever the software is launched, it creates a file called dbg.txt on the
local hard drive on the system which contains in PLAIN TEXT the usernames
and passwords for both the application user and the APPS schema!

further readings
----------------
http://www.oracle.com/technology/deploy/security/pdf/secalert_adi.pdf

Regards
Manoj