Advanced Configurations for Demilitarized Zone

Overview

If your mobile users need to access Oracle E-Business Suite mobile apps over the Internet, your Oracle E-Business Suite environment must be set up in a demilitarized zone (DMZ) configuration.

To set up Oracle E-Business Suite mobile apps in a DMZ configuration, ensure that you complete the following required tasks:

Important: Before setting up your mobile app with any of the advanced configurations, ensure basic mobile app configuration is performed and validated. See: Validating the Configuration.

Additionally, before connecting the mobile app using DMZ configuration, ensure that the app works with Service Endpoint (APPS_MOBILE_AGENT) set to an internal server of Oracle E-Business Suite. For information on the Service Endpoint (APPS_MOBILE_AGENT) parameters, see Configuring Parameters for the Apps Local Login Authentication Type.

  1. Common Tasks for DMZ Configuration (Prerequisites Tasks)

    This section describes the common tasks for setting up Oracle E-Business Suite in a DMZ configuration, even if Oracle E-Business Suite mobile apps are currently not used. In other words, you need to complete these tasks that serve as prerequisites for configuring Oracle E-Business Suite mobile apps if mobile users need to access the apps in a DMZ configuration.

    See: Setting Up Oracle E-Business Suite Environment in a DMZ Configuration.

  2. Mobile Apps Specific Setup Tasks for DMZ

    After completing the common or prerequisites tasks for configuring Oracle E-Business Suite in a DMZ, you can perform additional setup tasks specifically for Oracle E-Business Suite mobile apps.

    See: Mobile Specific Setup Tasks for DMZ.

Setting Up Oracle E-Business Suite Environment in a DMZ Configuration

Before performing mobile app specific setup tasks, you need to ensure Oracle E-Business Suite is in a DMZ configuration.

Note: For any responsibility to which you have assigned the mobile app access role, as described in Setting Up Mobile App Access to Responsibilities, to allow mobile users to access the responsibility from an external node in a DMZ configuration, set the "Responsibility Trust Level" profile value to External for that responsibility at the responsibility level.

Please note that any responsibility with this profile value set to External will also be exposed on all other nodes in the DMZ. Any standard web tier set up in the DMZ for limited access will now have this responsibility visible.

For more information on setting the trust level, refer to the following knowledge documents:

Mobile Specific Setup Tasks for DMZ

Once your Oracle E-Business Suite environment is configured with DMZ, when setting up the configuration file for your mobile app, ensure that the value of the Service Endpoint parameter is set to your external web entry point.

For information on configuring your mobile app, see Enabling a Mobile App Individually and Specifying the Configuration Through the UI Pages.

Note: If you use the Configure Mobile Applications page to set up the configuration parameters, note that the value for the Service Endpoint parameter defaults to the current value of the APPS_FRAMEWORK_AGENT profile option. However, if you are accessing this page from your intranet, then the current value of the APPS_FRAMEWORK_AGENT profile option will be your internal web entry point. In this case, to allow access from mobile apps to Oracle E-Business Suite over the Internet, you must manually specify an override value for the Service Endpoint parameter to set it to the external web entry point.