This appendix provides reference to security features found in previous Oracle E-Business Suite releases.
In Oracle E-Business Suite Release 12.2.6 with Patch 4737426:R12.FND.C through Release 12.2.10, the profile option FND: Security Resource Logging (FND_SEC_LOG_RESOURCES) can be set to one of the following values to log resource access:
ALL: All requests of dispatcher type REQUEST, FORWARDS, INCLUDES are logged in simple format.
FORWARDS: All requests of dispatcher type REJECTED and FORWARDS are logged in simple format.
FORWARDS, INCLUDES: All requests of type FORWARDS and INCLUDES are logged in simple format. Rejected FORWARDS requests will also be logged. This is the default value.
NONE: No requests are logged.
REJECTED: All rejected requests of dispatcher type REQUEST and FORWARDS are logged in detailed format, regardless of the AFLOG_LEVEL profile value. Allowed requests are not logged.
REJECTED, FORWARDS, INCLUDES: Only Rejected requests of dispatcher type FORWARDS are logged in detailed format irrespective of the AFLOG_LEVEL profile value.
When the profile FND_SEC_LOG_RESOURCES is set to REJECTED or is set to REJECTED, FORWARDS, INCLUDES, then the logs will be in a detailed format. If the profile is set to any of the other values, then the logs will be in a simple format, unless AFLOG_LVEL profile is set to STATEMENT.
The following table lists profile options that were checked in prior versions of the Secure Configuration Console per the Checked Security Guidelines, but are now obsolete. These checks have been removed from the console or will be removed in a future release.
| Profile Option Name | Code (Internal Name) |
|---|---|
| Audit Trail:Activate | AUDITTRAIL:ACTIVATE |
| Concurrent:Report Access Level | CONC_REPORT_ACCESS_LEVEL |
| Sign-On:Notification | SIGNONAUDIT:NOTIFY |
| IRC: XSS Filter | IRC_XSS_FILTER |
| FND: Security FileStreaming No-Store | FND_SEC_FILESTREAM_NO STORE |
The following profile options were included in Oracle E-Business Suite Release 12 and have been end dated.
| Profile Option Name | Code (Internal Name) | Comments |
|---|---|---|
| FND Validation Level | FND_VALIDATION_LEVEL | FND Validation Level is defaulted to ERROR in Oracle E-Business Suite Release 12. This profile has been end dated and is not currently used. |
| Framework Validation Level | FRAMEWORK_VALIDATION_LEVEL | Framework Validation Level is defaulted to ERROR in Oracle E-Business Suite Release 12. This profile has been end dated and is not currently used. |
| FND Function Validation Level | FND_FUNCTION_VALIDATION_LEVEL | FND Function Validation Level is defaulted to ERROR in Oracle E-Business Suite Release 12. This profile has been end dated and is not currently used. |
If any of the profile options listed in the tables of this section fail the Secure Configuration Console checks, you can either fix or suppress the failure. For a secure environment, Oracle recommends that you address all failures that are applicable to your environment.