Enforce an Additional Layer of Security for Resource Access
The Allowed Resources Authorizations feature extends the existing Allowed Resources feature by enabling an additional permission check on web resource access at the beginning of each request. This feature is disabled by default with Oracle E-Business Suite Release 12.2.15.
It is recommended that you enable Allowed Resources Authorizations to enforce an additional layer of security for Oracle E-Business Suite.
Steps to Enable
This feature is available with Oracle E-Business Suite Release 12.2.15 or R12.ATG_PF.C.Delta 14.
To enable this feature, you must first enable Allowed Resources. For more information about enabling Allowed Resources, see Allowed Resources in Oracle Application Object Library Security in the Oracle E-Business Suite Security Guide.
Once Allowed Resources is enabled, enable Allowed Resources Authorizations by setting the Security: Allowed Resource Authorizations (FND_SEC_ALLOWED_AUTHORIZATION) profile option to "Configured" at the site level.
With Allowed Resources Authorizations, an access type attribute has been added to the Allowed Resources metadata. Access types control whether the resource can be accessed by guest sessions, only authenticated users, or only users with specific function permissions. All seeded Oracle E-Business Suite resources have been assigned the access type with the least privilege required to function properly.
By default, the metadata for custom resources is to allow access by authenticated users. The system administrator can update the default access type for custom resources as needed.
For more information on the values for the access type attribute, see Allowed Resources Authorizations in Oracle Application Object Library Security in the Oracle E-Business Suite Security Guide.
Tips And Considerations
The following are tips for the Allowed Resources Authorizations feature:
- First, enable Allowed Resources.
- Next, enable Allowed Resources Authorizations.
- Refine the value of the access type attribute for your customizations based upon your requirements.
Key Resources
- Allowed Resources Authorizations in Oracle Application Object Library Security in the Oracle E-Business Suite Security Guide.
- Allowed Resources in Oracle Application Object Library Security in the Oracle E-Business Suite Security Guide.