Blog dedicated to Oracle Applications (E-Business Suite) Technology; covers Apps Architecture, Administration and third party bolt-ons to Apps

Friday, November 30, 2007

Values for context variable s_appserverid_authentication

In E-Business Suite 11.5.10 the default value of context variable, s_appserverid_authentication, is SECURE. In previous E-Business Suite 11i versions, this was set to OFF.

There are 3 Modes of authentication:

OFF - Server security is not checked. Any application server machine can access the database. Code IDs are also not checked. Use this option on test systems or if you have full control over the software on all machines which can physically access your database.

ON - Some level of trust is required to access the database. Either the application server must be registered with the database or the code must pass a module and version ID known to be trusted. Use this option only if you wish to maintain compatibility with application servers that you cannot yet patch to the code level required for best security.

SECURE - Full trust is required for access to the database. Only registered application server machines may connect to the database, and only trusted code modules may connect to the database.

If you are on Oracle Applications 11.5.10.2, the context variable, s_appserverid_authentication, is the parameter that allows you to skip the framework login. Setting this parameter to "OFF" mode is only to be used for debugging purposes. Any other use, such as leaving it in the "OFF" mode for regular login, is not supported.

2 comments:

Atul Kumar said...

Vikram,
Nice post. One suggestion if you could add email subscription that would be very handy


Atul Kumar
http://onLineAppsDBA.com

Vikram Das said...

Hi Atul,

Thanks for the suggestion. I have just added email subscription option to my blog. Its on the right hand side below the no. of visitors.

- Vikram