Blog dedicated to Oracle Applications (E-Business Suite) Technology; covers Apps Architecture, Administration and third party bolt-ons to Apps

Thursday, February 14, 2008

Redirect to third party site from extranet pages

In one of the iSupplier implementations, we have given a link to a third party site. Whenever this link is clicked, we got the following error:


Access to the requested URI has been blocked by the URL Firewall.

If you believe that you have reached this page while performing valid operations within the application, please send mail to explaining what you were doing when you got this error.

This is expected because the url firewall file doesn't have this entry. To allow this we made the following change indicated in bold in the $IAS_ORACLE_HOME/Apache/Apache/conf/url_fw.conf file present on the extranet web tiers:

On line 617 of url_fw.conf:

#Include all Custom files
# Third party link
RewriteRule - [L]

# If not allowed by list above - go away! [G] is '410 Gone'
RewriteRule .* - [G]
# END Positive list of URLs

After making this change, the Gone error stopped coming.


Ravi Kulkarni said...

Hello Vikram,

Very useful articles. Thank you. I have a peculier problem. I have a setup where the DMZ web only instance needs to allow access to external sites, such as However, for some reason url fw or some other stack redirects it to https and that causes the connection to fail. Do you know what might be causing this problem?



Vikram Das said...

Hi Ravi,

Did you try adding the following line in url_fw.conf as suggested in the post:

RewriteRule - [L]

If yes, then you should carefully see, whether you gave https as the protocol or http as the protocol. Form what you wrote, it should actually be: - [L]

If this is already correct, let me know the exact error you see when you do this on Firefox. Internet Explorer is usually silent on these kind of DMZ and SSL issues.

- Vikram