LOCATION :
$IAS_ORACLE_HOME/Apache/Apache/conf
$FND_TOP/admin/template contains the template apps_ux.conf and this need to be modified accordingly so that changes remain after next autoconfig session.
SIGNIFICANCE :
> contains alias for various important directories which can be accessed from 11i URL
like >> http://www.justanexample.com/jinitiator/oajinit.exe
and we can see that there is an alias for jintiator below in the file >
Alias /jinitiator/ "/eb_rao1_q/applmgr/qatcomn/html/"
>
IMPORTANT POINTS :
> any modification in the below file will require apache bounce
> one of the important configuration file of web server Apache.
> apps.conf is included by oracle_apache.conf, and oracle_apache.conf is included by the httpd.conf
FILE :
#########################################################################################################
#
# $Header: apps_ux.conf 115.58 2008/02/21 06:16:12 upinjark ship $
#
# ###############################################################
#
# This file is automatically generated by AutoConfig. It will be read and
# overwritten. If you were instructed to edit this file, or if you are not
# able to use the settings created by AutoConfig, refer to Metalink document
# 165195.1 for assistance.
#
# ###############################################################
#
#Alias /instlogs/ "/eb_rao1_q/applmgr/qatcomn/admin/install/qata_tneda06n/"
#<Location /instlogs/>
# Order allow,deny
# Allow from all
#</Location>
Alias /OA_JAVA/ "/eb_rao1_q/applmgr/qatcomn/java/"
<Location /OA_JAVA/>
Order allow,deny
Allow from all
</Location>
Alias /OA_HTML/ "/eb_rao1_q/applmgr/qatcomn/html/"
<Location /OA_HTML/>
Order allow,deny
Allow from all
</Location>
-- You would like to lock users out at month end and only allow certain users to have access to eBusiness Suite.
here you can Edit the above OA_HTML entry and add a list of ip addresses for the users that you want to allow access to the system
Alias /OA_HTML/ "/eb_rao1_q/applmgr/qatcomn/html/"
<Location /OA_HTML/>
Order allow,deny
Allow from 10.187.112.232
Allow from 10.187.112.233
Allow from 10.187.112.234
Allow from 10.187.112.235
Allow from localhost
Allow from tneda06n.corp.com
Allow from tneda06n
</Location>
Bounce apache.
Note, you need to include localhost and your middle tier server name. In the above example this is tneda06n.
Now only the users who are assigned to the ip addresses added will have access. All other
users will get a forbidden error when they attempt to login.
Forbidden
You don't have permission to access /OA_HTML/AppsLocalLogin.jsp on this server
If you want to change the message you can do this:
edit httpd.conf
uncomment the ErrorDocument 403 line
change it to something like
ErrorDocument 403 "Forbidden oops, you cannot access the production instance as it is month end, only certain users have access at this time
Stop/Start apache. Users will now receive the above message
Alias /OA_SECURE/ "/eb_rao1_q/applmgr/qatcomn/secure/"
<Location /OA_SECURE/>
Order allow,deny
Allow from all
</Location>
Alias /media/ "/eb_rao1_q/applmgr/qatcomn/java/oracle/apps/media/"
<Location /media/>
ExpiresActive on
ExpiresDefault "now plus 1 day"
Order allow,deny
Allow from all
</Location>
Alias /html/ "/eb_rao1_q/applmgr/qatcomn/html/"
<Location /html/>
Order allow,deny
Allow from all
</Location>
Alias /OA_MEDIA/ "/eb_rao1_q/applmgr/qatcomn/java/oracle/apps/media/"
<Location /OA_MEDIA/>
ExpiresActive on
ExpiresDefault "now plus 1 day"
Order allow,deny
Allow from all
</Location>
Alias /OA_TEMP/ "/eb_rao1_q/applmgr/qatcomn/temp/"
<Location /OA_TEMP/>
Order allow,deny
Allow from all
</Location>
Alias /jinitiator/ "/eb_rao1_q/applmgr/qatcomn/html/"
<Location /jinitiator/>
Order allow,deny
Allow from all
</Location>
Alias /dev60html/ "/eb_rao1_q/applmgr/qatora/8.0.6/tools/web60/html/"
<Location /dev60html/>
Order allow,deny
Allow from all
</Location>
Alias /forms60java/ "/eb_rao1_q/applmgr/qatora/8.0.6/forms60/java/"
<Location /forms60java/>
Order allow,deny
Allow from all
</Location>
Alias /dev60temp/ "/eb_rao1_q/applmgr/qatora/8.0.6/tools/web60/temp/"
<Location /dev60temp/>
Order allow,deny
Allow from all
</Location>
<Location ~ /(oa_servlets|servlets|servlet|jsp|configurator|mobile|forms|discoverer4i|emailcenter|soap/servlet|webservices|dmsOACore|dmsDisco|dmsForms|pricing)/framework>
Order deny,allow
Deny from all
Allow from tned38nv
Allow from tned38nv.adr.corp.com
Allow from tneda06n
Allow from tneda06n.adr.corp.com
</Location>
<Location ~ /(oa_servlets|servlets|servlet|jsp|configurator|mobile|forms|discoverer4i|emailcenter|soap/servlet|webservices|dmsOACore|dmsDisco|dmsForms|pricing)/oracle.apps.fnd.framework.provider.OAFrameworkHttpProvider>
Order deny,allow
Deny from all
Allow from tned38nv
Allow from tned38nv.adr.corp.com
Allow from tneda06n
Allow from tneda06n.adr.corp.com
</Location>
%oacore_fwk_nodes% value is taken from xml file to update the "allow from" server names . If this value is not correct your Forms Applet will not get Started From Homepage
#
# CGI Directory Mappings
#
ScriptAlias /dev60cgi/ "/eb_rao1_q/applmgr/qatora/8.0.6/tools/web60/cgi/"
<Location /dev60cgi/>
Order allow,deny
Allow from all
</Location>
ScriptAlias /OA_CGI/ "/eb_rao1_q/applmgr/qatcomn/html/bin/"
<Location /OA_CGI/>
Order allow,deny
Allow from all
</Location>
ScriptAlias /cgi-bin/ "/eb_rao1_q/applmgr/qatcomn/html/bin/"
<Location /cgi-bin/>
Order allow,deny
Allow from all
</Location>
#
# From the reports server cache file configuration
#
Alias /CACHE/ "/eb_rao1_q/applmgr/qatora/8.0.6/reports60/server/cache/"
<Location /CACHE/>
Order allow,deny
Allow from all
</Location>
#
# Disallow access to files with extension (zip|java|class)
# Bug 5096906 - if users upload .zip files as attachments - allow the download
#
SetEnvIfNoCase Request_URI /pls/qata/fndgfm/fnd_gfm.get/.*\.zip$ this_zip_ok
<Location ~ "\.(zip|class|java)$">
Order deny,allow
Deny from all
Allow from env=this_zip_ok
</Location>
#
# From the WebDB MIMETypes
#
AddType audio/x-wav wav
# Per bug 2388163 changed the line: AddType text/html htm html to:
AddType "text/html;charset=UTF-8" htm html
AddType image/jpeg jpg JPG
AddType image/gif gif GIF
AddType text/plain txt kash lst
AddType application/pdf pdf
AddType application/powerpoint ppt PPT
AddType application/msword doc dot DOC DOT
AddType application/x-tar tar TAR
AddType application/zip zip
AddType text/adi edi
AddType application/excel xls XLS
AddType x-world/x-vrml vrml
AddType application/x-gzip gz Z
AddType application/x-director dcr
AddType application/oracle-magic yyy
AddType application/oracle-video mpi mpg osf
AddType application/x-orarrp rrpa rrpp rrpt rrpr
AddType application/octet-stream jar
#
# Environment settings for the 6iserver/806 CGI programs executed from Apache.
# These need to match the aliases above where applicable.
#
SetEnv ORACLE_HOME /eb_rao1_q/applmgr/qatora/8.0.6
SetEnv TNS_ADMIN /eb_rao1_q/applmgr/qatora/8.0.6/network/admin/qata_tneda06n
SetEnv TWO_TASK qat
SetEnv LD_LIBRARY_PATH /eb_rao1_q/applmgr/qatora/8.0.6/lib
SetEnv SHLIB_PATH /eb_rao1_q/applmgr/qatora/8.0.6/lib:/eb_rao1_q/applmgr/qatora/8.0.6/network/jre11/lib/PA_RISC/native_threads
SetEnv LIBPATH /eb_rao1_q/applmgr/qatora/8.0.6/lib
SetEnv ORACLE_LOCALPREFERENCE /eb_rao1_q/applmgr/qatora/iAS/tools/admin
SetEnv FORMS60_WEB_CONFIG_FILE /eb_rao1_q/applmgr/qatcomn/html/bin/appsweb_qata_tneda06n.cfg
SetEnv FORMS60_BLOCK_URL_CHARACTERS %0a,%0d,!,%21,",%22,(,%28,),%29,;,[,%5b,],%5d,{,%7b,|,%7c,},%7d,%7f,>,%3c,<,%3e
--The parameter "FORMS60_BLOCK_URL_CHARACTERS is responsible for detecting any special characters being passed on the URL and throwing errors when detecting any special character . The most popular example for those special characters are the brackets "(" ")", since they are widely used when defining a custom Responsibility.
Make sure you change this variable in the application context file ("s_f60blockurlchar") and run AutoConfig as apps.conf will be overwritten (and all changes will be reverted back) each time you run AutoConfig.
SetEnv FND_TOP /eb_rao1_q/applmgr/qatappl/fnd/11.5.0
SetEnv OA_HTML /eb_rao1_q/applmgr/qatcomn/html
SetEnv APPLTMP /eb_rao1_q/applmgr/qatcomn/temp
#
# Env settings for RWCGI60 executable. These need to match the values
# in $COMN_TOP/admin/scripts/adrepctl.sh and the CACHE Aliases defined above.
SetEnv REPORTS60_PATH "/eb_rao1_q/applmgr/qatappl/au/11.5.0/plsql:/eb_rao1_q/applmgr/qatappl/fnd/11.5.0/reports:/eb_rao1_q/applmgr/qatappl/au/11.5.0/reports:/eb_rao1_q/applmgr/qatappl/au/11.5.0/graphs:"
SetEnv REPORTS60_TMP "/tmp"
SetEnv REPORTS60_VIRTUAL_MAP /CACHE
SetEnv REPORTS60_PHYSICAL_MAP "/eb_rao1_q/applmgr/qatora/8.0.6/reports60/server/cache/"
SetEnv REPORTS60_SHARED_CACHE YES
SetEnv REPORTS60_SSLPORT 443
SetEnv REPORTS60_CGINODIAG YES
SetEnv REPORTS60_OWSNODIAG YES
SetEnv REPORTS60_CGIMAP "/eb_rao1_q/applmgr/qatora/8.0.6/reports60/server/CGIcmd.dat"
SetEnv REPORTS60_CMDLINE_COOKIE P_SESSION_ID:qat
SetEnv REPORTS60_CGICMD_MANDATORY YES
#
# Environment settings to be passed to CGI programs from external env
#
PassEnv NLS_LANG
PassEnv GWYUID
#
# Set Limit of ENV Variables
#
LimitRequestFieldSize 8190
# enable caching for OA_HTML
#
<Directory /eb_rao1_q/applmgr/qatcomn/html>
ExpiresActive On
ExpiresByType image/gif "access plus 1 month"
ExpiresByType text/css "access plus 1 week"
ExpiresByType application/x-javascript "access plus 1 day"
ExpiresByType text/javascript "access plus 1 day"
ExpiresByType text/html "access plus 1 week"
ExpiresByType text/htm "access plus 1 week"
</Directory>
#
# enable caching for OA_HTML/cabo/jsLibs
#
<Directory /eb_rao1_q/applmgr/qatcomn/html/cabo/jsLibs>
ExpiresActive On
ExpiresByType application/x-javascript "access plus 1 year"
ExpiresByType text/javascript "access plus 1 year"
</Directory>
#
# enable caching for OA_HTML/webtools
#
<Directory /eb_rao1_q/applmgr/qatcomn/html/webtools>
ExpiresActive On
ExpiresByType text/html "access plus 1 month"
</Directory>
#
# enable caching for OA_MEDIA
#
<Directory /eb_rao1_q/applmgr/qatcomn/java/oracle/apps/media>
ExpiresActive On
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
</Directory>
#
# enable caching for OA_HTML/cabo/oajsLibs
#
<Directory /eb_rao1_q/applmgr/qatcomn/html/cabo/oajsLibs>
ExpiresActive On
ExpiresByType application/x-javascript "access plus 1 year"
ExpiresByType text/javascript "access plus 1 year"
</Directory>
<Directory /eb_rao1_q/applmgr/qatora/iAS/Apache/Apache/htdocs/disco4iv>
AddType text/html htm html
</Directory>
<Directory /eb_rao1_q/applmgr/qatora/iAS/Apache/Apache/htdocs/discwb4>
AddType text/html htm html
</Directory>
<Directory /eb_rao1_q/applmgr/qatora/iAS/portal30/doc>
AddType text/html htm html
</Directory>
include "/eb_rao1_q/applmgr/qatora/iAS/Apache/Apache/conf/trusted.conf"
<IfDefine RESTRICT>
<Location /servlets/weboamLocal>
Order deny,allow
Deny from all
Allow from tneda06n
</Location>
</IfDefine>
<Location ~ /(OA_HTML|html|jinitiator)/env.txt*>
Order deny,allow
Deny from all
Allow from tned38nv
Allow from tned38nv.adr.corp.com
Allow from tneda06n
Allow from tneda06n.adr.corp.com
</Location>
<Location ~ "/(OA_HTML|html|jinitiator)/oam/">
Order deny,allow
Deny from all
</Location>
<Location ~ "/(OA_HTML|html|jinitiator)/oam/helpdoc/">
Order deny,allow
Allow from all
</Location>
<Location ~ "/(OA_HTML|html|jinitiator)/oam/images/">
Order deny,allow
Allow from all
</Location>
<Location ~ "/(OA_HTML|html|jinitiator)/oam/nonUix/launchMode/">
Order deny,allow
Allow from all
</Location>
<Location ~ /(oa_servlets|servlets|servlet|jsp|configurator|mobile|forms|discoverer4i|emailcenter|soap/servlet|webservices|dmsOACore|dmsDisco|dmsForms|pricing)/oracle.jbo.server.emd.EMDServlet>
Order deny,allow
Deny from all
</Location>