Node / Responsibility Trust Level in Oracle Applications (E-Business Suite 11i/R12)

Node Trust Level

Node or Responsibility Trust Level : is profile option, to restrict access to set of responsibilities based on Web Server from which user logs in.

This profile option can take one of three values –
Administrative
Normal (Default Value)
External

Lets suppose E-Business Suite (11i/R12) is deployed with four middle tier where two nodes (node1 & node2) are internal(for intranet users) and two nodes (node3 & node4) are external (for internet users – iSupplier, iProcurement, iRecruitment..).  

        You (or Security Team) want that users coming from external machine (node3 & node4) should see only selected responsibility (assume resp1 and resp2). You could achieve this using profile option “Node Trust Level & Responsibility Trust Level

.
1. Set Profile Option “Node Trust Level” at Server level (for External Nodes i.e. node3 & node4) to “External” – Leave value of this profile option at “Site Level” to “Normal”
2. Set Profile Option “Responsibility Trust Level” at Responsibility Level (for resp1 & resp2) to “External” – Leave value of this profile option at “Site Level” to “Normal”
3. Bounce external middle tier (Restart Apache using adapcctl.sh).

Assume users1 with access to responsibility; resp1, resp2, resp3, resp4 try to login
1. If User, user1 login from external node (node3 & node4)  :  user1 can only see two responsibility (resp1 & resp2)

2. If same User, user1 login from internal node (node1 & node2) : user1 can see all four responsibility (resp1, resp2, resp3 & resp4)

.
Things good to know
If you set “Node Trust Level” value to external, for any node, this will create URL Firewall (url_fw.conf) for that particular node. If you wish to know more about Apps URL Firewall check my previous post here

.

Reference

  • 380490.1  Oracle E-Business Suite R12 Configuration in a DMZ
  • 287176.1  DMZ Configuration with Oracle E-Business Suite 11i
  • 364439.1  Tips and Queries for Troubleshooting Advanced Topologies
  • 308271.1  Enable Web Access By External Supplier Users to Oracle iSupplier Portal and Oracle Sourcing
  • 460564.1  Hints and Tips for Troubleshooting the URL Firewall

About the Author Masroof Ahmad

Leave a Comment:

7 comments
Add Your Reply