Securing OIDDAS at OAS 10g
Oracle Application Server is one of the most complete application servers on the market. Here, I work with Forms, Reports and SSO. Our customers rely on Internet to run our apps, but as you know Internet is a space somehow like Bronx in the 80’s.
I tried to find a solution to forbid access to oiddas (Oracle Directory Services) beside the access on the local server. I tried some posts at OTN but that couldn’t find anything… So i figure a solution my self! It relies on Apache Directives:
Go to the Enterprise Manager page of the infrastructure and at the HTTP Server Administration edit the httpd.conf and add this:
Order deny, allow Deny from all Allow from localhost, servername...
I hope this can help anyone out there.