Accessing Oracle E-Business Suite from a Desktop Client

Administrator privileges are required for installing all JRE Plug-in versions on the desktop client. IE Browser Settings for User Download of the Java Plug-in (oaj2se.exe) Oracle recommends that customers running Oracle E-Business Suite through a Microsoft Internet Explorer (IE) browser should use a 'Medium' security setting through the 'Trusted Sites' zone in the browser at runtime. Further information on browser settings are available from Document 389422.1 titled, 'Recommended Browsers for Oracle E-Business Suite Release 12'. If the appropriate Plug-in or higher is not already installed on the desktop client, you should be prompted to download it when trying to connect to a 'forms link' through an Oracle E-Business Suite forms-based (professional user interface) responsibility. Note: The oaj2se.exe can usually be downloaded manually by adding '/OA_HTML/oaj2se.exe' to the base url of the environment. For example; if the base url of the environment was 'https://server1.example.com:4443', you could run 'https://server1.example.com:4443/OA_HTML/oaj2se.exe'. With a medium security setting, after clicking on a 'forms link', a message similar to the following should appear at the top of the browser window; JRE 6 Users "The website wants to install the following add-on: 'Java(TM) Runtime Environment 6.0 Update 38' from 'Sun Microsystems, Inc.'. If you trust this website and the add-on and want to install it, click here..." JRE 7 Users 'The website wants to install the following add-on: 'Java SE Runtime Environment 7.0 Update 10' from 'Oracle America, Inc.'. If you trust this website and the add-on and want to install it, click here...' If you see this message, follow the steps below to install the Plug-in: Click on the message above and select 'Install ActiveX Control...' Once the browser has stopped processing, click on the 'forms link' again, and the oaj2se.exe file should start to download Once the download has completed, a security warning pop-up window will ask, 'Do you want to install this software?' Click on the 'Install' button and follow the on screen instructions Alternatively, you can avoid this message by temporarily altering the security settings for the initial install, using one of the two methods below. Once the Plug-in has been installed on the desktop client, the browser security settings should be reset to 'medium'. Method A: Change Security Setting to Medium-low Select 'Tools' -> 'Internet Options -> 'Security' (Tab)' from the browser menu. Select 'Trusted Sites' -> 'Custom Level' (button) From the 'Reset custom settings' drop down select 'Medium-low' Click the 'Reset...' button and accept the changes. Press the 'OK' buttons on the 'Security Settings' and 'Internet Options' windows. Close the browser and start a new browser session for the settings to take effect. After launching Oracle E-Business Suite and downloading the oaj2se.exe file onto your desktop client, please reset the security setting back to 'Medium'. Method B: Change Individual Parameter Settings Select 'Tools' -> 'Internet Options -> 'Security' (Tab)' from the browser menu. Select 'Trusted Sites' -> 'Custom Level' (button) Under 'Settings' -> 'ActiveX controls and Plug-ins' Change 'Automatic prompting for ActiveX controls' to 'Enable' Change 'Download unsigned ActiveX controls' to 'Prompt' Click the 'OK' button and accept the changes and click the 'OK' buttons to close the window Close the browser and start a new browser session for the settings to take effect. After launching Oracle E-Business Suite and downloading the oaj2se.exe file onto your desktop client, please reset 'Automatic prompting for ActiveX controls' to 'Disable' and 'Download unsigned ActiveX controls' to 'Disable. Connecting to an Oracle E-Business Suite Instance for the First Time "The application's digital certificate cannot be verified. Do you want to run the application?" If accessing Oracle E-Business Suite using a Forms-based (Professional user interface) responsibility where the Java certificate for the environment you are accessing has not previously been installed into the Java certificate store, the following warning window will display: JRE 7 Users JRE 7u40 and Higher Users If your Jar files are still signed with a self-signed certificate, the option to 'remember the decision' for future logins has been removed in JRE 1.7.0_40 (7u40) and later. This warning message will therefore appear each time you start a new session requiring the user to agree to accept the risk before running. JRE 7u40 Security Warning Tick the checkbox and click the 'Run' button to open the form. To prevent this security window popping it is recommended that you sign all your jars using a trusted certificate authority (CA). Signing can be done using either an official CA (such as Verisign, Thawte etc.) or an in-house CA. For further information on Jar signing requirements see Document 1591073.1 titled, 'Enhanced JAR File Signing for Oracle E-Business Suite'. Running with a Self-Signed Certificate If your Jars are signed with a self-signed certificate you can still launch Java content and also prevent this window from popping by utilizing a Deployment Rule Set. However, the DeploymentRuleSet.jar file must itself be signed with a certificate from a Trusted CA, either an official CA (such as Verisign, Thawte etc.). If your Jars are signed with a self-signed certificate you can also still launch Java content using a self-signed certificate by utilizing the Exception Site List feature from the desktop. However, this will not suppress this warning message. Users will still be required to respond to this warning each time they launch a new session. JRE 7u21 and Lower Users If accessing Oracle E-Business Suite using a Forms-based (Professional user interface) responsibility where the Java certificate for the environment you are accessing has not previously been installed into the Java certificate store, the following, or similar, security warning window will display: JRE 7 Java certificate warning Check the 'I accept the risk and want to run this application' box to verify you trust the certificate. Click the 'Hide Options' button and check 'Do not show this again for apps from the publisher and location above'. Click the 'Run' button to open the form. Once the certificate has been successfully installed, this message will not appear again when accessing this environment from your desktop client. JRE 6 Users JRE 6u60 and Lower Users JRE 6 certificate warning Check 'Always trust content from this publisher' to verify you trust the certificate. Click the 'Run' button to open the form. Once the certificate has been successfully installed, this message will not appear again when accessing this environment from your desktop client. JRE 6u65 and Higher Users To further enhance Java security the option to install the certificate into the Java certificate store and remember the decision for future logins when using self-signed certificates has been removed in JRE 1.6.0_65 (6u65) and higher. This warning message will therefore appear each time you start a new session if using self-signed certificates. To prevent this message appearing sign your jar files using a trusted CA by following Document 1591073.1. JRE 6u65 certificate warning Click the 'Run' button to open the form. Note: If you are using a self-signed certificate for jar signing the Publisher will display as UNKNOWN in the Java 'Warning - Security' window as shown above. This is an intended change in behavior to avoid misrepresentation and spoofing attacks. Trusted signing authorities will continue to display the publisher name as in previous JRE Plug-in releases. Uninstalling a JRE Plug-in Version from your Desktop Client To uninstall a jre Plug-in version from your Windows desktop client, follow the steps appropriate to the version of Windows you are using. Windows XP To uninstall a JRE Plug-in version from your desktop client: 1. From the Windows 'Control Panel', click on 'Add or Remove Programs'. 2. Select the appropriate version of 'Java 2 Runtime Environment' and click 'Remove'. 3. Select the appropriate options in the dialogs which follow. Windows Vista and Windows 7 To uninstall a JRE Plug-in version from your desktop client: 1. From the Windows 'Control Panel' click on 'Programs and Features'. 2. Select the appropriate version of 'J2SE Runtime Environment' and click the 'Uninstall' button. 3. Select the appropriate options in the dialogs which follow. (An administrator's password is required for this). Reverting to a Previous Java Plug-in Version If you wish to revert back to previously installed version of the Java Plug-in to be used in the Oracle E-Business Suite, please re-install the required version by re-running the txkSetPlugin script with the appropriate parameters. Running this script is explained in Step 5.1. Run the JRE Upgrade Script (Unix Users) and Step 3.2. Run the JRE Upgrade Script (Windows Users). This will automatically update the JRE parameters in the configuration files of your Web Application Tier.