Oracle Jinitiator
Oracle Applications is based upon a thin client architecture. On the desktop Tier you need almost nothing.. Well almost, it does require a certified web browser and the Oracle Jinitiator.
Oracle Jinitiator is a software that provides the JVM to run oracle form based products which run in the form of a form client applet.The oracle Jinitiator uses its own JVM instead of the browsers JVM.It is isntalled as a plugin ( as in the case of mozilla, Netscape or firefox) or as an Active X component (in case of Internet Explorer).
When Oracle Applications is accessed for the first time from a client PC the Jinitiator is downloaded and installed on the client PC.It is not used for Self Service Web Applications, The JInitiator is invoked only upon clicking a form based application.
After Jinitiator is installed it downloads the form client applet along with the commonly used JAR files, this is done to reduce the network traffic to download JAR files form the server every time.
Jinitiator also performs JAR caching, applet caching and incremental JAR loading to improve applications performance.
These JAR files are commonly stored under the users profile directory with a folder named Oracle Jar Cache.
The Oracle Jinitiator executable is stored on the location $OA_HTML/oajinit.exe
Oracle Jinitiator allows only trusted JAR files to run within its JVM. This trust is established by using digital signatures. In the current version of Oracle Applications the JAR files are automatically signed with the digital signatures during the install of Oracle Applications using rapidwiz. However you can still change your digital signature and repackage your oajinit.exe for security reasons.
During the installation process rapidwiz automatically creates a file in the applmgr user $HOME directory called identitydb.obj, this file has a reference to the SID of the database instance.
If there is a mismatch between this file on the server and that on the clinet PC it often results in the yellow bar problem.
The following files are created automatically by rapidwiz in the current version of Oracle Applications
$APPL_TOP/admin/appltop.cer
$APPL_TOP/admin/adsign.txt
$HOME(applmgr)/identitydb.obj
To create a new digital certificate you can use the adjkey command, while the adjbuild.sh is used to repackage your jinitiator exe.You can also regenerate your JAR files using ADADMIN.
A Jinitiator package should typically contain the certificate and the obj file along with the executable.
In previous versions of Oracle Applications (earlier to 11.5.9) an unsigned JAR file would result in a yellow bar problem, but in the current release of Oracle Application attempting to load a forms with an unsigned JAR file would fail with an a java security exception error.
The latest certified versions of Oracle Jinitiator is 1.3.1.26 to run with Oracle E-business Suite 11.5.10, the least certified version is 1.1.8.16 which is used with release 11, though you can use version 1.1.8.X to access your 11i applications it is recommended that you upgrade your Jinitiator to the latest supported version 1.3.1.X.
You can follow the metalink note id 124606.1 to upgrade your Jinitiator.
An important fact to remember is that any patch applied through adpatch which contains JAR files, these new JAR files are not signed with the digital signature, after the patch is applied adpatch will regenerate all the JAR files and these new JAR files will be signed and trusted to run within the Jinitiator.
To see a list of supported browsers that are certified to access E-Business Suite reffer to metalink Note id 285218.1.
1 comment:
As you mentioned that Oracle Jinitiator allows only trusted JAR files to run in JVM and that we can still change digital signature and repackage oajinit.exe for security reasons.Can you please help me by telling how this can be done
Post a Comment