Oracle E-Business suite rapid external application reference architecture
The EBS rapid external Access Gateway architecture represents a set of components required for protecting an external use only Oracle E-Business Suite installation using Access Gateway.
This architecture is designed to meet the following requirements:
- Provide external access to an Oracle E-Business Suite application.
- Fault tolerant - Providing additional instances of Access Gateway, as cluster workers, such that if one is unavailable the cluster continues to perform normally.
- Manage capacity - Providing additional instances of Access Gateway to handle expected load.
- Provide a baseline for testing and development.
Benefits and drawbacks
| Benefits | Drawbacks |
|---|---|
|
|
Architecture
Components
|
Location |
Component | Description |
|---|---|---|
| External internet | Okta org |
Your Okta org, providing identity services. |
| EBS Users | Oracle E-Business Suite users, located in the external network. Accessing Oracle E-Business Suite applications located within the internal network | |
| Firewall | External internet to DMZ | Traditional firewall between the external internet and the DMZ hosting Access Gateway. |
| DMZ | Pre Access Gateway load balancer |
Balances load between external users (clients) and the Access Gateway cluster. Positioned between clients and Access Gateway cluster. |
| Firewall | DMZ to internal | Traditional firewall between the DMZ and the internal network. |
| Internal network | ||
| Access Gateway admin | Access Gateway admin node, handling configuration, configuration backups, log forwarding and similar activities. Accessed by administrators within the internal network. | |
| Access Gateway workers and EBS SSO Agent |
Access Gateway cluster, located in the DMZ is used to provide access to applications used by external internet clients. Containing a pre-configured Oracle EBS SSO agent. Typically hosted in a virtual environment such as Amazon Web Services, MS Azure, Oracle OCI or something similar. See Manage Access Gateway deployment. |
|
| Database | Oracle EBS Database, accessed using a previously defined Database Connect Descriptor file (DBC) | |
| Protected EBS application | The set of protected E-Business Suite web resources. |
Other considerations
The Access Gateway EBS SSO agent passes various header attributes to the underlying Oracle E-Business Suite application.