web adi

简单的办法是直接修改数据库服务器的SQLNET.ora文件，里面加入IP或者干脆拿掉限制。

详细地解决方案如下：Metalink Notes 291897.1

//////////////////////////////////////////////////////////////////////////
SQL*Net Access Security Option
==============================

11.5.10 adds a new security feature that restricts remote connections to the
Database for clients that are not registered on the System.
After a 11.5.10 Fresh Install or Upgrade, this feature is Enabled by default.

When this option is Enabled, any aditional computers that require direct access
to the E-Business Suite Database (ie: to use SQL*Plus, Toad, SQL*Navigator, etc)
will need to be 'Registered Nodes' to explicitly obtain access.

The Clients can be registered as Nodes on Oracle Applications Manager (OAM):
--> Site Map --> Administration --> System Configuration --> Hosts.
--> Click on the 'Register' button under Other Hosts.

OAM provides a Wizard that can be also used to specify the list of Hosts and
Client PCs that need access the Database via SQL*Net:
--> Applications Dashboard --> Security --> Manage Security Options

If the Node or Client PC is not registered, the connection will fail with the
following Error Message :

---------------------------------
ERROR:
ORA-12537: TNS:connection closed
---------------------------------

All enabled Nodes registered on OAM will be added to the sqlnet.ora file when
AutoConfig is run on the 9i ORACLE_HOME.
When this security feature is Enabled, the sqlnet.ora will add the following lines:

tcp.validnode_checking = yes
tcp.invited_nodes=(JSMITH-PC.US.ORACLE.COM, AOLESC-LINUX.us.oracle.com)

On the above example, AOLESC-LINUX is the Server where 11i is installed and
JSMITH-PC is a Client PC that has been registered as a Node on OAM.

Warning:
========
Be sure the Server can resolve the IP Address for the registered Nodes before
running Autoconfig. Otherwise, the SQL*Net Listener will fail to start.


The SQL*Net Restriction, can be Enabled or Disabled by using the Profile Option
'SQLNet Access' (FND_SQLNET_ACCESS).
This Profile Option can be set with the following values :

- ALLOW_RESTRICTED : Provide Application Database access to Trusted Hosts
SQL*Net restriction is ENABLED.
Any Host or Client PC registered as a Node will be able to connect to the Database.
(ie: Client PCs, Application Servers, etc)

- ALLOW_APPS : Provide Application Database access to Oracle Applications Hosts Only
SQL*Net restriction is ENABLED.
Only the Oracle Applications Hosts will be able to connect to the Database.
Client PCs will NOT be able to connect even if they are registered as Nodes.
(ie: Forms Server, Web server, Admin Server, Concurrent Manager Server, etc)

- ALLOW_ALL : Provide Application Database access to all
SQL*Net restriction is DISABLED.
Any client will be able to connect to the Database.
Client PCs will not need to be registered as Nodes.

- Null Value (No value) : Same effect as ALLOW_ALL. Provide Application Database access to all.
SQL*Net restriction is DISABLED.
Any client will be able to connect to the Database.
Client PCs will not need to be registered as Nodes.




How to Disable the SQLNet Restriction:
======================================

ALL PCs can connect to the Database via SQL*Net.

Warning:
========
It is NOT recomended to Disable the SQLNet Access Restriction on Production Environments.
This is for Development and Test Environments ONLY.


- Login to E-Business Suite with the 'System Administrator' Responsibility.

- Go to : Profile --> System

- Query the Profile "SQLNet Access' at Site Level.

- Set the Profile with the Value : ALLOW_ALL

- Save and Exit Oracle Applications

- Run Autoconfig on the 9i ORACLE_HOME
cd <9i ORACLE_HOME>/appsutil/scripts/$CONTEXT_NAME
adautocfg.sh

- Bounce the 9i SQLNet Listener :
cd <9i ORACLE_HOME>/appsutil/scripts/$CONTEXT_NAME
addlnctl.sh stop <SID>
addlnctl.sh start <SID>


How to Enable the SQLNet Restriction:
=====================================

Only Registered PCs can connect to the database via SQL*Net.

- Login to E-Business Suite with the 'System Administrator' Responsibility.

- Go to : Profile --> System

- Query the Profile "SQLNet Access' at Site Level.

- Set the Profile with the Value : ALLOW_RESTRICTED

- Save and Exit Oracle Applications

- Enable Additional Clients from OAM If needed.

- Run Autoconfig on the 9i ORACLE_HOME
cd <9i ORACLE_HOME>/appsutil/scripts/$CONTEXT_NAME
adautocfg.sh

- Bounce the 9i SQLNet Listener :
cd <9i ORACLE_HOME>/appsutil/scripts/$CONTEXT_NAME
addlnctl.sh stop <SID>
addlnctl.sh start <SID>



Network considerations:
=======================

All virtual hosts will have to be manually reconciled with the appropriate
physical mapping.
For example, individual physical machines will have to be registered.

You can only register a network address that can be correctly resolved.
When using DHCP, each PC will normally get the same IP address.
Be sure the server can resolve the IP for the Client PC.

Consider the IP lease times.
Each client contacts the DHCP server after half of the lease time has passed to
renew the lease on the IP. For example. if the DHCP server is set to lease an
IP address for 30 days, the client will contact the DHCP server in 15 days to
renew its lease.
The Network Administrator, can extend the length of the IP lease on the DHCP
Server. Then you could register the IP Addresses of the clients that need access
to the Database.
For example, if someone takes a 2 week vacation on the 14th day of the current
lease, when they get back their PC should still have the same IP address and
renew the lease at that time.

推荐到鲜果：