I seem to have discovered some “undocumented” behavior in the Oracle Application Express Listener. I say “undocumented” because I couldn’t find any reference to it in the documentation. It’s not completely odd behavior but it probably should be documented if it is intended behavior.
First, here is my configuration. I do not know if the issue exists with all configurations of the Application Express Listener.
- Windows 2008r2
- Oracle XE 11gR2
- APEX 4.1.1
- APEX Listener 18.104.22.168
- GlassFish Server 3.1.2
It seems that if procedures are listed in the “Security” –> “Allowed Procedures” –> “Inclusion List” then an Error 403 Forbidden GlassFish web page will result unless ALL the necessary procedures are included.
If it is necessary to list some procedures here then be sure to list ALL the procedures necessary for APEX to operate. This might include something like the following;
wwv_flow_file*,www_flow_file*, p, n, cust*, apex*, f
I am not sure if that is a complete list of the necessary procedures but it’s a good start.
Let me know if anyone else encounters this situation.