KFF Security Rules question

Similar Messages

• Not able to get rid of security-related questions in runtime

  Hi,
  I am simply using NetBeans 6.0.1 and the emulator QwertyDevice and the emulator platform WTK 2.5.2 for CLDC.
  I have chosen Alias as trusted in the signing option in the project configuration page. however still I am getting security confirmation questions in runtime to access the local files for instance.
  Would anyone please advise me how to get rid of that?
  Also I have deployed the application on SonyEricsson k800i and would like to get rid of the security confirmations on that device as well. What is the guideline?
  Thank you

  Right clicking on it is not even an option, just hovering over it seems to induce a "nuclear" reset of the whole desktop and graphic card on the iMac.
  Have meanwhile found a possible solution by erasing the dock preference file in the user/library/preferences folder to reset the dock to it's default state. Will try this out through a Skype conversation with that Buddy.
  Was seen here :
  https://discussions.apple.com/message/16447109#16447109
  Thank you for stepping in. Good to know that people are still willing to help in this community.
  Greetz to the UK from France

• Standard Oracle report for the "security rules define/assign"

  Dear all:
  Is there any Standard Oracle report to show the :"Application --> Setup : Financials : Flexfields : Key : Security " flexfield "security rules define/assign" ?
  Regards
  Terry
  Edited by: Terry Chen on 2010/5/4 上午 2:27

  yes i believe there is one report in sysadmin or gl which shows this.

• Security upgrade question - Getting 6.1.6 downloaded to iphone.

  Security upgrade question - I have a 4S phone v6.01 with an upgrade to IOS 7.04 already downloaded and ready for install.  I would like to install the 6.1.6 security upgrade instead. How do I delete the ios7 in the queue or have the 6.1.1 pushed as an option to the phone?

  You can't install iOS 6.1.6 on that device and must update it to 7.0.6.
  (101120)

• SAP GUI 7.20 Security Rules - How to 'Always Allow' Everything?

  The SAP GUI 7.20 comes with a list of security rules.
  What is the best way to allow all access so that user's wont get any security prompts?

  @Sven, section 2.5 refers to 'Central Repository for Security Configuration'. Like Michael, I have a large number of users and we package and distribute software using non-SAP software. We can't have a central repository that all users can connect to so the 'Location' registry entry wouldn't work for us.
  @Michael:
  > Under the SAP GUI Configuration / Security / Security Settings you can change the default of "Customized" to Disabled.
  Do you mean 'Default Action = Allow'? Mine is set to that, but I still get pop-up prompts.
  Would setting 'SecurityLevel = 0' result in the SAP GUI have the required result?
  I realise that this process would need to be followed:
  - Administrator should install a new version of the SAP GUI 7.20 onto a PC
  - Administrator should edit the registry values using the rule editor in the 'Security' node of the SAP GUI options dialogue
  - A saprules.xml file will then be generated
  - The saprules.xml file should then be copied from the %APPDATA%\SAP\Common folder to the location specified in the registry value 'Location' (maybe make Location a folder on the PC? and put the saprules.xml file into there?)
  - The saprules.xml file in the location specified in the registry value 'Location' will not be overwritten by SAP GUI patches or new installations, however it may need to be updated to include new features
  Note:
  - Registry values are stored in different places for 32 bit and 64 bit PC's

• I foreget my  security answer questions. --app store

  I foreget my  security answer questions . --app store
  I can not buy any thing without answeing this questions
  Pls help me to repair this problem

  Q - Can I change the answers to the security questions for my Apple ID?
  A - Yes. You can change the answers to the security questions provided when you originally signed up for your Apple ID. Go to My Apple ID and click Manage your account.
  http://support.apple.com/kb/he37
  Manage your Apple ID -
  https://appleid.apple.com/cgi-bin/WebObjects/MyAppleId.woa/

• Cross validation & Security rules

  Hi,
  In a typical business scenarios which are the code combinations recommended for
  i)Cross Validation rule
  ii)Security rule
  to have better control?
  Thanks

  Hello.
  It depends on your needs. Suppose you have 2 (01, and 02)companies sharing the same Chart Of Accounts. In order to avoid entering journals from company 01 into company 02 you should create a security rule to reject all code combinations starting by 01 when a Responsibility from company 02 is being used.
  Cross validation rules are used to avoid the creation of code combinations that you may think as inappropriate within the company itself. For example, to use the Cost Center segment when the Account segment is not a cost or a revenue.
  Octavio

• Cross Validation Rules & Security Rules

  Hi all,
  Is there any one who knows where I can function/package for cross vaildation rules & security rules in GL Modules?
  I need them for our customization form before all transaction move from custom table and API table. It means we need to validate all transactions correctly in our custom form before its generated into transaction table in particular module.
  I appreciate any info.
  Thanks

  Hi,
  Thanks for your reply.
  Actually we a have customization form and interface. Due the customization programs need to use CVR, I need to know if there's a package/function/script to call this CVR procedure that we can attach to our customization programs. Before we send the transactions to API (open interface table) we already make sure there's no problem in accounting (code combination) since we activated CVR for generating account combinations.

• Security Rules in Oracle Financials GL

  I have defined security rules in Oracle Financials GL version 11.0.3. The security rules can be applied in form level.
  e.g For account inquiry, only limited accounts can be viewed.
  But for all reports in Oracle Financials, it's not restricted by the rules. How can I applied those rules in reports as well?

  Unfortunately data in standard and bespoke oracle reports is not restricted by security rules by default.
  Security can be enabled for FSG reports.
  If you need security rules to be applied to standard reports, I am afraid, you need customization.

• UMX - Can I setup Data Security in UMX similar to Security Rules?

  Hi;
  Is it possible to setup something similar to Security Rules in UMX? I would like to grant the same Role to different users, and assign these users different security. All my reading of UMX so far has pointed me to creating objects and granting security permissions, but I don't know how to go about implement it. If one of you has successfully implemented this, can you please share your steps?
  Thanks, Al

  Hi Al,
  restricting FND... Tables is maybe not the best idea. You should always use standard functionality to achieve the same (if available).
  1/ Is your request related to an Oracle Standard Form, if yes, which one?
  2/ Do you talk about the GL Code Combination? Would you like to restrict a value from this segment?
  3/ Data Security is a very low level technique, if you use it, such a person where the rule is enabled can never and nowhere see "removed" lines (values). Not in other forms, not in reports, not in interfaces or concurrent requests. So if you use it, be very careful.
  Please send your email address to me, my one you can get by clicking on my name.
  Thanks
  Volker

• Security rules in apps EUL

  Hi,
  It is possible to implement in apps EUL security rules set for Key Flexfield? If yes, how do that?
  rgds,
  Krystian

  Hi Krystian,
  What you want to do is possible and can be achieved by using the GL_SECURITY_PKG in the chosen view. The view will need to include the following condition: gl_security_pkg.validate_access(sob_id, ccid) = 'TRUE'’
  Once your view is setup and ready, you’ll need to create your Key-Flexfield security rules and assign them to a Responsibility. Users will need to run the report under that responsibility for it to work.
  Some links for handy reading regarding using the GL_SECURITY_PKG:
  Re: Speeding up or Caching the gl_security_pkg.validate_access(sob_id, ccid)
  Re: Free Discoverer views for Financials, or BIS?
  Hope this helps ;-)
  Lance

• Security/session questions

  Hi,
  I have some security/session questions for you guys.
  My application uses flex, blazeds and spring. I use RemoteObjects to initiate calls from flex to java. The application consists of a login screen and 'other screens' available only to authenticated users after login. When the user logs in the server stores user credentials on the FlexContext (FlexContext.getFlexSession().setAttribute). So if the server timeout is reached and the user presses 'refresh' the user is thrown out and the login screen appears.
  Question 1: How can I check if the timeout is reached when the user makes a call to the server, without checking manually against the FlexContext. Are there any config parameters to set?
  Question 2: Is it necesssary to check against the user credentials in the session for every flex-to-server call? (I guess someone can omit the login screen and do a manual call)
  Question 3: If the answer to question 2 is yes, how can I check against the session credentials? The only way I can think of is calling a method which checks the session attribute manually, but then I have to remember to add this method call to each of the methods called from flex through Blazeds. Is it, for example, possible to call the user-logged-in method before the method given in the RemoteObject is called? (If not authenticated, do not run method).
  Hope someone got the time to help me out.

  I appreciate your answer, but as you yourself write, I think there must be a blazeDS way. But as nobody with extensive BlazeDS knowledge answers this post, I probably have to google this topic even more.
  Following are the main changes in my application: (Introducing spring security)
  Everything seems to be working as it should. But as already stated, I'm a newbie. So if anybody see something suspicious, let me know.
  The main problem I had implementing Spring Security was something that should be easy, but somehow it was not: the loading of the context files. Before introducing the spring security I only had one application-context file, and this was loaded by the DispatcherServlet. When introducing security I tried to add this to the same file. It did not work. Then I tried splitting up the files, and loading both using DispatcherServlet. It did not work. Then I tried loading both using ContextLoaderListener. It did not work. Finally I found the solution. Flex settings must be loaded by the DispatcherServlet, and spring security settings must be loaded by ContextLoaderListener. This work. I don't know if this is the only solution.
  On the server:
  web-xml:
  <context-param>
          <param-name>contextConfigLocation</param-name>
          <param-value>
              /WEB-INF/config/web-application-config.xml
              /WEB-INF/config/web-application-security.xml
          </param-value>
      </context-param>
      <filter>
          <filter-name>springSecurityFilterChain</filter-name>
          <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
      </filter>
      <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
      </filter-mapping>
      <listener>
          <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
      </listener>
      <servlet>
          <servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
          <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
          <init-param>
              <param-name>contextConfigLocation</param-name>
              <param-value>/WEB-INF/config/flex-application-config.xml</param-value>
          </init-param>
          <load-on-startup>1</load-on-startup>
      </servlet>
  flex-application-context:
  <flex:message-broker>
          <flex:secured/>
      </flex:message-broker>
  web-application-context:
  I had to implement my own authentication mechanism. Had to compare the username/password against an object attribute. So this bean is not mandatory, but I think you have to write down username/password/role in flex-application-context if not provided.
  <bean id="customAuthenticationProvider" class="packagename.CustomAuthenticationProvider">
          <security:custom-authentication-provider/>  
  </bean>
  web-application-security:
  <http entry-point-ref="preAuthenticatedEntryPoint" />
      <beans:bean id="preAuthenticatedEntryPoint"
          class="org.springframework.security.ui.preauth.PreAuthenticatedProcessingFilterEntryPoint " />
      <!-- Securing the service layer -->
      <global-method-security>
          <protect-pointcut expression="execution(*package.ServiceImpl.*(..))" access="ROLE_USER"/>
      </global-method-security>
  On the client:
  private function login():void {
      var cs:ChannelSet =  ServerConfig.getChannelSet(loginRemoteObject.destination);
      var token:AsyncToken;
      token = cs.login(username, password);
    // Add result and fault handlers.
    token.addResponder(new AsyncResponder(loginResultHandler, loginFaultHandler));
  private function logout():void {
      var cs:ChannelSet =  ServerConfig.getChannelSet(loginRemoteObject.destination);
      var token:AsyncToken = cs.logout();
    // Add result and fault handlers.
    token.addResponder(new AsyncResponder(logoutResultHandler, logoutResultHandler));

• Forget security answer question

  im forget the security answer question

  If you have a rescue email address (which is not the same thing as an alternate email address) set up on your account then go to https://appleid.apple.com/ and click 'Manage your Apple ID' on the right-hand side of that page and log into your account. Then click on 'Password and Security' on the left-hand side of that page and on the right-hand side you should see an option to send security question reset info to your rescue email address.
  If you don't have a rescue email address (you won't be able to add one until you can answer 2 of your questions) then you will need to contact iTunes Support / Apple to get the questions reset.
  Contacting Apple about account security : http://support.apple.com/kb/HT5699
  When they've been reset (and if you don't already have a rescue email address) you can then use the steps half-way down this page to add a rescue email address for potential future use : http://support.apple.com/kb/HT5312

• Can VPD Virtual Private DB in 10g replace Oracle Apps security rules?

  I read the recent article in Oracle Magazine called 'Testing Database Security', especially the section on Virtual Private Database (VPD), caught my attention. Can this feature of the 10g database be used by the Oracle Apps to restrict access to data through the apps login? We just moved to 10g.
  Our current data security is enabled by leveraging security rules attached to responsibilities. Our security rules restrict by operating unit, of which there are 89. It would be great if VPD could be used, as it might replace the need to create 89 separate security rules. We would maintain just one set of policies.
  Does anyone know if this can be used on the applications level? If anyone has done this, do you know of a documentation link that would help?
  Thanks for your insight.

  Sebes,
  Thanks for the link...it sounds like it may be part of the Oracle future landscape, but for now, we will have to live with security rules.
  Sincerely,
  Brenda

• Security rule whether be checked when journal import

  Hi All,
  Thanks for your attention, I have got an issue about security rule.
  When I used gl_interface to import journals into EBS system, I think the security rules will not be checked, it only check cross-validation, but I found sometimes security rule is checked for some responsibilities when journal import, why this happened, and is there any profile or setup to control it?
  Thanks for your help.
  Best Regards
  Spark

  Hi Spark,
  It looks like Journal Import doesn't check for Security rules, but it checks for cross validation rules upon dynamic insertion. Sorry for the misled earlier. You can check the metalink note, Journal Import - FAQ [ID 107059.1]. Here are the comments for the note,
  A04. Does the Journal Import process check for Cross-Validation or Security
  Rules violations?
  Journal Import does not check security rules. Transactions that come
  from Oracle subledgers (AR, AP, etc.) already have the CCID (Code
  Combination ID) in the GL_INTERFACE table. These have been validated
  in the feeder system.
  You can also populate the accounting segments directly into the
  gl_interface table and let Journal Import populate the
  code_combination_id. If dynamic insertion is enabled, and this is a
  new combination, then the import program will check for cross
  validation rule violations.
  Thanks,
  Kiran