Forms 6i Roles

Hi everyone,
Does anyone have a good tutorial to help me with the assignment of roles step by step in Forms 6i?
I have try a couple of times to get help from this forum, but nobody have give me the help I need on this thread.
Thanks in advance!!!

Hi Andreas and thanks for your reply, but I was just in a hurry and it seemed like nobody wanted to help, so that's why I decided to ask for a tutorial or something like it.
Thanks for your help!!

Similar Messages

Removing an invalid(disabled) domain user form user roles will cause vmmservice crash

Removing an invalid(disabled) domain user form user roles will cause vmmservice crash

SCVMM 2012 SP1
Sorry， I can't find the error type, but only find some log:
The System Center Virtual Machine Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
detailed xml info:
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
- <System>
<Provider Name="Service Control Manager" Guid="{555908d1-a6d7-4695-8e1e-26931d2012f4}" EventSourceName="Service Control Manager" />
<EventID Qualifiers="49152">7031</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8080000000000000</Keywords>
<TimeCreated SystemTime="2014-02-18T03:09:32.149403100Z" />
<EventRecordID>39151</EventRecordID>
<Correlation />
<Execution ProcessID="844" ThreadID="12512" />
<Channel>System</Channel>
<Computer>POV.europe.corp.microsoft.com</Computer>
<Security />
</System>
- <EventData>
<Data Name="param1">System Center Virtual Machine Manager</Data>
<Data Name="param2">1</Data>
<Data Name="param3">100</Data>
<Data Name="param4">1</Data>
<Data Name="param5">Restart the service</Data>
<Binary>5300430056004D004D0053006500720076006900630065000000</Binary>
</EventData>
</Event>

Form Based Role Validation

I am trying to use the form based security role validation. I am using JDeveloper's built in OC4J. I am getting to my login form but when I try to submit I get the following:
java.lang.IllegalArgumentException: Resource /j_security_check?j_username=myuserhere&j_password=mypasswordhere not found
I have the user defined in the principals.xml file I am specifying the location of the principals.xml file in the WEBAPPNAMEHERE-oc4j-app.xml file which seems to be where JDeveloper wants it.
Any ideas?

See section 12.5.3.1 of the Servlet 2.3 specification for details. You need to be sure your HTML file uses the j_security_check, j_username, and j_password names like this:
<form method=POST action=j_security_check>
<input type=text name=j_username>
<input type=password name=j_password>
</form>
The method must be POST, not GET. This means that the user/pass information will not be visible in the URL that is set back to the server; it will instead be in the HTTP request body.

Forms/Reports: Role of the Database cache and Web cache

Hello oracle experts,
I am running a purely Forms and Reports based environment (9iAS).
My question are:
a. Is it possible to use features from the Web Cache and
Database Cache to boost the performance of my applications?
b. Are all components monitorable from the OEM?
Please guide me so that i can configure my OEM to monitor my
forms and reports services.
thanks in advance for your reply
Kind regards
Yogeeraj

Hi BradW,
The way this is supposed to be done in Web Cache is by keeping separate copies of a cached page for different types of browsers distinguished by User-Agent header.
In case of cache miss, Web Cache expects origin servers to return appropriate version of the page based on browser type, and the page from the origin server is just forwarded back to browser.
Here, if the page is cacheable, Web Cache retains a separate copy for each type of User-Agent header value.
And when there is a hit on this cached page, Web Cache returns the version of page with the User-Agent header that matches the request.
Check out the config screen titled "Header Association" for this feature.
About forwarding requests to different origin servers based on User-Agent header value, Web Cache does not have such capability.

Hundreds of roles for a J2EE application using SSO/OID

We are starting to develope a J2EE software that will have hundreds of logical roles. These logical roles must be assignable to users and groups on OID.
When prototyping this scenario, we were not able to make this work well enough. Namely, in OIDDAS (which will be used by the end users to administrate users), all the "role groups" and user groups are always shown in one listing.
Ideally, what we would want is to only have configurable user groups visible in OIDDAS and all the fine-grained roles would be assignable to users and groups separately. Tthe "Roles Assignment" section in user/group edit screen is quite close to the idea though having hundreds of low-level roles listed there will make administration a bit complex.
We have also considered hiding the raw "role groups" from OID by moving the low-level administration to Enterprise Manager, where multiple logical roles would be mapped to composite OID groups. However, we currently don't see this as a viable option since we don't want to allow normal login administrators access to OEM where they can break too many things.
How have you guys solved the problem of mapping hundreds of roles to user-configurable groups and users? What would you suggest? Is our planned approach (map logical roles to LDAP groups) the wrong way to try to solve the issue? What would be a better way?
Thanks in advance,
Keke

Hi Peter,
Thanks a lot for your post.
My requirement is such that I have to fetch nodes from WLP content management system and all the associated data (content, security related info) with that node. Since security for a particular node is in the form of roles, I need to fetch the roles list for the node under processing.
However my application requirement is such that any user can ask for retrieval of node(its contents). In that case I need to check whether user lies in the list of roles defined for the current node (node for which user asked).
Thus my requirement becomes: Checking whether a user is in the given list of roles.
A careful investigation if the API's helped me find out a method isUserInRole(role, rolemap), but this method provides information for the logged in user only.
My application will login thru admin credentials(weblogic, weblogic) and will chekc other users say bryan, linda are in the roles list of the nodes under procesing.
Please guide.
Regards,
Shakti

I need a report with Rol - Transaction

Hello everyone, I have a list with many roles and I need the transaction's list on each role in this role's list, I know I can get this information from Tx SUIM, but from this Tx I need to put each role in the filter and merge all the result, there is any way to do get this report in one time.
Thank you very much

use table AGR_TCODES, if the roles are desinged to have tcodes added form the role menu
Or use talbe AGR_1251 for 'active' objects for S_TCODE

What are Roles and Role entry points in the context of windows azure?

I am just starting out with my journey towards understanding azure. I have a vague idea about the Web and Worker roles.
So when I am publish-deploying a website on azure from visual studio, am I doing something with respect to roles? Am I starting up a Web role?!
RoleEntryPoint: But this is actually related with the web/worker roles and services. My understanding is that the RoleEntryPoint is some code which is executed when you deploy "services" on the azure cloud. These services either have a web role or
a worker role.
What is "services" in this context? So what traditional (on-premise) app would be analogous to a service that has a web worker role? A WCF service or WebApi? Or can it be a website? So would a service having a worker role be something analogous to
a "windows service"?
And finally RoleEntryPoint. I don't get the use case. From what I've seen,
say you want to initialize some related services that support your main service, for e.g. a cache server, or a sql database, you have have the initialization logic written in these classes and make the code perform them.
There are definitely other ways to do this right? You don't need to necessarily tie the deployment of that main service with the initialization of the other services. They could be separate deployments, right?!
I am a bundle of mistakes intertwined together with good intentions

Hi deostroll,
From you post I understand you've read quite a lot about Azure, but I'm affraid there's still some misunderstanding on what all these terms mean.
Azure is a cloud computing suite of services tiered into three categories: IaaS, PaaS and SaaS. IaaS stands for Infrastructure-as-a-service and is an offering where Microsoft allows you to run your own virtual machines. You will handle everything from software
patching, network connectivity (from the application level: virtual networks etc.), software installition and configuration etc. Basically everything you would do today on your own premise except for whatever concerns hardware (bare-metal). PaaS stands for
Platform-as-a-service, and is a middle offerint, where Microsoft selects some VMs and is responsible for periodically patching this machines. You don't have to care about IIS or whatever existing applications there are on the VM either, because it's Microsoft's
job to do this. Last but not least, SaaS stands for Software-as-a-service, and is the offering where you use a piece of software without even knowing what infrastructure exists behind it: I guess you've used some sort of webmail client before, right? That's
a SaaS.
When it comes to Windows Azure, IaaS is offered as Azure VM, PaaS is offered as Azure Cloud Services (formely known as Azure Hosted Services, should you get across documentation that uses that term instead) and SaaS is offered in the form of: Azure WebSites,
Azure Mobile Services, Azure Media Services and many more.
When you talk about either web roles or worker roles, you actually talk about two forms of roles that exist in the context of an Azure Cloud Service. Basically, when you create a cloud project from Visual Studio, you end up in adding either Web projects
which might (but not necessarily) be linked as a Web Role to your Azure Cloud Service. You may also add, to the same solution, Worker Role projects. As you've probably already guessed, whenever you add a Web role, the web project it references is a web project
in the literal term: ASP.NET Web Project, whether that is WebForms, MVC, MVC WebAPI that's all completely up to you. However, what is a worker role project, you might ask? A worker role project might be though of just as a console application. You basically
get absolutely no UI, but your code runs as long as it runs inside an infinite loop at some point. If the loop stops, just like a console application, your worker role will stop which will force the Azure FabricController to refresh your role. Consider the
FabricController has the guardian of all roles, which will auto-magically 'respawn' your roles whenever something goes wrong, whether that's a software issue in your app, in the OS or a hardware failure.
Moreover, keep in mind that every role in your cloud service project ends up in being created as a separate VM. What this means is that you will have separate VMs for each roles in your cloud service, so even if you create several web projects, you still
get one machine, with one IIS instances with a single web application (yours) for each of your cloud's roles. Same goes for worker roles.
I hope this information clears up some of the questions you might have.
Alex

OIM 11.1.1.5 provisioning role based objectclasses and attributes

TL;DR You can't provision some attributes in our LDAP directory without the objectclass and I can't figure out the best way to inject the dynamic objectclasses into the create user process without the user being created already.
Some background:
I have configured our oim 11.1.1.5 instance and LDAP connector to provision ODSEE. At another's recommendation, I put all possible LDAP attributes in a single form regardless of which objectclass was needed for them. In ODSEE, sets of attributes are allowed through objectclasses for each 'Role'. ie. Student, Employee, Guest, etc objectclasses. I have all of the roles identified in OIM and can map them to an objectclass in LDAP
My question is, how can I provision role based objectclasses along with the common ones that are configured in the lookup so that when the associated attributes are provisioned, I don't get objectclass violations?
Can I append objectclasses to the list stored in the Configuration lookup in ldapUserObjectClass?
Should I create a child form containing the objectclasses and try to provision them?
Can/should I create a child form for each set of attributes by role? Common attribs in the LDAP_USR form and role based attribs in UD_LDAP_STU, UD_LDAP_EMP, UD_LDAP_GST, etc. Would prepop and the rest of the main form functions work the same?
Anything else I'm not thinking of? I am still a novice with some of these topics and may be way off base.
Any help will be greatly appreciated and thank you in advance

It is definitely doable if you use a custom LDAP connection implementation and just add objectclass update calls as needed as precursor tasks for the Update tasks.
Here is a small LDAP demo tool that you can adapt to do the update: http://iamreflections.blogspot.com/2010/08/manage-ad-with-jndi-demo-tool.html
There may be a smarter and more out of the box way to do it but this will work.
Martin

Help ! bypass forms login for .fmx form !

Hello friends,
I need your expert advice on a Forms 6i Login Form issue,
I have spent many miserable days now trying to figure
it out........
Is there anyway to bypass the forms logon when a user
clicks on a custom logon.fmx form that I have created.
...I have tried an on-logon trigger that logs in a special
user but what happens is that user remains logged in and
the uid/pswd input into the custom login form is ignored.
I also have tried putting the special user login in the
start-up properties of an icon created for the login.fmx formbut
I still get the same result.....what am I doing wrong ?
Please accept my thanks in advance for your help.

Got that stuff from meta link - perhaps something of this will help you if not solved yet?
Subject: How to Customize Logon Behavior
Type: FAQ
Status: PUBLISHED
Content Type: TEXT/PLAIN
Creation Date: 28-AUG-1995
Last Revision Date: 14-MAY-2002
Document ID: 106573.366
Title: Customizing Logon Behavior
Creation Date: 19 September 1994
Last Revision Date: 01 December 1995
Revision Number: 3
Product: ORACLE FORMS
Product Version: V4.0/V4.5
Platform: N/A
Information Type: ADVISORY
Impact: MEDIUM
Abstract: Methods and examples of customizing the logon behavior for
Oracle Forms 4.0/4.5
Keywords: FORMS;LOGON;CONNECT;DATABASE
Customizing Logon Behavior
Introduction
============
By default, Oracle Forms will attempt to establish a connection to a
database when starting up a Runform session. If the connect
information (username, password, connect string) is not specified as
parameters to the Runform executable, Oracle Forms will pop up a logon
window.
This bulletin details methods of commonly-asked-for customization of
this logon behavior, including running a form without logging onto a
database, defaulting the connect string, and creating a custom logon
window.
Objective
=========
This bulletin will primarily focus on the On-Logon trigger and the
LOGON built-in. The On-Logon trigger, if defined, replaces the
default logon behavior of Oracle Forms. Within that trigger, the
LOGON built-in actually establishes the connection. If called from
outside the On-Logon trigger, the LOGON built-in calls the On-Logon
trigger.
Running Without a Connection
============================
Forms that do not access any data do not require connections to the
database. By telling Forms not to establish a connection, startup
time is reduced and the operator will not be prompted for connect
information. The following On-Logon trigger eliminates logon
entirely:
On-Logon (Form Level)
NULL;
Small Changes to Default Behavior
=================================
Here is an On-Logon trigger which mimics the default behavior of
Oracle Forms when it performs a connect.
On-Logon (Form Level)
DECLARE
un VARCHAR2(30);
pw VARCHAR2(30);
cs VARCHAR2(30);
upc VARCHAR2(200);
connected BOOLEAN := FALSE;
tries NUMBER := 3;
PROCEDURE get_connect_info IS
BEGIN
un := GET_APPLICATION_PROPERTY(USERNAME);
pw := GET_APPLICATION_PROPERTY(PASSWORD);
cs := GET_APPLICATION_PROPERTY(CONNECT_STRING);
END;
BEGIN
get_connect_info;
IF un IS NOT NULL THEN
LOGON(un, pw||'@'||cs, FALSE);
IF FORM_SUCCESS THEN /* Successful logon */
connected := TRUE;
END IF;
END IF;
WHILE connected = FALSE and tries > 0 LOOP
upc := un||pw||cs;
LOGON_SCREEN;
get_connect_info;
IF upc = un||pw||cs THEN
EXIT;
END IF;
LOGON(un, pw||'@'||cs, FALSE);
IF FORM_SUCCESS THEN /* Successful logon */
connected := TRUE;
END IF;
tries := tries - 1;
END LOOP;
IF NOT connected THEN
RAISE FORM_TRIGGER_FAILURE;
END IF;
END;
Note that the GET_APPLICATION_PROPERTY(CONNECT_STRING) will not work
in versions prior to 4.0.13 of Oracle Forms. In prior versions, the
connect string is part of the password.
Small deviations from the default connect behavior can be accomplished
by modifying this code:
* To allow more or fewer logon attempts, increase the initial value of
the counter variable, tries.
* To default the connect string, change the calls to LOGON from:
LOGON(un, pw||'@'||cs, FALSE);
to use a hard-coded connect string:
LOGON(un, pw||'@<connect string>', FALSE);
* These lines can also be modified to hardcode username or password.
Hiding the Logon Information
============================
For security reasons, many customers do not want their users to be
able to access the database except through the forms. One way to do
this is to have the form handle connecting to the database, which
keeps passwords away from the users. In V7, the best way to do this
is to have the form set role to a privileged role. However, a quick
and dirty way to do it is to have the form connect to a privileged,
secret ORACLE account.
The following On-Logon trigger establishes a connection using
hard-coded values for username and password. Users will be able to
connect to the database without knowing the account or password:
On-Logon (Form Level)
LOGON('SCOTT','TIGER@T:MYHOST:V716');
Deferring Logon
===============
Connection can be deferred until later in the Forms processing.
On-Logon (Form level)
DECLARE
un CHAR(30);
pw CHAR(30);
cs CHAR(30);
BEGIN
DEFAULT_VALUE('N','global.logon_now');
IF :global.logon_now = 'Y' THEN
LOGON_SCREEN;
un := GET_APPLICATION_PROPERTY(USERNAME);
pw := GET_APPLICATION_PROPERTY(PASSWORD);
cs := GET_APPLICATION_PROPERTY(CONNECT_STRING);
LOGON(un, pw||'@'||cs);
END IF;
END;
When the form starts up, it will not try to log on since the flag
logon_now will be defaulted to N. When you do wish to log onto the
database, use the syntax:
:global.logon_now := 'Y';
LOGON(NULL, NULL);
This sets the flag to Y and causes the On-Logon trigger to fire, so
the form connects to the database.
Customizing the Logon Screen
============================
The built-in LOGON_SCREEN calls up the default Forms logon screen to
capture the username, password, and connect string. However, you can
also use a customized logon screen. The following tutorial creates a
form which can be used as a replacement logon screen from any form.
NOTE: Coordinate System is assumed to be pixel.
1. Create a new forms module and change only the following properties:
Name: LOGON
Title: LOGON (v4.5)
2. Modify only the following properties for WINDOW0
(v4.0, Create this window):
Name: LOGON_WINDOW
Width: 126
Height: 108
Title: Logon
Style: Dialog
Modal: TRUE
Fixed Size: TRUE
Iconifiable: FALSE
Inherit Menu: FALSE
Zoomable: FALSE
3. Create a new canvas (v4.0, Modify CANVAS0) and modify only the following
properties:
Name: LOGON_CANVAS
Window: LOGON_WINDOW
Width: 126
Height: 108
4. Modify only the following properties for LOGON_WINDOW:
View: LOGON_CANVAS
5. Create a new block and modify only the following properties:
Block Name: LOGON_BLOCK
6. Create three text items on canvas LOGON_CANVAS for block LOGON_BLOCK
with properties as follows:
Name: USERNAME
X Position: 12
Y Position: 8
Width: 102
Height: 18
Name: PASSWORD
X Position: 12
Y Position: 31
Width: 102
Height: 18
Secure: TRUE
Name: CONNECT
X Position: 12
Y Position: 54
Width: 102
Height: 18
7. Create two push buttons on canvas LOGON_CANVAS for block LOGON_BLOCK
with properties as follows:
Name: LOGON
X Position: 12
Y Position: 84
Width: 52
Height: 18
Label: Logon
Mouse Navigate: FALSE
Default Button: TRUE
Name: CANCEL
X Position: 72
Y Position: 84
Width: 52
Height: 18
Label: Cancel
Mouse Navigate: FALSE
8. Code the following program units:
PROCEDURE leave(status BOOLEAN DEFAULT TRUE) IS
BEGIN
IF status THEN
:global.logged_on := 'TRUE';
ELSE
:global.logged_on := 'FALSE';
END IF;
EXIT_FORM;
END;
PROCEDURE initialize_form IS
un VARCHAR2(30) := GET_APPLICATION_PROPERTY(USERNAME);
pw VARCHAR2(30) := GET_APPLICATION_PROPERTY(PASSWORD);
cs VARCHAR2(30) := GET_APPLICATION_PROPERTY(CONNECT_STRING);
BEGIN
DEFAULT_VALUE('3', 'global.logon_tries');
DEFAULT_VALUE(un, 'global.username');
DEFAULT_VALUE(pw, 'global.password');
DEFAULT_VALUE(cs, 'global.connect_string');
:logon_block.username := :global.username;
:logon_block.password := :global.password;
:logon_block.connect := :global.connect_string;
END;
FUNCTION connect_to RETURN BOOLEAN IS
BEGIN
IF :logon_block.username IS NULL THEN
BELL;
END IF;
LOGON(:logon_block.username,
:logon_block.password||'@'||:logon_block.connect, FALSE);
IF FORM_SUCCESS THEN
RETURN TRUE;
ELSE
RETURN FALSE;
END IF;
END;
9. Code the following triggers:
On-Logon (Form Level)
LOGON(:logon_block.username,
:logon_block.password||'@'||:logon_block.connect,
FALSE);
When-New-Form-Instance (Form Level)
initialize_form;
When-Button-Pressed (Item Level, on LOGON_BLOCK.CANCEL)
leave(FALSE);
When-Button-Pressed (Item Level, on LOGON_BLOCK.LOGON)
BEGIN
IF connect_to THEN
leave(TRUE);
END IF;
:global.logon_tries := TO_NUMBER(:global.logon_tries) - 1;
IF TO_NUMBER(:global.logon_tries) = '0' THEN
leave(FALSE);
END IF;
END;
When-Window-Activated (Form Level)
DECLARE
screen_height NUMBER;
screen_width NUMBER;
window_height NUMBER;
window_width NUMBER;
BEGIN
IF :SYSTEM.EVENT_WINDOW = 'LOGON_WINDOW' THEN
screen_height := GET_APPLICATION_PROPERTY(DISPLAY_HEIGHT);
screen_width := GET_APPLICATION_PROPERTY(DISPLAY_WIDTH);
window_height := GET_WINDOW_PROPERTY(:SYSTEM.EVENT_WINDOW, HEIGHT);
window_width := GET_WINDOW_PROPERTY(:SYSTEM.EVENT_WINDOW, WIDTH);
SET_WINDOW_PROPERTY('LOGON_WINDOW', X_POS,
(screen_width - window_width)/2);
SET_WINDOW_PROPERTY('LOGON_WINDOW', Y_POS,
screen_height/2 - window_height);
END IF;
END;
10. Generate and save this form.
11. Create a new form. This form is an example of how to use the
logon form that has just been created.
12. Create a default block, giving this form some items.
13. Code the On-Logon trigger as follows:
On-Logon (Form Level)
CALL_FORM('logon', NO_HIDE);
IF :global.logged_on != 'TRUE' THEN
RAISE FORM_TRIGGER_FAILURE;
END IF;
This will complete the coding for the main form. When the form now
requires a connection to the database, it will use this customized
logon screen instead of the Forms default one.
Oracle WorldWide Customer Support

Grant role and make it default

Hello all,
I'm facing an awkward situation whit the grant command.
Let's say we have a user some_owner that is granted the role some_role with admin option.
We have a procedure owned by some_owner as follows:
CREATE PROCEDURE "+some_owner"."GRANT_ROLE"
(P_USER IN VARCHAR2
BEGIN
EXECUTE IMMEDIATE 'GRANT some_role TO ' ||UPPER(P_USER);
END;
A user some_user who has execute privilege on the procedure is able to successfully execute the procedure using SQL+ and the role some_role is granted (default = Y) to the user.
However, when the procedure is called from a 10g form, the role is granted (default =N)
Have you ever faced a similar situation?
Thanks in advanse
Joseph

Test first post second.
SQL> CREATE USER john identified by john;
User created.
SQL> GRANT oem_monitor TO john;
Grant succeeded.
SQL> SELECT granted_role,default_role
2 FROM dba_role_privs
3 WHERE grantee = 'JOHN';
GRANTED_ROLE                   DEF
OEM_MONITOR                    YES
SQL> GRANT hs_admin_role TO john;
Grant succeeded.
SQL> SELECT granted_role,default_role
2 FROM dba_role_privs
3 WHERE grantee = 'JOHN';
GRANTED_ROLE                   DEF
HS_ADMIN_ROLE                  YES
OEM_MONITOR                    YES
SQL> GRANT finrep TO john;
Grant succeeded.
SQL> SELECT granted_role,default_role
2 FROM dba_role_privs
3 WHERE grantee = 'JOHN';
GRANTED_ROLE                   DEF
FINREP                         YES
HS_ADMIN_ROLE                  YES
OEM_MONITOR                    YES
SQL> ALTER USER john DEFAULT ROLE ALL EXCEPT finrep;
User altered.
SQL> SELECT granted_role,default_role
2 FROM dba_role_privs
3 WHERE grantee = 'JOHN';
GRANTED_ROLE                   DEF
FINREP                         NO
HS_ADMIN_ROLE                  YES
OEM_MONITOR                    YES
SQL> REVOKE hs_admin_role FROM john;
Revoke succeeded.
SQL> GRANT dba TO john;
Grant succeeded.
SQL> SELECT granted_role,default_role
2 FROM dba_role_privs
3 WHERE grantee = 'JOHN';
GRANTED_ROLE                   DEF
DBA                            YES
FINREP                         NO
OEM_MONITOR                    YESGranting or revoking roles has no effect on other existing roles. A granted role is always a default row unless you tell Oracle otherwise.
TTFN
John

Short form or Alias for the long PCD location

Hello Everybody,
We have created some iViews, pages and roles in EP.
Roles have long pcd ID. like:
pcd:portal_content/com.<company name>.<root folder>/<sub folder ID>/<Role name with prefix>
I am using this full text to point to the correct UM role in UWL configuration. This is very long. Can I assign any alias or short name like, portal_requestor so that I can use only "portal_requestor" to point to actual UM role?
Please help me.
Thanks,
Bhavik

Thanks for the response.
But, i tries providing quick link in the role name field. But it doesn't recognize this quick link. It gives error saying, invalid UM role.
Short URLs and Quick links are the options using which we can access any iViews or pages through browser with short url.
But, my issue is, how can I specify role name with such short form in Portal at design time.
If you go to System administration -> system configuration -> Universal worklist & Workflow -> Universal worklist - Administration, You will get a table for Universal worklist Systems.
Try to edit any one system over here. You will get one field called User roles. This is the field where I want to specify different roles for which this UWL system should be used. But, those roles names with prefix are too long. I need some alias or short form for role to specify over here.
Hopefully, now requirements should be clear.
Thanks,
Bhavik

Not able to see Role UDF while creating Role from Admin console

OIM 11g:
I created a Role UDF(under Administration->User Defined Field Definition->Form Name->Roles) in OIM design console. But when I try to create role in admin console I didn't see the UDF which was created from design console.
How to make the UDF visible in admin console. I don't see any authorization policy to make it visible in admin console.
Am I missing any thing here? Pls help.
TiA

Got it.
Added the Role Role Administrators under Administrators tab on Role Form in design console.

User Data Security through forms.

Hi All,
I am working on a forms(10g) which once deployed in application env. will have different level of accesses to different users , like view,edit,etc.
could you please let me how to set up this user data security ,and access levels ...
Is this to be done through forms development , or any environmental setups required?
Any quick pointers in this regard are highlu appreciated.
Thnaks.

Hi,
you can define your user level on oracle form,but these user only work on form level not on database level direct,you can make a proper setup form or role form to provide access to different user but you must mentioned these security on each transactional form.You also make a global procedure as security which maintain security only on form.Hope it'll helpful for you.
Thanks
Baloch.

RBAC for Oracle Forms

How can we have role based access control for Oracle Forms.
Say for example purchase Order, Role 'Creator' will have create access to Purchase Order form, Role 'Verifier' will have only update access to Purchase order form and Role 'Approver' will have view only access to Purchase Order Forms.
Request for quick response as requirement is very urgent.
Thanks & Regards
Vimal

hsawwan wrote:
Please see these docs.
R12 Login Issue on Target After Cloning ,Fresh Install Or Upgrade [ID 435550.1]
"Function Not Available To This Responsibility" After Upgrading To Release 12.1.3 [ID 1200743.1]
Oracle Applications System Administrator's Guide - Security
http://download.oracle.com/docs/cd/B53825_03/current/acrobat/121sasg.pdf
Thanks,
HusseinDear Hussein
I have looked at the above document you have provided, but couldnt get any helpfull information.
The information that this document contains is usefull for OAF forms. We have created four OAF forms
1) to Search, Search page will have two buttons i) Create, when pressed will invoke Create page, ii) Update, when pressed will invoke update page, and view link ii) View, when clicked will invoice page in view mode only,
2) to Create
3) to Update
4) to view
Now, the buttons and link in Search page will have repspective fuction attached to them. so when through grants and permissions if create fuctions is assinged to user say 'X', on search page user will be able to see, create button, and he can create record in create page, if function is not assinged to user, he wont be able to see create button, that mean that user will not have create write.
But how to control the same in oracle standard form.
Regards
Vimal

Incorrect authorization object is checked in SU53. SU53 checks the wrong BP

Hi all,
I am setting up a new user and a new role in CRM 4.0.
When coming to BP maintenance I get some frustrating errors.
I have created a role with BP and SU53 transaction codes assigned.
I have given the authorization to two BP roles:
- 000000 (BP General) Activity: Display
- ZCRM41 (Potential customer) Activity: Display and Edit.
I can display the BP role '000000' but when trying to change to BP role 'ZCRM41' I get No authorization.
SU53 indicates that I am trying to enter another BP role than ZCRM41.
As a result no authorization is given. If I add the BP role the SU53 indicates and retry SU53 another BP role is checked and so on...
Anyone who knows what is wrong?
Points will be rewared!
Thanks,
//anders

Hello Anders,
Thanks for providing me the details. Now I am clear abt the problem.
This is a sort of puzzling tome. Such a behavior should not happen. It can happen only:
a) In SU53, are you seeing the role 'ZCRM41' and customer role as an additional check? If this is the case, there might be some dependency assigned like role groupings (check in SPRO under business partner if these two roles form a role) or if there is any functional dependency.
b) Also make sure that you have assigned and generated the right profile for the role. Some time in a hurry we might miss to cross check this.
c) For business partners, the role authority check is done inside function module BUP_BUPA_EVENT_AUTH1. We need to debug here to find cause for this problem.
Hope this helps.
Regards, Sudheer.

Forms 6i Roles

Similar Messages

Maybe you are looking for