Is it possible to create read-only users in OM

We have several tasks where creating Read-Only access for non-OM users who require information from specific data fields in OM on a regular basis would be helpful. Currently those users must interrupt the daily work of those Oracle users with OM access in order to get their queries answered; obviously this can be quite disruptive.
Have been told by our IT dept/OM users that creating read-only users is not possible and have not found any general information about the topic via Internet search, so I am posting this general query.
Are there license issues that would prevent this?
Security issues?
Customized OM?
Or is it just too complex to do without creating headaches for a firm's IT department?
Thanks
Lisa

You will have to create new functions with parameter query-only = Yes.
And then create a new menu with those new functions.
And then attach the new menu to the Read only responsibility.
Also see Re: How to change OM responsibility as read-only in oracle applications 11i and the links in that thread.

Similar Messages

  • A question about creating READ ONLY users.

    Dear all,
    I have a question about read only user accounts and I would appreciate if you could kindly give me a hand. I have a schema named SCHEMA1. Whenever I want to connect by using sqlplus I run the following:
    sqlplus user1/[email protected] SCHEMA1.WORLD is the entry in the tnsnames.ora referring to the schema SCHEMA1.
    I need to create a read only user who is able to SELECT all tables and views created by user1 on SCHEMA1 (this user will not modifiy anything at all. The user is used only for a person using SQL queries to read data). for several tables I write the grants explicitly, for example:
    CREATE USER user2 IDENTIFIED BY user2;
    GRANT CREATE SESSION to user2;
    GRANT SELECT ON S001_COR_ECLASS TO user2;
    GRANT SELECT ON REF_ECLASS511 TO user2;Is there anyway to do the same thing but for all the tables (because there are a lot of tables and views)? Besides, even with these granted permissions when the user connects with SQL Developer to the database, he is not able to view the list of tables/views in SQL Developer GUI. What causes this problem?
    Thanks in advance,
    Dariyoosh

    Hello Dariyoosh,
    he is not able to view the list of tables/views in SQL Developer GUIyou can either go to "Other Users" - user1 - tables. There you see every table you have permission to select.
    Or you can create a synonym in schema2 for each table in schema1 and set a filter on the tables node of user2 "Include synonyms".
    Regards
    Marcus

  • Create Read Only User in Oracle 10.2.0.4

    Hi., Friends,
    I want to create an user in Oracle 10.2.0.4 with read only rights of my hole database. I am not having Enterprise Manager Console so i want create from command prompt.Can u please explain me the step for create and assign read only role to user.
    Regards
    Mahendran

    Hi Mahendra,
    I am happy with Surendrajain's reply, but with this sql you will not able to view the data present in SAP Schema,
    The entire sql query with the comments in bracket  is given below
    1) create user PPMTEST identified by program1;    
    2) Create role PPMROLE;                           {  PPMROLE is the role name which will be later assigned to the user PPMTEST}
    3) Grant CONNECT to PPMROLE;                                 { CONNECT role allows the user to connect to oracle database}
    4) Grant SELECT_CATALOG_ROLE to PPMROLE;       { SELECT_CATALOG_ROLE role allows the user to view the oracle data dictionary}
    5) GRANT SELECT ANY TABLE to PPMROLE;             { "SELECT ANY TABLE" privilege allows the user to view the table which is present in the SAP schema}
    6) Grant PPMROLE to PPMTEST;                                         { Assigning the role PPMROLE to the user PPMTEST}
    7) COMMIT; 
    Thanks and Regards
    Debdeep

  • Read only user creation for Oracle EM Console 11.1.1.5

    Dear All.
    I have created Read only user for Oracle EM Console.
    I have followed below link to do the same
    http://moshe-soa.blogspot.com/2011/09/blog-post.html.
    I have noticed with read only user is that TEST button in EM Console is active means user with read only user can create a trans, in Prod scenario it is a risk.
    Raised a CR with Oracle and found that it is a bug
    Bug 14082464 - CANNOT DISABLE TEST/TEST WEB SERVICE BUTTON IN SOA EM COSOLE is there in Metalink.
    So my question is there any way by which i can disable the TEST button in EM Conasole.
    I think there are some WLST script or servlet java class available to resolve this issue.
    Can any one confirm this and please suggest if any one aware of any alternative method.
    Thanks,

    Hi, have you got any solution to this problem? I am having exact the same issue in 11.1.1.6.

  • Authorization RADIUS - read-only user on FWSM

    Hi support community,
    I am experiencing an issue while trying to create some read-only users on my FWSM.
    I've setup the authentication on my RADIUS Server, which works fine, and put the aaa authorization command LOCAL  command.
    I've also set the commands - associated priviege :
    privilege show level 3 mode configure command dhcpd
    privilege show level 5 mode configure command privilege
    All this things works great when i authenticate locally on the FWSM.
    However, this is not working whe authenticating via the RADIUS server:
    aaa authentication enable console MY_RADIUS LOCAL
    aaa authentication http console MY_RADIUS LOCAL
    aaa authentication ssh console MY_RADIUS LOCAL
    And i set up the authorization locall, because i dont run any TACACS server :
    aaa authorization command LOCAL
    I managed to make this work on ASA, by sending RADIUS attributes (cf a document that i can't find anymore...).
    So what are exactly the differences between asa and FWSM ?
    On my ASA there was a command i could not run on the FWSM :
    aaa authorization exec authentication-server
    (i am running version 4.1 on FWSM and 8.4 on ASA).
    Thank you for your help.
    Florian

    You really need to see the example given here,
    [Read only user for a schema|http://arjudba.blogspot.com/2008/09/create-read-only-user-for-schema.html]
    [Global read only user|http://arjudba.blogspot.com/2008/09/how-to-make-global-read-only-user.html]

  • ADF: Read only user access to application role on BTFs

    Hi,
    My JDeveloper version is 11.1.1.5
    I am trying to create read only users in my adf application. But I am unable to give read only permissions to the user on bounded task flows/ .jssf page which have editable tables and forms.
    I have searched for the information, I did not find any solution.
    Could some one please help me?
    Many thanks in Advance
    --Anil
    Edited by: 977652 on Apr 5, 2013 6:50 AM

    If you are using ADF BC, you can protect fields at EO level or protect the entire EO (check the security tab). The frontend will then render fields as read-only if your user is only allowed read permissions.
    If you are not using ADF BC, you can implement a custom resource permission as described here (ignore the fact that this is for an entity, the principle remains the same) http://www.oracle.com/technetwork/developer-tools/adf/learnmore/76-insert-update-entity-protection-334421.pdf
    You must then add an el expression to each fields readOnly attribute or you can implement a phaselistener that traverses all fields enclosed within a form and make them readonly.

  • Read only user

    how can we create read only user in database.i mean he can view what ever he wants in the datbase.
    thankx

    >>
    how can we create read only user in database.i mean he can view what ever he wants in the datbase.
    thankx
    >>
    You mean, can read data from any scheam?
    You mean, he can also view data dictionary views?
    It depends which privilege you wanted to give.
    For reading data from another schema, you can always give SELECT ANY TABLE/VIEW privilege to the user.
    Jaffar

  • ODI Studio Read only user

    Hello
    Can you please let me know how to create ODI Studio Read only user ?

    >>
    how can we create read only user in database.i mean he can view what ever he wants in the datbase.
    thankx
    >>
    You mean, can read data from any scheam?
    You mean, he can also view data dictionary views?
    It depends which privilege you wanted to give.
    For reading data from another schema, you can always give SELECT ANY TABLE/VIEW privilege to the user.
    Jaffar

  • How to create ready only user ID in Oracle Apps(EBS) 11i

    Hi,
    We have a requirement of creating a ID in Oracle Apps 11i as a ready only user.
    Please suggest how to create read only user in Oracle Apps 11i ?
    Regards,
    chandrasekar s

    Is this for an application user or a database user ?
    See MOS Doc 1290228.1 for application user.
    This topic has been discussed many times in these forums - pl use the search feature
    https://forums.oracle.com/search.jspa?view=content&resultTypes=&dateRange=all&q=read+only&rankBy=relevance&contentType=a…
    HTH
    Srini

  • Creating a read-only user account

    I am trying to create a read-only user account. Reason being,
    when our users may be able to use MS Access to pull information
    and modify changes (if possible). I was told there is a way to
    do this. Help?

    I'm connecting using ODBC with a user account that I created.
    This dummy account will be available to approx 15 users so they
    can generate reports using Crystal. But, if there is someone
    that wants to generate queries using MS Access, they can still
    modify the data. So, how do I create only select statements to
    disallow users from using MS Access to link to the oracle
    database and change data?

  • Want to create a Read Only user for a given app owner user

    Hi Folks,
    We have an application owner schema, lets call it OWNER, which has different objects living under it.
    Now, for certain reasons, the app group wants a read only user which should be able to view objects living only in OWNER. It would only be able to read things, and have no create or alter types of priv to be able to change anything.
    The first idea was to create a new user (e.g. RO) and give this explicit grants (select only) for all objects in OWNER. Though this works, is a maintenance havoc, since everytime there is a new object in OWNER, you have to remember to give explicit grants to all RO (or RW ) kind of users.
    What i am looking forward to is, some sort of privilege or role concept that apply on the user level, and not on object level. something that allows me to say, all objects of this schema (e.g. OWNER) are visible to user RO. Other restrictions on RO would control read or write behaviour.
    Does this thing exist ? please point me to the documentation/example..
    regards
    raghav..

    CREATE OR REPLACE TRIGGER myTest.trg_mytest
    AFTER DDL
    ON myTest.SCHEMA
    DECLARE
         lv_obj_type VARCHAR2(20) := TRIM(UPPER(ora_dict_obj_type));
         lv_evt_type VARCHAR(20)      := TRIM(UPPER(ora_sysevent));
         lv_obj_name     VARCHAR2(30) := trim(UPPER(ora_dict_obj_name));
         lv_role_name     VARCHAR2(30) := 'myTest_RO';
         lv_stmt          VARCHAR2(4000) := NULL;
         ln_job_nr     NUMBER;
    BEGIN
         IF lv_evt_type != 'GRANT' --lv_obj_type <> 'OBJECT PRIVILEGE' --
         THEN
              DBMS_JOB.SUBMIT(ln_job_nr,'begin execute immediate ''grant ' || ' select on ' ||
                                       lv_obj_name || ' to ' || lv_role_name || '''; END;');
         END IF;
       INSERT INTO TB_EVT_LOG(d_date, description)
       VALUES(SYSDATE,  lv_obj_name || '~~~~ created ' || lv_obj_type || '~~~~' || lv_evt_type );
       EXCEPTION
         WHEN OTHERS THEN
           RAISE;
    END trg_mytest;
    /This works. But, my problem is that it is not able to filter out the Grant statement itself, Its logging an entry for the grant (as a ddl operation as well).
    what am I doing wrong here ?
    regards
    raghav..

  • Read-only user for Weblogic 6.1 sp2 console

    Is there a way to restrict a user to read-only priv. on the weblogic
    console? Either by using acl's or other means.
    Thanks in advance,
    Brown

    "Seb" <[email protected]> wrote in message news:3f33c3e2$[email protected]..
    >
    Hello,
    I'd like to create a read-only user for a customer that gives him acces tothe
    Console only for reading all the configuration. I don't him to modifyanything
    Is there a simple way to do this ?A previous post mentioned that this is not possible in 6.1.
    Brown,
    This functionality is not available in 6.1. The newest version of wls
    8.1 has this feature depending on the role that the user is in.
    ~satya

  • Read only user for Weblogic Server Console (6.1)

    Hello,
    I'd like to create a read-only user for a customer that gives him acces to the
    Console only for reading all the configuration. I don't him to modify anything
    Is there a simple way to do this ?
    Thanks in advance.
    --Seb

    "Seb" <[email protected]> wrote in message news:3f33c3e2$[email protected]..
    >
    Hello,
    I'd like to create a read-only user for a customer that gives him acces tothe
    Console only for reading all the configuration. I don't him to modifyanything
    Is there a simple way to do this ?A previous post mentioned that this is not possible in 6.1.
    Brown,
    This functionality is not available in 6.1. The newest version of wls
    8.1 has this feature depending on the role that the user is in.
    ~satya

  • Changing not possible; field is read-only

    Hello,
    I need update Expected Value in Opportunity.
    Expected Value is bound Opportunity.SalesForecast.ExpectedRevenueAmount.content.
    When I try to update in adsl, "Changing not possible; field is read-only" error appears in frontend to the user.
    Thanks!

    Hi Rodrigo Mathias,Not an answer to your post just to share my problem
    Seems Opportunity has a lot of problems. As in my case i am trying to code in BeforeSave method that when ever the opportunity gets create by code i have to poppulate my CUSTOM Invonved Party ( i have created custom party role ).
    And i have passed partykey.partyId.content and RoleCode but when i click on save it gives me the error about Role Category!
    now when debugged that all Parties ( i debugged and checked whole collection) had the Role category every party from that collection had the Role category associated!
    So i tried to add r
    ole category by code! but that is also public write access set as FALSE!
    So finally i again opened the book for clod , and a line is specificaly written that PartyID node will not be used after 1402 there will be separate node PartyNAme where u can pass partyid , name or email!
    but unfortunately that is also not available in the opportunity BO!
    So i am also kind of stuck!
    Btw one thing i would like to mention is when u try to maintain your custom role in opportunity manually it works and data gets saved!
    Regards,
    Dhruvin

  • Read only user in weblogic throwing error messages in logs

    Hi,
    We have a requirement to create a read only user with monitor access.
    our requirement is to monitor em console using moniotr user, i.e. this user will login to em console, monitor order flow from instances tab by entering order no. and dates, and logout from em console.
    we have done below steps to create monitor user,
    Admin Console->Security Realms >myrealm >Users and Groups-> new
    created user Monitor_User_1 and assigned group as Monitors.
    but whenever this user logs in or searches we are getting below error message:
    <Sep 15, 2013 7:25:21 PM EST> <Warning> <oracle.jps.admin> <BEA-000000> <Access denied. Required roles: Operator, Admin, executing subject: principals=[Monitor_User_1, Monitors]
    java.lang.SecurityException: Access denied. Required roles: Operator, Admin, executing subject: principals=[Monitor_User_1, Monitors]
    we even did below steps:
    With admin access login into EM Console. Select soa_infra, right click mouse -> Security -> Application Roles. On right side, click green arrow and see list of Roles shown. Select the role named SOAMonitors, click on this. And add a Monitor_User_1 to this.
    but we are still getting same error.
    Kindly let us know if we are missing something while creating monitor user and how to get rid of these messages.
    Please note that we are already in Production and our log files are filled with these messages.
    Thanks & Regards,
    Vivek Vishal

    moving this discussion to WebLogic Server - General thread.

Maybe you are looking for

  • SM59 Error in HTTP connections to ABAP Sytems

    Hi All,   My scenario is to connect to XI systems... I need to create a RFC destination (HTTP connections to ABAP Systems) in SM 59 with below details..... Target host: xyz.abc.com Service No. : 0000 Prefix path : /sap/xi/engine?type=entry But SAP GU

  • 10.5.3 Update display issue. None of the already discussed...

    I've calibrated my display at a colour management facility some weeks ago, and took a screen picture of the brightness setting in system preferences... so that i could recall it in case i changed the brightness by accident. well, after updating coupl

  • Mail Accounts syncing not working

    When I got my iPhone I originally setup access to one of my mail accounts directly on the device, so never came across this problem. When I recently set iTunes to "Sync selected Mail accounts" and added my other accounts, I came across some problems.

  • SXMB_MONI Error: Receiver: Header before undo of mapping

    Hi, I have created webservice using a service interface, when I try to test this interface using WS Navigator then I am getting below error in trace. The message is showing status "Application Error- Restart Not Possible"   <Trace level="2" type="T">

  • Xmldataset is not working  with ie6 and ie7

    xmldataset is working with all browsers (ie8, opera, safari firefox) however it doesn't work with ie6 and ie7 according to me all things are correct,my works doesn't appear .. http://www.turkedergi.com