Oracle Apps roles in BO security

Similar Messages

• Calling oracle Apps Webservice required web security

  hello all,
  am trying to call a web service which is deployed on oracle E-Business suit 12, from SOA11g, what excatly am trying to do is this, from databse adapter which will load a data from other applications connected to a mediator and the mediator pass the parameters to a webservice installed on Apps server, but in the SOAP header i have to add a WS-S (Web Services Security), this is my point i cant add this or i tried but i fail,
  could any one please point me to how add the security (user name and password) to the soap header, or help me in this.

  After increasing sync-time-out and global transaction time out to 1800. Issue is still reported.
  We are not using the jdbc pool.
  Still not sure what we are missing here and running into this:
  WSIFInvocationHandler::invoke> invoke failed
  org.collaxa.thirdparty.apache.wsif.WSIFException: exception during SOAP invoke: Timed out; nested
  exception is:
  javax.xml.rpc.soap.SOAPFaultException: Timed out
  In addition:
  ========
  Tested calling this PL/SQL API (exactly the same API CALLED in BPEL) in TOAD and this ran for 20 mts in DB.
  With the changes(sync-time-out,global transaction time,hpptd.conf, and transaction-manager.xml ) in SOA configuration then we are getting the exception ..
  So, we need help with SOA configuration to get the BPEL service working when the API called within BPEL service is taking approximately 20 mts.
  Edited by: sgaraga on Apr 22, 2009 4:29 PM

• Oracle Apps Roles and Responsibilities

  hi,
  i need to know the people who should be supporting the Oracle Applications after its implementation. Are there documents that list the specific roles and responsibilities?
  Thanks!
  Gladys

  You can easily create such a document by extracting the information from the backend tables correspomding to the Responsibility form.
  Take your DBA's help if you are not very conversant with SQL.
  There no such standard document.
  Thanks

• Implementing Function Security in Oracle apps.

  I wanted to restrict certain menus in Payables manager for a particular user. How should i implement it? Is there any live example of implementing function security in oracle apps? Please Help.

  Hi,
  One approach is to create a custom menu and attach to it all the menus and functions you want and the add this menu to a new responsibility. But this is not the best way to solve the issue because you have to define different menus + responsibilities for each different user. Other way is to create roles which can be assigned to users.
  Thanks,
  Bahchevanov.

• Creating security similar to Oracle Apps

  We have an application that has security similar to Oracle Apps. i.e. maintaining the users and roles (responsibilities) within our application. Discoverer has a special login mechanism for Oracle Apps users. Is there a way to configure Discoverer to work with other application which has similar secuirity mechanism?

  Hi Maruthi
  I'm afraid I have no documentation to point you at because this was done for a specific client and I have just not had the time to put together some generic documents. I can't use the client's documents because that would be unethical and has pictures of their data.
  Nevertheless, here is an overview.
  1. Look at all of the Oracle base tables and determine which ones have one of the following: ORG_ID, Set of Books ID (SOB_ID) or Chart of Accounts ID (COA_ID).
  2. Look at the same tables and run some scripts such as this: SELECT COUNT(*) FROM TABLE
  3. For all such tables that have more than say 200,000 rows add one partition for each ORG_ID, SOB_ID or COD_ID
  4. As you know, when a user logs in using an Apps account, the system sets a SYS_CONTEXT variable identifying the ORG_ID that user has access to. This is fine for tables that have an ORG_ID, but for those which only have a SOB_ID or COA_ID you can't use the ORG_ID. Therefore, what you do is create a new table, let's call it ORG_ORGANIZATIONS, that links an ORG_ID with its associated SOB_ID and COA_ID. The table is indexed on the ORG_ID.
  5. Create one function per type, thus one for ORG_ID, SOB_ID and COA_ID.
  For ORG_ID - function named 'DP_ORG_SECFUNC, the heart of the function is:
  select substr(userenv('CLIENT_INFO'),1,5) into x_org_id from dual;
  v_statement := 'ORG_ID = '||x_org_id;
  return (v_statement);
  For SOB_ID - function named 'DP_SOB_SECFUNC, the heart of the function is:
  select substr(userenv('CLIENT_INFO'),1,5) into x_org_id from dual;
  SELECT SET_OF_BOOKS_ID INTO v_set_of_books_id
  FROM ORG_ORGANIZATIONS WHERE ORG_ID = x_org_id;
  v_statement := 'SET_OF_BOOKS_ID = '||v_set_of_books_id;
  return (v_statement);
  For COA_ID - function named 'DP_COA_SECFUNC, the heart of the function is:
  select substr(userenv('CLIENT_INFO'),1,5) into x_org_id from dual;
  SELECT SET_OF_BOOKS_ID INTO v_chart_of_accounts_id
  FROM ORG_ORGANIZATIONS WHERE ORG_ID = x_org_id;
  v_statement :='CHART_OF_ACCOUNTS_ID = '||v_chart_of_accounts_id;
  return (v_statement);
  6. Create a view for each table you want to protect. For example, here is the code that creates a view for AP_INVOICES_ALL
  CREATE OR REPLACE VIEW DV_AP_INVOICES_ALL
  AS SELECT * FROM AP_INVOICES_ALL ;
  SHOW ERRORS
  EXEC DBMS_RLS.ADD_POLICY('APPS', 'DV_AP_INVOICES_ALL', 'SecByOrg', 'APPS', 'DP_ORG_SECFUNC', 'SELECT');
  Notice how this view is being protected by a policy that when anyone runs a SELECT against this view a VPD policy kicks in and calls the ORG security function.
  7. Change all of your code that Discoverer is pointing at to use new views similar to the above.
  I hope this helps
  Best wishes
  Michael Armstrong-Smith
  URL: http://learndiscoverer.com
  Blog: http://learndiscoverer.blogspot.com

• Multi security groups in Oracle apps hrms

  Hi All,
  Could you please let us know how to enable or disable multi security groups in Oracle Apps hrms?
  Thnaks,
  Anil

  If you have access to Oracle Help-on-line check it there
  <BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by Amit Das ([email protected]):
  Can you please tell me of any document/book etc which describes the security features in Oracle Apps specially on Oracle financials. <HR></BLOCKQUOTE>
  null

• Security features in Oracle Apps (Oracle Financuals)

  Can you please tell me of any document/book etc which describes the security features in Oracle Apps specially on Oracle financials.

  If you have access to Oracle Help-on-line check it there
  <BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by Amit Das ([email protected]):
  Can you please tell me of any document/book etc which describes the security features in Oracle Apps specially on Oracle financials. <HR></BLOCKQUOTE>
  null

• Roles for each Product in Oracle Apps 11i

  Hi,
  I have one requirement to create role for each product...
  For example:
  Inventory (INV)... I need to create a role, which will have select privileges on all tables of Inventory...like that for each production, I need to create...
  I have one procedure:
  (a) create role inv_read_role;
  (b) spool the following statement
  sql> spool inv_read.lst
  sql> select 'grant select on INV.'||object_name||' '||'to INV_READ_ROLE;' from dba_objects where owner='INV' and object_type='TABLE';
  sql> spool off
  (c) Run the above spool file
  Here we are done...
  But, If I want to do this for all products in oracle apps 11.5.10.2..
  is there any smarter way to do this????? any stored procedure???

  I want to give readonly access to AP Tables to one database user or more no of database users.....how can we give...for that , we are going to create seperate role for each module in database..assign that role to database user...then he will be able to select only on that module tables......

• Implementing Security For ADF Pages when integrated with Oracle APPS

  Hi,
  Can anyone please let me know the solution to the below problem ?
  I have an ADF application that is deployed on a weblogic server. An URL is generated to access the ADF Pages.
  I have created one more simple jsp (Launch.jsp) which redirects to this URL on page load.
  I am using Oracle APPS where:
  ->I registered a form function referring to Launch.jsp
  ->I am referring form function in a responsibility , attaching that to a menu
  ->When the valid oracle user logs in, I am sending all oracle apps environment variables (User id , Responsibility id, application id ) for that session
  What my issue is :
  ->The URL along with the parameters that I am sending from the Launch.jsp to the ADF Page is visible to the user. So, even if the Oracle APPS user has not logged in, anybody who knows the URL can access the ADF Pages.
  ->So, Is there any way to implement the security so as, even if anyone knows the URL of the ADF Page cannot access the ADF Pages without the valid user being logged-in through the Oracle APPS.
  I am using Jdeveloper 11g.
  Please let me know if you need anymore details.
  Thanks in advance,
  Kavitha

  Please help me out if anyone has a solution to this problem.
  Thanks,
  Kavitha

• Testing oracle apps security in reports

  Hi,
  I have a report which is running fine in Report builder 6i and also in Oracle apps(this is a customized report for oracle apps).
  Now I need to test the security in Oracle apps. As per the advice provided in metalink I added
  1) added a user parameter P_CONC_REQUEST_ID
  2) added "srw.user_exit('FND SRWINIT');" to the BeforeReport trigger
  3) added "srw.user_exit('FND SRWEXIT');" to the AfterReport trigger
  But now when I try to run in Oracle apps it gives below error
  REP-1416: 'beforereport': User exit 'FND'. IAF GET: unknown column 'P_CONC_REQUEST_ID'.
  Please help on how to solve this issue. Any help is appreciated

  Thanks for the reply. The problem still persists.
  The same metalink gives another solution as below but when I add the below to the report I couldn't compile. It gives "identifier hr_standard.event must be declared". Anyone used this before, if so how to use the same.
  3. If the issue is not resolved try placing the calls mentioned in 2 with
  hr_standard.event('BEFORE REPORT');
  hr_standard.event('AFTER REPORT');
  Metalink is
  How To Enable Hr Security on Custom Reports? [ID 369345.1]

• Career advice : Oracle apps technical versus other roles

  I've 7 yrs exp & over 5 yrs in Oracle Apps(R12 & Fusion(4.5 yrs)) as applications developer. Even now, as TL/PM I don't see my role evolving as you are still expected to do hands on various technologies.
  How can I become fully functional (without having to settle for lesser salary)? What can an MBA do for me?
  Ideally I would like to play an "account manager" kind of profile in oracle consulting, where I would handle clients. Or something where I can develop my entrepreneurial & soft skills.

  Hi;
  How can I become fully functional (without having to settle for lesser salary)? What can an MBA do for me?
  Ideally I would like to play an "account manager" kind of profile in oracle consulting, where I would handle clients. Or something where I can develop my entrepreneurial & soft skills.MBA should be plus for you but you need to answer first what you want to in future or you will like to work as functional person. Similar topic discussed here before, please see below search
  http://forums.oracle.com/forums/search.jspa?threadID=&q=functional+carrier&objID=c3&dateRange=all&userID=&numResults=15&rankBy=10001
  Hope it helps
  Regard
  Helios

• Oracle Apps 12.03 and dbf file under $FND_TOP/secure

  Hi All,
  I have a question. Back to 11i, there was a .dbc file under $FND_TOP/secure. To generate it or edit, you could use jre oracle.apps.fnd.security.AdminAppServer with the parameters.
  For R12 (R12.0.3 with a 10.2.0.2 DB), the file should be under $INST_TOP/apps/fnd/12.0.0/secure right? In my case, I do not have the apps folder under $INST_TOP.
  Is R12 still using a dbc file and if so, where should it be and how can I regenerate it?
  Thank you,
  Nayas
  aka Felix

  Hi Hsawwan,
  Thank you for the reply. I found the command and the parameters in the document suggested.
  Another quick question. From the document you suggested, the directory they us to save the file is $FND_TOP/secure. Shouldn't it be under $INST_TOP/appl/fnd/12.0.0/secure for R12?
  Thank you,
  Nayas
  aka Felix

• Error oracle.apps.xdo.security.ValidateException

  Hi,
  When trying to login in the BI Publisher, I am getting the following error:
  oracle.apps.xdo.security.ValidateException
  The username and password are correct and the xmlpserver is running. I am using the OC4J application server. Any ideas please?
  Thanks
  Marija

  I believe there is some problem with the BI Server security. Try changing the security to XDO in xmlp-server-config.xml file. I have blogged about it here http://oraclebizint.wordpress.com/2007/11/06/oracle-bi-publisher-and-bi-ee-invisible-admin-tab/. Though the blog entry was for some other issue but this should help you in changing the security.
  Thanks,
  Venkat
  http://oraclebizint.wordpress.com

• Oracle Apps secure code review

  Is any documentation available (either Oracle or third party based) to guide secure code reviews for Oracle Apps (or more specifically, Oracle Application Framework)?
  I'm aware of the usual sql injection bad practices (as related to JDBC and PLSQL). I'm curious about API abuse, as related to:
  - cross-site scripting concerns
  - client-side trust issues (e.g., hidden field values)
  - improper or inconsistent input validation
  - improper error handling
  - improper session management
  - inappropriate access control
  Thanks.

  Thanks... I looked at that and didn't think it was all in there, but I looked again after I got your reply and it appears to be what we are looking for (at least a starting point).

• Can VPD Virtual Private DB in 10g replace Oracle Apps security rules?

  I read the recent article in Oracle Magazine called 'Testing Database Security', especially the section on Virtual Private Database (VPD), caught my attention. Can this feature of the 10g database be used by the Oracle Apps to restrict access to data through the apps login? We just moved to 10g.
  Our current data security is enabled by leveraging security rules attached to responsibilities. Our security rules restrict by operating unit, of which there are 89. It would be great if VPD could be used, as it might replace the need to create 89 separate security rules. We would maintain just one set of policies.
  Does anyone know if this can be used on the applications level? If anyone has done this, do you know of a documentation link that would help?
  Thanks for your insight.

  Sebes,
  Thanks for the link...it sounds like it may be part of the Oracle future landscape, but for now, we will have to live with security rules.
  Sincerely,
  Brenda