Security Rule API

Similar Messages

• Cross Validation Rules & Security Rules

  Hi all,
  Is there any one who knows where I can function/package for cross vaildation rules & security rules in GL Modules?
  I need them for our customization form before all transaction move from custom table and API table. It means we need to validate all transactions correctly in our custom form before its generated into transaction table in particular module.
  I appreciate any info.
  Thanks

  Hi,
  Thanks for your reply.
  Actually we a have customization form and interface. Due the customization programs need to use CVR, I need to know if there's a package/function/script to call this CVR procedure that we can attach to our customization programs. Before we send the transactions to API (open interface table) we already make sure there's no problem in accounting (code combination) since we activated CVR for generating account combinations.

• Standard Oracle report for the "security rules define/assign"

  Dear all:
  Is there any Standard Oracle report to show the :"Application --> Setup : Financials : Flexfields : Key : Security " flexfield "security rules define/assign" ?
  Regards
  Terry
  Edited by: Terry Chen on 2010/5/4 上午 2:27

  yes i believe there is one report in sysadmin or gl which shows this.

• KFF Security Rules question

  Hi,
  I developed a custom page which has an Accounting KFF. I then defined security rules to exclude certain accounts for a particular responsibility and assigned the rule to the responsibility.
  When I am testing I see that the account is still shown in the KFF LOV and the users are able to select the account.
  Can someone point out what am I missing.
  We are on 11.5.10 RUP4.
  Any pointers are greatly appreciated.
  Thanks
  Srinivas

  Any help on this is greatly appreciated...
  Thanks a lot in advance.
  Srinivas

• SAP GUI 7.20 Security Rules - How to 'Always Allow' Everything?

  The SAP GUI 7.20 comes with a list of security rules.
  What is the best way to allow all access so that user's wont get any security prompts?

  @Sven, section 2.5 refers to 'Central Repository for Security Configuration'. Like Michael, I have a large number of users and we package and distribute software using non-SAP software. We can't have a central repository that all users can connect to so the 'Location' registry entry wouldn't work for us.
  @Michael:
  > Under the SAP GUI Configuration / Security / Security Settings you can change the default of "Customized" to Disabled.
  Do you mean 'Default Action = Allow'? Mine is set to that, but I still get pop-up prompts.
  Would setting 'SecurityLevel = 0' result in the SAP GUI have the required result?
  I realise that this process would need to be followed:
  - Administrator should install a new version of the SAP GUI 7.20 onto a PC
  - Administrator should edit the registry values using the rule editor in the 'Security' node of the SAP GUI options dialogue
  - A saprules.xml file will then be generated
  - The saprules.xml file should then be copied from the %APPDATA%\SAP\Common folder to the location specified in the registry value 'Location' (maybe make Location a folder on the PC? and put the saprules.xml file into there?)
  - The saprules.xml file in the location specified in the registry value 'Location' will not be overwritten by SAP GUI patches or new installations, however it may need to be updated to include new features
  Note:
  - Registry values are stored in different places for 32 bit and 64 bit PC's

• Cross validation & Security rules

  Hi,
  In a typical business scenarios which are the code combinations recommended for
  i)Cross Validation rule
  ii)Security rule
  to have better control?
  Thanks

  Hello.
  It depends on your needs. Suppose you have 2 (01, and 02)companies sharing the same Chart Of Accounts. In order to avoid entering journals from company 01 into company 02 you should create a security rule to reject all code combinations starting by 01 when a Responsibility from company 02 is being used.
  Cross validation rules are used to avoid the creation of code combinations that you may think as inappropriate within the company itself. For example, to use the Cost Center segment when the Account segment is not a cost or a revenue.
  Octavio

• Security Rules in Oracle Financials GL

  I have defined security rules in Oracle Financials GL version 11.0.3. The security rules can be applied in form level.
  e.g For account inquiry, only limited accounts can be viewed.
  But for all reports in Oracle Financials, it's not restricted by the rules. How can I applied those rules in reports as well?

  Unfortunately data in standard and bespoke oracle reports is not restricted by security rules by default.
  Security can be enabled for FSG reports.
  If you need security rules to be applied to standard reports, I am afraid, you need customization.

• UMX - Can I setup Data Security in UMX similar to Security Rules?

  Hi;
  Is it possible to setup something similar to Security Rules in UMX? I would like to grant the same Role to different users, and assign these users different security. All my reading of UMX so far has pointed me to creating objects and granting security permissions, but I don't know how to go about implement it. If one of you has successfully implemented this, can you please share your steps?
  Thanks, Al

  Hi Al,
  restricting FND... Tables is maybe not the best idea. You should always use standard functionality to achieve the same (if available).
  1/ Is your request related to an Oracle Standard Form, if yes, which one?
  2/ Do you talk about the GL Code Combination? Would you like to restrict a value from this segment?
  3/ Data Security is a very low level technique, if you use it, such a person where the rule is enabled can never and nowhere see "removed" lines (values). Not in other forms, not in reports, not in interfaces or concurrent requests. So if you use it, be very careful.
  Please send your email address to me, my one you can get by clicking on my name.
  Thanks
  Volker

• Security rules in apps EUL

  Hi,
  It is possible to implement in apps EUL security rules set for Key Flexfield? If yes, how do that?
  rgds,
  Krystian

  Hi Krystian,
  What you want to do is possible and can be achieved by using the GL_SECURITY_PKG in the chosen view. The view will need to include the following condition: gl_security_pkg.validate_access(sob_id, ccid) = 'TRUE'’
  Once your view is setup and ready, you’ll need to create your Key-Flexfield security rules and assign them to a Responsibility. Users will need to run the report under that responsibility for it to work.
  Some links for handy reading regarding using the GL_SECURITY_PKG:
  Re: Speeding up or Caching the gl_security_pkg.validate_access(sob_id, ccid)
  Re: Free Discoverer views for Financials, or BIS?
  Hope this helps ;-)
  Lance

• Can VPD Virtual Private DB in 10g replace Oracle Apps security rules?

  I read the recent article in Oracle Magazine called 'Testing Database Security', especially the section on Virtual Private Database (VPD), caught my attention. Can this feature of the 10g database be used by the Oracle Apps to restrict access to data through the apps login? We just moved to 10g.
  Our current data security is enabled by leveraging security rules attached to responsibilities. Our security rules restrict by operating unit, of which there are 89. It would be great if VPD could be used, as it might replace the need to create 89 separate security rules. We would maintain just one set of policies.
  Does anyone know if this can be used on the applications level? If anyone has done this, do you know of a documentation link that would help?
  Thanks for your insight.

  Sebes,
  Thanks for the link...it sounds like it may be part of the Oracle future landscape, but for now, we will have to live with security rules.
  Sincerely,
  Brenda

• Security rule whether be checked when journal import

  Hi All,
  Thanks for your attention, I have got an issue about security rule.
  When I used gl_interface to import journals into EBS system, I think the security rules will not be checked, it only check cross-validation, but I found sometimes security rule is checked for some responsibilities when journal import, why this happened, and is there any profile or setup to control it?
  Thanks for your help.
  Best Regards
  Spark

  Hi Spark,
  It looks like Journal Import doesn't check for Security rules, but it checks for cross validation rules upon dynamic insertion. Sorry for the misled earlier. You can check the metalink note, Journal Import - FAQ [ID 107059.1]. Here are the comments for the note,
  A04. Does the Journal Import process check for Cross-Validation or Security
  Rules violations?
  Journal Import does not check security rules. Transactions that come
  from Oracle subledgers (AR, AP, etc.) already have the CCID (Code
  Combination ID) in the GL_INTERFACE table. These have been validated
  in the feeder system.
  You can also populate the accounting segments directly into the
  gl_interface table and let Journal Import populate the
  code_combination_id. If dynamic insertion is enabled, and this is a
  new combination, then the import program will check for cross
  validation rule violations.
  Thanks,
  Kiran

• Accounting FlexField Security rules

  Hi,
  I want to know is it possible that i create one Accounting FlexField Security Rules and assign to specific user / Responsibility ?
  If is it possible plz let me know how is it possible?
  Regards,
  Yasir

  when i recompile the flexfield there is complete with error in log file
  Oracle error 905: ORA-00905: missing keyword
  ORA-06512: at "SYSTEM.AD_DDL", line 165
  ORA-06512: at line 1 has been detected in afuddl() [3_xdd].
  do_ddl(APPLSYS, SQLGL, 2, $statement$, AASML VIEW): private_do_ddl(APPS, APPLSYS, GL, 2, $statement$, AASML VIEW): do_cd_view(0, APPS, 2, AASML VIEW, $statement$): : do_apps_ddl(APPS, $statement$): : substr($statement$,1,255)='CREATE OR REPLACE VIEW AASML VIEW
  (ROW_ID, CODE_COMBINATION_ID, COMPANY, OPERATING_UNIT, DEPARTMENT, GL_ACCOUNT, PRODUCT, PROJECT, INTERCOMPANY, FUTURE_USE, GL_ACCOUNT_TYPE, GL_CONTROL_ACCOUNT, RECONCILIATION_FLAG, DETAIL_BUDGETING_ALLOWED, DETAIL_POSTI'
  CREATE OR REPLACE VIEW AASML VIEW
  AS SELECT 'View generation has failed. Check log file for error messages' VIEW_HAS_FAILED_CHECK_LOG_FILE
  FROM SYS.DUAL

• UME password security rule

  Hi all,
  I use SAP EP 7.0 SPS10
  I would like to configure a UME password security rule with the following content:
  password must contain at least 2 digits and 4 letters.
  How can I set this by means of the UME security policy.
  Any help is really appreciated.
  Regards Karin

  Hi Pankaj,
  thanks for your answer.
  In the documentation you mentioned I find exactly what I need
  Snippet from documentation (in bold marked what I need)
  <i>Define the rules governing what a password looks like.
  This includes:
  The maximum and minimum length of passwords
  Whether an old password can be part of a new password
  <b>The number of alphabetic and numeric characters required</b>
  The number of upper and lower case letters required
  The number of special characters required
  Whether the user ID can be part of the password
  How often a user can use the same password (the number of past passwords saved)
  If there are any passwords that are not allowed.</i>
  But I don't see which UME property should be used for those rules.
  The only thing I found was
  ume.logon.security_policy.password_alpha_numeric_required
  Minimum number of alphabetic and numeric characters in passwords.
  -> according to the documentation a 2 means, at least 2 digits and at least two letters
  -> in my case I would like to define the following rule:
  a password must contain at least 2 digits and 4 letters
  I do not see how I can configure this
  Regards Karin

• Disable security rule and remove assignment in GL

  Hi
  Need to know urgently as user is stuck in Journal entry
  There is an issue of overlapping two restrictions while entering department in accounting flexfield and the security rules needs to be disabled.
  Rule 1 Name : Department Security
  Message : Department Security: Department is restricted to 110 thru 130
  Include is 000 to zzz
  Exclude is 000 to 109
  Exculde is 131 to zzz
  Rule 2 Name : Single Department
  Single Department: Department is restricted to ONLY department 110
  Include is 000 to zzz
  Exclude is 000 to 109
  Exculde is 111 to zzz
  Need help to disable the rules and allow all departments now for user entry
  Thanks
  Shanks
  Edited by: user8364817 on Dec 3, 2008 10:10 PM

  Hi
  Thank you for your reply.
  I also tried replacing all by "include" and it worked !!!
  Hope this will not have any issues further.
  The user is able to make entries using all departments now
  Thanks
  Shanks

• Disable security rules in discoverer report

  I have a discoverer report on GL with security rules applied, it displays data based on the responsibility thro which we have logged in. Users dont want this functionality, they want all the data to be displayed in a single reponsibility, which implies that the security rule be disabled for this report. The report doesnt have any custom folders and also I couldnt find anywhere the GL_SECURITY_PKG being called to implement security rules. Can anyone help me in disabling the security rules.

  Hi,
  Where did you look for the security rule? in the underlying objects or in the discoverer?
  First thing you should do to see whether this rule is applied is from within the discoverer take the SQL (from the view-> sql inspector) and start analyzing the views in the from clause, i am sure that you'll find one of them that holds this rule.
  If you are using oracle BA then for sure you'll find it in the "Journal Lines" folder (based on view : GLFG_JOURNAL_LINES)
  Your request is not that simple as "Disable the security rule".
  If you are using Oracle views then you cannot disable it without changing those views and you will have to verify you are not changing any of the views that the application uses.
  If you will create a new responsibility for "Cross Set Of Books" then you can exclude it from the rule by changing the security rule from :
  Gl_Security_Pkg.Validate_Access(Journal_Line.Set_Of_Books_Id,Journal_Line.Code_Combination_Id) = 'TRUE'
  To something like:
  decode(fnd_global.RESP_ID,<your new resp_id>,'TRUE',Gl_Security_Pkg.Validate_Access(Journal_Line.Set_Of_Books_Id,Journal_Line.Code_Combination_Id)) = 'TRUE'
  If it is a specific request they have then you can create a new view and use the GL tables to avoid the usage of the GL security rule.
  Tamir