- OracleApps Epicenter - http://www.oracleappshub.com -

OracleApps Responsibility vs SAP Functions

How does one can provide read only access to the oracle applications screens for a particular user?

We need to provide helpdesk and auditor read only access to the oracle applications screens. Is it possible to give read only access to the oracle applications screens?

Do you able to think any clue..

This is one of the question that was asked by a client finance super user while doing SAP migration to Oracle Apps.Oracle does work on responsibility level where SAP product does control at function leval.You can consider function level in the same way , that you are giving access to certain folder to another user in your network domain by write, read or both or same way chmod in Unix.

Lets take a supplier master screen, the same screen can be used for creating, maintaining as well as deleting the supplier.what would be case if you want to give access to a user not a delete any suppliers, then ???

..Custom.pll ..pretty simple approach right...,the good think is that it can be handled but bad thing is that the username needs to be hard coded
in the custom.pll.

So to avoid hard coding the userid in the custom.pll , the other approach should be consist of these steps to make a user with read only privilege:

  1. Addding a new function from the System Administrator -> application > function, with the same form name as the original function and with the parameter as QUERY_ONLY="YES"
  2. Create a new menu and add the new function to it.
  3. Create a new responsibility with the new menu.
  4. Add the responsibility to the user who will have the read only access.

Similarly create and add the other function to the new menu with function parameter as QUERY_ONLY="YES"

Is this good solutions,what about the change management guys..are they allow this way.. what you think..any comment .I hope DBA must have some other options.[]

Finally a note on user security

Q .Is security defined by user, user group or a combination? Can this be set by ledger/company/module or is it across the system?

In Oracle
Security is defined by user – menus are completely tailor able but can be reused so can use include/exclude functions.
A user ID is linked to one or many user profiles which manages the authorizations within the SAP system. More than one user can be attached to a user profile. Ledger, company etc. are entities or authorization objects wherein we can specify that the user is authorized only for specified company codes.

1 Comment (Open | Close)

1 Comment To "OracleApps Responsibility vs SAP Functions"

#1 Pingback By SAP-ORCL: “Security” On January 12, 2008 @ 2:44 am

[…] oracle the access can be read only or read/write. Read my earlier post […]