Oracle E-Business Suite relies on a combination of database
functionality (views, stored procedures, and functions) along with
interface rules to enforce business logic, such as data security
rules. The adapter supports this design by enforcing security embedded
rules within the database and by allowing queries to be written
against both restricted and unrestricted types of data. Therefore,
the adapter can be used to support data access with the following
security models:
- Oracle Applications Security. Reports may be defined
to require a Responsibility ID and Application ID as part of their
processing. When this is done, requests against business views containing
row-level security data restrictions will display the secured and
filtered result data set only.
- Union of Responsibilities. When reporting against tables
or views found in the applications, users will be able to access
the full union of the data that all of their responsibilities allow.
Only when Oracle Applications Security is defined will this data
be further restricted to an individual responsibility ID access
profile.
- Total Enterprise Access. Reports will always enforce
table and view restrictions based on the application access granted
to a given user. For all tables, and the subset of views that do
not have row-level data security rules built-in, reports written against
them will provide full data access.