Practice 4-3

Practice
Practice 4-3
4-3

Defining
Defining aa security
security rule
rule to
to control
control data
data access
access
Assigning
Assigning the
the security
security rule
rule to
to aa responsibility
responsibility

Copyright Oracle Corporation, 2000. All rights reserved.

Practice 4-3 Instructions

Scenario
Flexfield security rules control access to specific segment values by
responsibility. These rules can be set up for any or all segments. Security rules
are tied to a responsibility, which is in turn associated with users. In this
practice, you will create a rule that prevents users from viewing an account.
You will assign the rule to the General Ledger, Vision Operations (USA)
responsibility. When you log in to this responsibility to test your key flexfield,
this account will not appear in the list of values.
Note: Before you can use security for a flexfield segment, you must enable
security both at the value set level and at the segment level.
Step 1: Define a Security Rule
Use the Define Security Rules window to define a security rule for the ACCT
segment of the Accounting Flexfield structure, XX Chart of Accounts, that you
defined in Practice 3-1. Name the rule XX_SR01, and give the rule a
description. Enter an error message to explain the rule to users.
Define two security rule elements.
Define the first security rule element to include all the possible account
values, from 0000 to zzzz.
Define the second security rule element to exclude the account 4110.
Step 2: Assign the Rule to a Responsibility
Copyright Oracle Corporation, 2000. All rights reserved.

Using Additional Flexfield Options

Chapter 4 - Page 42

Use the Assign Security Rules window to assign your security rule to the
General Ledger, Vision Operations (USA) responsibility in the Oracle General
Ledger application.
After defining the security rule, navigate to the Accounting Flexfield and test
the results of your work, as described in step 4 of Practice 3-1.
Practice 4-3 Solutions
Step 1: Define a Security Rule
1 Navigate to the Define Security Rules window.
System Administrator: (N) Security>Responsibility>
ValueSet>Define
2 In the Find window, select Key Flexfield and find the ACCT segment
of the XX Chart of Accounts structure for the Accounting Flexfield in
the Oracle General Ledger application.
3 In the Security Rules region of the Define Security Rules window,
enter information in the following fields:
Name: XX_SR01
Description: XX Security Rule 01
Message: GL responsibility cannot use account 4110.
4 In the Security Rule Elements region, enter information for the first
rule element in the following fields:
Type: Include
From: 0000
To: zzzz
5 In the Security Rule Elements region, enter information for the
second rule element in the following fields:
Type: Exclude
From: 4110
To: 4110
6 Save your work.
Step 2: Assign the Rule to a Responsibility
1 Navigate to the Assign Security Rules window by clicking the Assign
button in the Define Security Rules window.
System Administrator: (N) Security>Responsibility>
Value Set>Define (B) Assign
2 In the Security Rules region, enter information in the following fields:
Application: Oracle General Ledger
Responsibility: General Ledger, Vision Operations (USA)
Name: XX_SR01
3 Save your work.

Copyright Oracle Corporation, 2000. All rights reserved.

Using Additional Flexfield Options

Chapter 4 - Page 43

After defining the security rule, navigate to the Accounting Flexfield and
test the results of your work, as described in step 4 of Practice 3-1.

Copyright Oracle Corporation, 2000. All rights reserved.

Using Additional Flexfield Options

Chapter 4 - Page 44