Skip to main content

Using an eBusiness Suite Responsibility in HTML DB

In a previous post, I mentioned that I was using membership in an eBusiness Suite Responsibility as the basis for an HTML DB Authorization Scheme. It’s really quite simple to set up, and even easier to manage.

Note: This assumes that you have already integrated HTML DB with the Oracle Single Sign On server. See this How To for detailed steps on how to do that.
  1. Create a new Responsibility in the eBusiness Suite

  2. Once created, note the RESPONSIBILITY_ID. You can obtain this via SQL*Plus or from the Help : Examine : Item menu in the eBusiness Suite.

  3. In HTML DB, create a new Authorization Scheme. Select Exists SQL Query as the Scheme Type, and enter the following as Expression 1:

    select 1 from apps.fnd_user_resp_groups ur, apps.fnd_user u
    where u.user_name = :APP_USER and u.user_id = ur.user_id
    and ur.responsibility_id = 50280

  4. Be sure to use your RESPONSIBILITY_ID in place of mine (50280).

  5. Associate this new Authorization Scheme with an Application by editing the Application Attributes and selecting your Authorization Scheme in the Authorization section.

That’s it! Now that your Authorization Scheme is associated with an eBusiness Suite Responsibility, only those users who have that Responsibility will be able to access your application!

As this project moves forward, I’ll be posting more ways to hook HTML DB up to the eBusiness Suite.

Comments

Scott said…
Doh!

It's been a while since I've been in the eBusiness Suite. You'll want to add:

and ur.end_date > sysdate

to the above query, as Responsibilities cannot be deleted, only expired.

Thanks,

- Scott -
Partha said…
Hi scott,

Not related to eBusiness Suite but with security in HTMLDB on how the Authorisation or security works. Is there no 'secure' way of using the Authorization based on HTMLDB 'items'. I have flags inside my application which controls the flow and conditional display and linking that in the authorization. But this seems to break as it can be manipulated through the URLs. I had raised this in http://forums.oracle.com/forums/thread.jspa?threadID=318375&tstart=0
but no answer yet. Was working in 1.6. In 2.0 I saw the new security access which has 'Restricted - May not be set from browser', but this cannot be used for hidden items (why?!), and there is no documentation on how the checksum should be used in the URL (no change in documentation for 'Understanding URL format'). Can you suggest a solution for this (or maybe can answer in the forum itself?)

Partha K
ronald said…
Scott, I look forward to your experiences with extension to the eBusiness Suite using HTMLDB. I think it will be a great addition to the toolset we can use!
Paolo Marzucco said…
Hi Scott,
I am trying to do the same thing as you, that is integrating an HTML DB application with the Oracle eBusiness Suite.

I solved the problem in a different way, since here we don't have an SSO server.

The user is validated using the fnd_web_sec.validate_login, as found in a tip on the HTML DB Studio, then he will be presented a list of responsibilities that he can choose to work with the HTML DB application.

I am using mainly the HR and Payroll modules, so each responsibility is linked to a security profile that restricts the user data visibility. I wanted to have the same functionality in my application, but the standard Apps secured views are not working reliably from HTML DB, so I built my secured views using a custom function that behaves in the same way.

I already found some workarounds for the conflicts coming from the Apps HR security implementation, that can arise when querying secured views or calling an Oracle Apps standard API procedure from HTML DB.

If you need it, I can share some of my findings with you.

Cheers,
Paolo
Anonymous said…
Paolo/Scott,

This is great. One way to do it using SSO and another without.

Paolo, it would be a benefit to a lot of folks if you share how you devised a solution for non-sso environment with your custom views etc.

As far as I know there are more sites who don't use SSO than those who do. So this will be huge for those sites.

Thanks Scott for sharing the SSO/R11i integration with HTMLDB.
Scott said…
Partha,

Looks like the other Scott has already addressed your problem.

Have a look at this quick demo I set up: http://htmldb.oracle.com/pls/otn/f?p=31579:1


You can definitely prevent hidden items from being set via the URL in HTML DB 2.0.

Thanks,

- Scott -
Scott said…
Paolo,

I'd be interested in seeing what you have done as well. Perhaps you can post a Tip & Trick on HTML DB Studio so that many can benefit from it.

Thanks,

- Scott -
Paolo Marzucco said…
Ok, I'll try to post a tip on HTML DB Studio as soon as I can.

Thanks for the attention,
Paolo
Samuel Adanu said…
Hi Scott,

This is not about this particular topic though. I have been to your website, sumnertech.com It's a great website. I like the HTMLDB applications background you used. It's splendid. KUDOS.
Scott said…
Samuel,

Thanks for the compliments. Although I am not a graphic designer by trade, I have a limited set of skills which I use from time to time. :)

Thanks,

- Scott -

Popular posts from this blog

Whose Deck is it Anyways?

This year at KScope, we're going to try something new.  And fun.  And funny to watch - we hope.  It's called "Whose Deck is it Anyways?", and will occur on Sunday at 8:30pm.  It's only 30 minutes, but it will likely be the best 30 minutes of the conference.  Or at least the most embarrassing.

Here's what we're going to do: the will be four 5-minute presentations - one on each of the following: BI, EPM, Database & APEX.

Sound interesting?  Probably not.  We get that, too.  So here's what we did.

Each 5-minute session will be presented by a non-expert.  For example, it's highly likely that I'll be presenting on BI or EPM.

To make it even better, each slide deck will be prepared by the corresponding expert.  So again, it's highly likely that my slide deck's creator will be either Stewart Bryson or Edward Roske.  If nothing else, this session will be a crash course in how not to make cohesive, easy to read slides.

Interested now?  Ya,…

Spaced Out

A while back, I wrote about how to give the Universal Theme a face lift.  If you follow the steps in that post, the base font for an APEX application with the Universal Theme can easily be changed.

While that's all well and good, sometimes you only want to change the font for a report, not the entire page.  One of the applications that I'm building contains a number of IRs based mostly on log data.  Thus, having that data in a monospaced font would make it a whole lot easier to read.

You can search Google Fonts for monospaced fonts by selecting only that option on the right-side menubar.  You can also opt for the standard yet kinda boring Courier and achieve the same thing.

To implement this in your application, follow the steps in my other post, but stop shy of the final step.  Instead of pasting in the text that I specify, paste in the following to the Custom CSS field in Theme Roller, using the name of the font you selected for the font-family:

.a-IRR-table tr td { font-fam…

#fakecode

Unless you've managed to somehow filter out everything about US politics over the last few months (and if you have, please let me know your secret), then you've likely heard about "fake news".  From a high level, my basic understanding of "fake news" is that it refers to stories or websites that are fabricated to advance the political beliefs and/or ideologies of one site or the other.  Your definition may differ.

So what is fake code?  That, I can at least try to explain in a bit more detail.

The other day, I saw this image posted on Kris Rice's twitter feed:



I thought it was a joke, but it's actually a real book. That made me laugh.  Then cry.  Then I read the book, mainly since it's only 4 pages.  Believe it or not,  there's actually some really good content packed in there.  Let me summarize:

If you choose to copy code from Stack Overflow, the OTN forum, or anywhere, really, there's a few things to keep in mind:


Who owns the code.  It…