Home Discussions Questions & Answers Implementing MOAC Security via Parameter LOVs

Implementing MOAC Security via Parameter LOVs

Avatar photoCustomer October 17, 2021 at 10:06 pm

We need to create a new report that strictly respects the user’s MOAC security profile, limiting data to their assigned Operating Units. Should I use Oracle’s secured synonyms (like `ap_invoices`) or the base tables (like `ap_invoices_all`) in the SQL query?

Viewing 6 reply threads
  • Author
    Replies
    • Support October 19, 2021 at 3:10 am  

      For better flexibility and maintainability, the recommended best practice is to use the unrestricted base tables, such as `ap_invoices_all` . Security should be applied by introducing the Operating Unit as a required parameter in your Blitz Report , . The LOV attached to this parameter is then automatically restricted to show only the operating units available to the current login user’s responsibility .

    • Avatar photoCustomer October 21, 2021 at 4:01 am  

      What are the advantages of setting up security this way, using restricted LOVs, over relying on Oracle’s VPD secured synonyms?

    • Support October 21, 2021 at 10:20 pm  

      The LOV restriction approach provides greater flexibility . It allows users in roles like shared service centers to potentially view all data if configured, and it enables IT professionals to test the SQL query directly via database tools (like Toad or SQL Developer) without needing to fully initialize the application user session context, simplifying debugging and maintenance .

    • Avatar photoCustomer October 22, 2021 at 5:05 pm  

      If my report needs to respect Ledger security in addition to Operating Unit security, is there a profile option to enforce this?

    • Support October 23, 2021 at 10:19 am  

      Yes, control over Ledger security is managed via a profile option . If your report typically only uses inventory organization security, for example, you can enforce restriction by ledger access set by setting the profile option ‘Blitz Report Use Ledger Security’ to Yes . Similarly, ‘Blitz Report Use Operating Unit Security’ allows activating or deactivating operating unit security .

    • Avatar photoCustomer October 24, 2021 at 10:41 pm  

      I need to display the full name and description of the user who last updated a record, not just the Oracle username (e.g., ‘SYSADMIN’). Is there a utility function for this?

    • Support October 26, 2021 at 5:23 pm  

      Yes, you can use the utility function `XXEN_UTIL.USER_NAME` , . When passed the Oracle user name (e.g., ‘SYSADMIN’) as an input parameter, it returns the full user description, such as ‘SYSADMIN (System Administrator)’ . There is also an overloaded version that accepts the user ID as input . Note that displaying the user description can be deactivated by setting the profile option ‘Blitz Report Show User Description’ , .

  • Author
    Replies
Viewing 6 reply threads
  • You must be logged in to reply to this post.

Login with:
Popular Posts
How to track master data changes using Oracle EBS Audit function and Blitz Report™ 123803

Oracle Enterprise Command Center Framework Release 12.2 installation and integration with Oracle EBS 12.2.8 19944

Oracle Discoverer replacement – importing worksheets into Blitz Report™ 14679

How to check if a patch is applied in Oracle EBS 12.2 14435

Oracle Discoverer 11.1.1.7 installation and integration with Oracle EBS R12.1.3 14122

Oracle E-Business Suite 12.2.8 upgrade to version 12.2.9 11999

Oracle E-Business Suite 12.2.7 upgrade to version 12.2.8 9945

Migration to Java Web Start in Oracle EBS 12.2 instance 9938

Securing sensitive data with Oracle VPD 7863

EBS 12.1.3 BI Publisher Excel templates generate XLS instead of XLSX and limit row number to 65,536 6486

Blog Archive
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
Recent Events
2026
2025
2024
2023
2022
2021
2020
2019
2018