Interpreting ECC Security Handler JSON Filters

When a user logs into ECC, the security handlers are responsible for translating the user’s EBS-based privileges (e.g., their assigned `ORG_ID` access) into JSON conditions . These JSON filters are then constructed and passed to the ECC data retrieval layer (Solr/Lucene) to restrict the data available for the user . This method is necessary because the data is retrieved from files indexed by Apache Lucene, not directly from the Oracle Database tables .

A typical JSON filter condition for MOAC security would target the organization ID . The structure would include the `key` being restricted (e.g., ‘ORG_ID’), the `operator` (e.g., ‘in’), and the `values` (the list of allowed ORG IDs) . For example: `{‘filters’:[{‘values’:[‘204′],’operator’: ‘in’,’key’:’ORG_ID’, ‘minValue’:’null’, ‘maxValue’:’null’}]}` .

No, it is generally understood that it is not possible to directly combine the ECC security handlers with Oracle VPD policies , . VPD works strictly at the table level within the Oracle database . Since ECC data is loaded out of the Oracle database and stored/indexed separately using Apache Lucene technology, the VPD policies cannot be directly applied during the user query phase in ECC .

To allow administrative login to the core Solr application from additional hosts, you need to configure the Weblogic Connection Filter . This is done in the Weblogic Admin Console under Security > Filter, where you must add an allow rule for the specific IP address of the administrative host, ensuring protocols like `http`, `https`, `t3`, and `t3s` are permitted on the managed server port (e.g., 7776) .