Skip to main content

Incorporate Oracle EBS Security

Hubble incorporates Oracle EBS security as described below.

General Ledger Security

Functional Security

Functional security is controlled through roles (responsibilities). GL module licenses are only assigned to users who require them.

Data Access Set Security

Data Access Sets secure access to ledgers, ledger sets, and portions of ledgers by using primary balancing segment values. All ledgers in the same data access set must use the same chart of accounts and accounting calendar.

The ERP data regarding which roles can access a Data Access Set to generate SQL Join conditions on specific tables is used. In some tables, the field containing this data is called SET_OF_BOOKS_ID, a legacy from version 11i of EBS. The list of tables for which these conditions are generated is maintained in the source code of the Hubble application.

Segment Value Security

Segment value security rules are set up against ‘value sets’ to control access to parent or detail segment values.

In practice:

  • Oracle: Securing a value set denies access to all values by default. Create conditions and assign them to specific data roles to control access to your value set values.
    Hubble : SQL based on the conditions is generated, provided this SQL is compatible with the report code.
  • Oracle: Restrict data entry, online inquiry, and reporting to specific values by using segment value security rules.
    Hubble : SQL conditions based on the specific values is generated.

Chart of Accounts Security

Oracle allows the enabling of security for a Chart of Accounts. This denies access to all users except as permitted by Segment Value Security.

Default Ledger Selector

In many Hubble templates a filter on the Ledger Id is included, and a Selector to set the filter value equal to the default ledger is generated. This is not exactly security, as it allows the users to change or remove the filter value, but it is helpful, especially where a user only works on a single ledger.

Ledger security also applies in Visual Assists, as the user will not be able to put a ledger they should not see into a filter.

HR Business Group Security

In HR and Payroll there is security on the links between roles and business groups. It is expected that the associated rules be set up by the customer.

HR and Payroll Security

There is a second layer of security for HR and Payroll. The permitted Persons, Organization Units, Positions, Assignments, Payrolls can be returned as lists from Oracle EBS functions. These lists are then stored in temporary tables and joined to the report to restrict access.

Even when running on Actian Vector, Hubble requires a connection back to the Oracle source database in order to provide this security. This is set up in the profile as the Security Connection and must be to the APPS user.