action security


Hi everyone!

My company has just migrate to Eone and I'm trying to understand how it works.

I've read the security administration guide and I understand that through the action security settings it's possible to create a read-only access, (disabling the option to add, delete, revise, inquire, or copy a record) but when I talk to the IT team they tell me that Eone is not prepared for having read-only users and due to these restrictions they have to duplicate the windows, one with the full access to work on and other one only for read access, and besides, everytime there is a patch or update, they have to test how the new version affects this read only windows because they can lose the configuration.

I'm very confused, what the IT team says is correct or I have misunderstood the security guide?

(Sorry I'm not native english and I don't understand Eone, so probably my explanation is a totally mess!:confused:)

Many thanks!!
There are 2 levels of "row" security for interactive applications:

1: Application Security (Security Type 3). This designates if the Role/Users can actually access the particular application
2: Access Security (Security Type 1) tell what type of access (other than "read") the Role/User will have.

If the user/role only has Application Security defiled, they will not be able change anything for the particular Interactive applications.

Note: Application and Access security can also be set at individual forms within an application.

Reports/UBE only have Application security with run set to Y or N

Out of the box, E1 is wide open for access. This means that any user can run any application and perform all actions (add, change, delete, inquiry, copy) on those applications. It also means they can run any report (UBE).
It is advised that you look up the settings on Oracle Support for making your E1 system All Doors Closed (or Deny All). This involves adding various lines of security to *PUBLIC to set the system so that by default, no users can run any applications or reports and they cannot perform any of the add, change, delete, inquiry or copy actions within the applications. Once you have that in place, you start adding security back for applications and reports that the various roles need to perform their jobs.

Bottom line is that there are various options available to you, things that you can do before you need to do any custom development.

Feel free to PM me if you want more details.

Matt Vanderkooy
Director of Customer Success/Security Team Lead