Sunday, November 29, 2009
MOAC- Multi Org Access Control
Multiple Organization Architecture was first introduced in Release 10.6, for data security by Operating Unit. In Release 10.7, we added a column, ORG_ID, to each base table that requires ”partitioning” by Operating Units. All the tables that are partitioned are renamed with suffix, ‘_ALL’, and their corresponding secured views are created in APPS schema. Multi-Org views restrict data access by filtering records for a single Operating Unit set by application responsibility level profile, ““MO: Operating Unit”.” The value for the profile option is cached in Application Context, and is initialized whenever FND initialization routine is called. All Multi-Org views as well as any SQL statements that require Multi-Org security contains FND CLIENT_INFO predicate. FND_CLIENT_INFO function retrieves ORG_ID value stored in the application context. The value is valid during a session unless it is explicitly changed by procedure calls. To retrieve all information regardless of the Operating Unit, the _ALL table should be used in the SQL statement. Cross-Organization reports are good example in which the query statements are performed against _ALL tables rather than Multi-Org secured views. In order to increase flexibility and performance in Multi-Org environment while providing the same level data security, Virtual Private Database (VPD) feature introduced in Oracle 8i RDBMS will replace usage of CLIENT_INFO function in Multi-Org Access Control. Virtual Private Database (VPD) The Virtual Private Database feature allows developers to enforce security by attaching a security policy to tables and views in Oracle8i, and to synonyms in Oracle 9i Release2. It attaches predicates for the security policies to every SQL statement against the database objects where policies are applied. When a user directly or indirectly accesses a table with a security policy, the RDBMS dynamically rewrites user’s SQL statement to include conditions set by security policy transparent to the user. The conditions can be expressed in, or returned by a function. Key benefits of VPD feature are ease of policy maintenance and flexibility. Security policy can be maintained in a PL/SQL file. This eliminates the need to change in CASE repository, and simplify the release mechanism. The VPD feature allows multiple security policies to be applied to a database objects (table, view, synonyms etc).
6 comments:
I'm extremely impressed with your writing skills as well as with the layout on your weblog. Is this a paid theme or did you modify it yourself? Anyway keep up the excellent quality writing, it is rare to see a nice blog like this one nowadays.
Look at my blog :: adobe macromedia flash player 8
I loved as much as you'll receive carried out right here. The sketch is attractive, your authored subject matter stylish. nonetheless, you command get bought an nervousness over that you wish be delivering the following. unwell unquestionably come more formerly again as exactly the same nearly a lot often inside case you shield this increase.
My web page - adam and eve discount code
Inspiring story there. What happened after? Good luck!
Here is my site :: hotmail email account
It's a shame you don't have a donate button! I'd definitely donate to this excellent blog! I guess for now i'll settle for book-marking
and adding your RSS feed to my Google account.
I look forward to fresh updates and will share this blog with
my Facebook group. Chat soon!
Also visit my homepage; meratol review
This is a topic that is close to my heart... Take care! Where are your contact details though?
Feel free to visit my homepage - a cinderella story once upon a song
I lіke whаt you guys tenԁ to be uρ too.
This κind of cleνer ωork аnԁ coverage!
Κеep up thе superb works guys I've you guys to blogroll.
my blog abrir cuenta facebook
Post a Comment