Solved

Post Deferred Call as other user

J
Rank
Userlevel 4
Badge +9

Hi,

 

We'd like to be able to run Deferred Calls as a different user. I can't find anything to make this work. Is this possible?

icon

Best answer by dsj 10 January 2020, 16:02

View original
Regards, Jur

11 replies

Kasun Balasooriya
Rank
Userlevel 7
Badge +20

Hi,

Can you please elaborate on your requirement please? What do you mean by 

We'd like to be able to run Deferred Calls as a different user. 

 

That is

  1. Are you trying to trigger a deferred call from a another user other than the currently logged in user?
  2. Are you trying to trigger a deferred call from a user other than the application owner?

 

Kasun B - https://www.linkedin.com/in/kasunbalasooriya/
J
Rank
Userlevel 4
Badge +9

Sorry if I was unclear.  I want to trigger a deferred call and run it under a different user the the currently logged in user. So I if I’m logged in as ‘TESTUSER’ I  want to trigger a deferred call and run it under ‘IFSBATCH’.

Regards, Jur
Kasun Balasooriya
Rank
Userlevel 7
Badge +20

I believe this is not possible. If this is allowed, I think that would spark a security concern as well. Let’s wait for some more comments from the community to confirm. 

However, it would be beneficial to know the business need you are trying to use this implementation as there could be a different way to workaround your issue. 

Kasun B - https://www.linkedin.com/in/kasunbalasooriya/
dsj
Rank
Userlevel 7
Badge +20

Have you tried using Fnd_Session_API.Impersonate_Fnd_User?

Eg:

begin  
  Dbms_Output.put_line('Session user: ' || Fnd_Session_API.Get_Fnd_User);
  IFSAPP.Fnd_Session_API.Impersonate_Fnd_User('NEW_USER_ID');
  Dbms_Output.put_line('Session user changed to: ' || Fnd_Session_API.Get_Fnd_User);
  -- run the job 
  IFSAPP.Fnd_Session_API.Reset_Fnd_User;
  Dbms_Output.put_line('Session user reset to: ' || Fnd_Session_API.Get_Fnd_User);
end;

 

DSJ - https://dsj23.me
CallumW
Rank
Userlevel 6
Badge +15

Issue with impersonate user is that you will have to give this level of access to the first user who is performing the action - something which isn’t advised.

 

 

Callum Wells - https://uk.linkedin.com/in/callum-wells
Rusiru Dharmadasa
Rank
Userlevel 7
Badge +19

I also think if your user doesn’t have Impersonate_Fnd_User level privileges, there is no way to do this. That will be a security restriction as Kasun mentioned. 

Rusiru
J
Rank
Userlevel 4
Badge +9

Thanks for the reactions! I understand the security risks. We are going to have a look if this is a viable option for us.

Regards, Jur
R
Rank
Userlevel 2
Badge +6

Going back to the start, can you elaborate as to why you need to run the deferred jobs as another user?

I’m guessing its a triggered event perhaps?

https://www.linkedin.com/in/erppm/
M
Rank
Userlevel 3
Badge +10

I would have to echo the others as far a security goes.  You can only impersonate once per session and then you would be opening up the first session to the second sessions privileges.  NOT a good option.  Richard asks a good question.  What are you trying to accomplish?

 

J
Rank
Userlevel 4
Badge +9

We are working on automating the creation of Sales Parts for our Inter-Site setup. Including setting up the correct pricing and thus doing things like cost calculations, etc. The people doing this should only be able to do this for Inter-Site parts. We have created a solution that seems to be working.

Regards, Jur
R
Rank
Userlevel 2
Badge +6

so… top of my head maybe a scheduled job could accomplish this, depending on how often you create parts and how quickly you need them to be created on the inter-sites or using IFS migrations in-house replication functionality…

Which version of IFS are you using, might be able to patch something together for you

https://www.linkedin.com/in/erppm/

Reply


Terms & ConditionsCookie settings