Hi,
We'd like to be able to run Deferred Calls as a different user. I can't find anything to make this work. Is this possible?
Hi,
We'd like to be able to run Deferred Calls as a different user. I can't find anything to make this work. Is this possible?
Hi,
Can you please elaborate on your requirement please? What do you mean by
We'd like to be able to run Deferred Calls as a different user.
That is
Sorry if I was unclear. I want to trigger a deferred call and run it under a different user the the currently logged in user. So I if I’m logged in as ‘TESTUSER’ I want to trigger a deferred call and run it under ‘IFSBATCH’.
I believe this is not possible. If this is allowed, I think that would spark a security concern as well. Let’s wait for some more comments from the community to confirm.
However, it would be beneficial to know the business need you are trying to use this implementation as there could be a different way to workaround your issue.
Have you tried using Fnd_Session_API.Impersonate_Fnd_User
?
Eg:
begin
Dbms_Output.put_line('Session user: ' || Fnd_Session_API.Get_Fnd_User);
IFSAPP.Fnd_Session_API.Impersonate_Fnd_User('NEW_USER_ID');
Dbms_Output.put_line('Session user changed to: ' || Fnd_Session_API.Get_Fnd_User);
-- run the job
IFSAPP.Fnd_Session_API.Reset_Fnd_User;
Dbms_Output.put_line('Session user reset to: ' || Fnd_Session_API.Get_Fnd_User);
end;
Issue with impersonate user is that you will have to give this level of access to the first user who is performing the action - something which isn’t advised.
I also think if your user doesn’t have Impersonate_Fnd_User level privileges, there is no way to do this. That will be a security restriction as Kasun mentioned.
Thanks for the reactions! I understand the security risks. We are going to have a look if this is a viable option for us.
Going back to the start, can you elaborate as to why you need to run the deferred jobs as another user?
I’m guessing its a triggered event perhaps?
I would have to echo the others as far a security goes. You can only impersonate once per session and then you would be opening up the first session to the second sessions privileges. NOT a good option. Richard asks a good question. What are you trying to accomplish?
We are working on automating the creation of Sales Parts for our Inter-Site setup. Including setting up the correct pricing and thus doing things like cost calculations, etc. The people doing this should only be able to do this for Inter-Site parts. We have created a solution that seems to be working.
so… top of my head maybe a scheduled job could accomplish this, depending on how often you create parts and how quickly you need them to be created on the inter-sites or using IFS migrations in-house replication functionality…
Which version of IFS are you using, might be able to patch something together for you
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.