JD Edwards EnterpriseOne Authorization Model

JD Edwards EnterpriseOne authorization security enables a security administrator to control security for individual users and for groups of users. Setting up security correctly ensures that users in the system have permission to perform only those actions that are essential to the completion of their jobs.

The JD Edwards EnterpriseOne authorization security model is not secured by default. You should explicitly lock down all users by setting up different types of EnterpriseOne security for *PUBLIC, and then set up inclusive security to grant rights to roles.

EnterpriseOne applies authorization security in the following sequence for the signed-in user:

When a user attempts to access an application or perform an action, EnterpriseOne checks security for that particular user ID. If security exists for that user ID, the software displays a message indicating that the user cannot proceed.

If the user ID has no security, the software checks role profiles (if that user is part of a specific role), and then *PUBLIC for security. If no security is established at any of these levels, the software allows the user to continue.

EnterpriseOne also provides software license security through protection codes, and it requires user validation at sign-in and when accessing new data sources.