1. Using Common Features for HCM
  2. Set Up Data Security for Oracle Search

Set Up Data Security for Oracle Search

Set up Oracle Search data security with dynamically computed access control lists (ACLs).

Set Logging Profile Options

You need to run ACL processes with some minimum logging capabilities. Set these profile options:

  1. Navigate to Home > Setup and Maintenance > Manage Administrator Profile Values.

  2. Search and set these profile options.
    Profile Option Code Profile Display Name Application Module Profile Level Profile Value
    AFLOG_ENABLED FND: Log Enabled Oracle Middleware Extensions for Applications Application Logging Site or User level for the user running ACL processes Yes
    AFLOG_LEVEL FND: Log Level HCM Common Architecture Application Logging Site or User level for the user running ACL processes Severe
    AFLOG_MODULE FND: Log Module Filter Global Human Resources Application Logging Site or User level for the user running ACL processes %

Initiate ACL Ingestion

Run a process to erase an existing existing ACL index, create the required ACL index, and populate it with access control lists for all users. Complete this step only once when setting up the data security for Oracle Search.

  1. Navigate to Tools > Scheduled Processes.

  2. Run the process that's described in this table.
    Job Name Description
    HCM Access Control List Initial Ingestion Creates HCM access control list and performs the initial ingestion.
    Note:
    • This process should not be run periodically and should not be scheduled.
    • Running this process isn't required with release upgrades.

Schedule ACL Processes

Schedule these ACL processes, if they're not yet scheduled.

  1. Navigate to Tools > Scheduled Processes.

  2. Schedule these processes.
    Job Name Frequency
    Compute Users ACL by Event Every 15-60 minutes
    Job Name Parameter Name Parameter Value Frequency
    Compute Users ACL User Population Logged in users Every 30-120 minutes
    Compute Users with Large ACL Action Compute Daily
    User Population All users with Large ACL
    Note:
    • The process Compute Users ACL with parameter User Population = All users should not be run periodically and should not be scheduled.
    • You can schedule the Compute Users ACL process with User Population = All Users only if the interval between runs is greater than 12 hours. The system prevents more frequent scheduling to protect performance.