Synchronizing Security with Integrated Environments

Your adapter must synchronize security with the external system:

• Object Security: Users should be able to access only the appropriate Oracle Life Sciences Data Hub objects (Program or Business Area) from the external system and have only the appropriate privileges on those objects.
• Data Security: Users should be able to see data only in Table instances that are mapped to the object's Table Descriptors, and should be able to view only data in appropriate currency and blinding states.

Both types of security must be enforced both when the user launches an IDE from within Oracle LSH and when the user logs in directly to the external system.

The Oracle LSH security system enforces object security within Oracle LSH through user accounts. Viewing data requires an Oracle LSH database account mapped to a user account. Your adapter can use one or more Oracle LSH user accounts to take advantage of this functionality.

Within Oracle LSH, the system enforces that users can see data only in Table instances mapped to the current object. You can use the Tracking API and Tracking Table to enforce the same restriction in the external system.

See the Oracle Life Sciences Data Hub Implementation Guide and the Oracle Life Sciences Data Hub System Administrator's Guide for information on Oracle LSH security.

For details, see the following:

• Enforcing Security on Corresponding External Entities
  You may need to create entities in the external system that correspond to Oracle Life Sciences Data Hub objects.
• Establishing Context
  An application context is a set of name-value pairs that Oracle Database stores in memory.
• Tracking and Removing Object Access
  Program and Business Area adapters allow users to launch an integrated development environment (IDE) from Oracle Life Sciences Data Hub to modify an Oracle LSH Program or Business Area's source code.