Oracle® Insurance Rules Palette Release 9.3.1.0 E21044_01
Security for the Oracle Insurance Policy Administration (OIPA) system is configured in the Rules Palette. The Admin Explorer has a link for Application Security, which allows a security manager to enter new user information, edit user information, delete user information and manage security groups.
Application Security Folder in Admin Explorer
OIPA security can be configured at three levels: company, plan and transaction. Within each level, access can be granted to users for pages as well as the actions on those pages.
Levels for OIPA Security
At each level, access can be assigned at the top, which would allow a user to access all buttons on a particular page. Access can also be assigned at a very granular level, where a user may only be able to access one button on a particular page. Users can also be restricted from performing certain tasks at the activity level. For example, a user may only be able to process activities on the activity page, but may not be able to delete activities. Security in OIPA allows for precise and detailed levels of restriction for all types of system users, from agents to service representatives and department managers.
The image below provides an example of the Security Group feature. Every individual button on each screen of the system is listed along with a check box. In this example the Client Primary Company page is shown. By selecting the highest level checkbox on the Client line, all buttons within that group are also selected. Deselect any option by clicking the checked box. The information is then saved and a new security group is created.
Note: Each security group should only grant access to one primary company. Multiple primary companies cannot be viewed in OIPA. If a user needs access to multiple primary companies, then separate security groups should be created for each company and the user should have multiple login IDs.
Security Group File in Rules Palette
Steps to Create a new Security Group
Click the Admin Explorer tab and open the Security | Application Security folders.
Right-click the Security Groups folder and select Create New Security Group.
Select Yes to assign all security privileges to the new security group or select No to set security privileges manually.
Note: Each security group should only grant access to one primary company. Multiple primary companies cannot be viewed in OIPA. If a user needs access to multiple primary companies, then separate security groups should be created for each company and the user should have multiple login IDs.
Select Finish. The new security group will be listed in the Security Groups folder in blue. This means that it has not been checked-in yet.
Double-click on the name of the security group that was created. This will reveal the XML file.
Double-click the XML file to open it in the Configuration Area.
Add or remove any checked options.
Note: If No was selected in step three, but now all boxes are needed, then click the SELECTALL option at the top of the security record.
SelectAll Option in Security Group File
Check-in the file when finished. This will save the changes to the database.
Note: Users can be assigned to multiple groups. The privileges will overlap giving users all available privileges associated with each assigned group.
Click the Admin Explorer tab and open the Security | Application Security folders.
Open Security Groups folder and double-click on the security group to edit.
Right-click on the XML file and select Check-out.
Select or de-select checkboxes next to the privileges to edit.
Right-click on the XML file and select Check-in. This will save the changes to the database.
Open the Security folder in the Admin Explorer tab.
Open the Security Groups folder.
Open the specific security group folder that should be deleted.
Right-click on the XML file and select Delete Security Group.
Select Yes when the confirmation messages appears.
Security Groups Right-Click Options
Security must be assigned to each user of the OIPA system. After the security groups are created, OIPA users are added and associated with a security group. A security manager will need to send the user name and password information to the user once the user has been added.
Click the Admin Explorer tab and open the Security | Application Security folders.
Right-click on the Users folder and select Add New.
Enter the user information as shown in the image below. This is where the user's log-in name and password are created. Send this information to the user once it has been saved.
Select the primary company the user will be working with.
Select the locale where the user is based. The locale determines the language that dynamic fields and transaction names will display in.
Select the Security Group to assign to the user.
Select Finish when all of the information has been selected. The user information will appear as an individual XML file under the User node.
New User Security Wizard
Right-click on the user to delete.
Select Delete User.
Select Yes on the Delete Confirmation window. The user will be removed.
Click the Admin Explorer tab and open the Security | Application Security folders.
Open the Users folder.
Double-click on the user folder to edit. It will reveal the XML file.
Double-click the XML file to open it in the Configuration Area.
Make the changes to the user file.
Click Save on the Tool bar when finished. This will save the changes to the database.
Close the file when finished.
This is done by clicking the 
icon next to the name of the file at the
top of the Configuration Area.
