My Oracle Support Banner

RoleEffectiveTo In AsUserSecurityGroup Does Not Work As Expected (Doc ID 2541740.1)

Last updated on JANUARY 22, 2020

Applies to:

Oracle Insurance Policy Administration J2EE - Version and later
Information in this document applies to any platform.


On : version, General

RoleEffectiveTo in AsUserSecurityGroup does not work as expected

RoleEffectiveTo in AsUserSecurityGroup does not work as expected. If a user is assigned to one group and a date is set for the RoleEffectiveTo it will not let the user login if that system date is after the EffectiveTo, this is working as expected. If a user is assigned to two security groups and one of these groups has a RoleEffectiveTo set the system will let the user login but once logged in the permissions of the "expired" group will still be active. We would expect that the permissions of the expired group not be active.

If a user is assigned to two or more security groups where one of the groups has it's RoleEffectiveTo date is set and it's before the systemdate if a user logs in they would not have that groups permissions

The issue can be reproduced at will with the following steps:
1) Login in to OIPA
2) Navigate to a Policy
3) Add activity and enter in a valid phone number
3a) Notice mask is applied to it
4) Look at the security groups for the oracle user and notice the RoleEffectiveTo is set but the mask is still being applied.

The issue has the following business impact:
We cannot control user permissions how we would like to




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.