JDEUTIL

Apply to your VIGILENS requests the security of your JDE user

Presentation

The optional JDEUtil module allows you to improve the integration of Vigilens with JDE EnterpriseOne, by dynamically retrieving in Vigilens, at runtime from JDE/E1 :

The security of your JDE user
The connected JDE user
The JDE connection environment

Case Study

JDE security

In JDE/E1, a user CO_ALL has no security line, while the user CO_00070 has the following lines:

user CO_ALL

Now, the user CO_ALL connects to JDE and clicks on a Vigilens link:

The user does not reconnect in VIGILENS, nor does he use a generic user

The user CO_ALL has no restriction in JDE, the execution of the query displays the result for all the companies.

user CO_00070

The user CO_00070 connects to JDE and clicks on a Vigilens link:

The user does not reconnect in VIGILENS, nor does he use a generic user

The user CO_00070 only has access to the company 00070, VIGILENS adds this restriction automatically when the request is executed,

Operating principle

JDEUTIL is a JD Edwards application specifically developed by VIGILENS (P59VLVIG) to apply the line security of the connected JDE user to queries executed from JD Edwards web.

The user launches a VIGILENS query from JDE
Creation of a record in the F59VGSEC table. This record is used to create an anonymous and ephemeral authorization to connect to VIGILENS
Vigilens Designer: The Vigilens user manages the authorization to access the requests
Vigilens Web displays the result

The URL used is hidden and ephemeral

The identifier passed to VIGILENS is a unique key generated by JDEUTIL (P59VLVIG). The identifier is therefore anonymous

http://XXXXXXXXXX/Vigilens/table.php?vglCtrlName=DEMO/SECURITE_JDE&vglUserName=JDEUTIL&vglSecurDB=JDE_VIGILENS&vglSecurEnv=DV920&vglSecurID=290

VIGILENS will then delete the record containing the ID. Even if we manage to reuse the hidden URL, it will no longer be valid

THE SECURITY IS THUS MAXIMUM

Installation & Setup

Pre-requisite

VIGILENS Version above 7.0
JD Edwards Version above 8.12

Installation in JDE

Delivered JDE Objects

JDEUtil consists of several JDE/E1 objects, including:

A P59VLVIG application
A F59VGSEC table

These objects are delivered as a .par file, which must be restored in JDE by OMW. The objects must be promoted, packaged and deployed in all environments where JDEUtil is to run. The specific table must be generated in the different data sources.

Text Block Security

To ensure the correct behaviour of the application when launching the connection chain, it is necessary to set security to prevent the Encoding of the P59VLVIG application.

Open the program P00950 (in web or fat client) and choose the screen output “Text Block” (which corresponds to type “K”)

secure Encoding for all users (*PUBLIC) for the object P59VLVIG

Processing Options

1) This is the address of the VigilensWeb server.
- Ex : http://VigilensWEB/Vigilens
2) This is the Vigilens user for accessing shared directories
- 2.1) Named user or JDE user?
  - If empty or 1 JDEUTIL takes the user connected to JDE to access VIGILENS (Warning, it is necessary that the JDE user is also created as a VIGILENS user cf import user JDE) if the JDE user does not exist in the VIGILENS users then JDEUTIL will take the user of option 2.2
  - Otherwise the user of option 2.2 will be the user VIGILENS
- 2.2) Vigilens User
3) Used only to access tables F59VGSEC and F00950 for security purposes (no link with query result data)
- If option 6 is set to empty or N then options 3 and 4 are used to define the data source for security (the environment for the data will be the one defined in VIGILENS Designer)
- If option 6 is set to Y then options 3 and 4 are not used
4) Same as OT 3
- PD920 for the PRODUCTION environment
5) Path and name of the request to execute
- If empty, Vigilens Web opens the main window of the interface on the source folder(s) defined for the connected user
- Otherwise enter the path and name of the query to execute (Note that the path defined should not start from the root but from the user's root folder cf https://vigilens.wiki/dokuwiki/doku.php?id=v8_0_0:en:admintool:menus:gestion:utilisateur:start&s[]=user )
6) Data source for the query data
- If empty or N the data source for the DATA will be that defined in VIGILENS Designer
- If Y, the data source for the DATA will be the one used in the JDE environment

Execution from JDE

There are 2 possibilities to use JDEUTIL:

Calling directly in the menus the P59VLVIG. The selected version will define the actions to be performed

Call the P59VLVIG shortcut. This process allows you to create only one version of the P59VLVIG and to control the processing options directly in the URL

http://adresse_de_JDE/jde/ShortcutLauncher?OID=P59VLVIG_W59VLVIGA_Version_du_P59VLVIG&FormDSTmpl=|1|2|3|4|5|6|7|&FormDSData=|option_de_traitement_1| option_de_traitement_2| option_de_traitement_3 | option_de_traitement_4| option_de_traitement_5| option_de_traitement_6| option_de_traitement_7|

Table of Contents