You can control access to an application, individual pages, or page components by creating an access control list.
This section contains the following topics:
See Also:
"Building Queries with Query Builder" in Oracle Application Express SQL Workshop and Utilities GuideSee Tutorial:
"How to Build an Access Control Page" in Oracle Application Express Advanced TutorialsYou create an access control list by running the Access Control Wizard. The Access Control Wizard creates a page named Access Control Administration. This page contains a list of application modes and an Access Control List. Once you create the Access Control Administration page, you:
Run the Access Control Administration page.
Select one of the following application modes:
Full access to all, access control list not used.
Restricted access. Only users defined in the access control list are allowed.
Public read only. Edit and administrative privileges controlled by access control list.
Administrative access only.
Add users to the Access Control List.
In addition to creating the Access Control Administration page, the Access Control Wizard also creates:
two tables within the application's default schema to manage the access control
the authorization schemes that correspond to the application mode list options
the privileges available in the Access Control List
You can control access to a specific page or page component by selecting one of these authorization schemes on the page or component attributes pages. Once you create an Access Control, you can customize the page, tables and values to suit the specific needs of your application.
You create an access control list by creating a page. You can create a page on the Application home page, while viewing a Page Definition, or by clicking Create on the Developer toolbar.
Topics in this section include:
To create an access control list from the Application home page:
On the Workspace home page, click the Application Builder icon.
Select an application.
The Application home page appears.
Click Create Page.
For page type, select Access Control and click Next.
The Access Control Wizard appears.
Specify a page number and click Next.
Select a tab option and click Next.
Review the confirmation page and click Finish.
To create an access control list from the Page Definition:
Navigate to the appropriate Page Definition. See "Accessing a Page Definition".
Click the Create button next to the navigation bar at the top of the page.
Select New page and click Next.
For page type, select Access Control and click Next.
The Access Control Wizard appears.
Specify a page number and click Next.
Select a tab option and click Next.
Review the confirmation page and click Finish.
To create an access control list from the Developer toolbar:
Run the application. See "Running a Page or Application".
On the Developer toolbar, click Create.
Select New page and click Next.
For page type, select Access Control and click Next.
The Access Control Wizard appears.
Specify a page number and click Next.
Select a tab option and click Next.
Review the confirmation page and click Finish.
You can control access to an application by running the Access Control Administration page, selecting an application mode, and then adding users to the Access Control list.
This section contains the following topics:
To select an application mode:
Create an access control list. See "Creating an Access Control List".
The wizard creates a page named Access Control Administration.
Run the Access Control Administration page. See "Running a Page or Application".
Select an Application Mode. Options include:
Full access to all, access control list not used.
Select this option to enable all users access to an application.
Restricted access. Only users defined in the access control list are allowed.
Select this option to restrict access to users on the Access Control List. Only users on the Access Control List can view pages and components associated with an authorization scheme.
Public read only. Edit and administrative privileges controlled by access control list.
Provides public access to pages and components associated with the access control - view authorization scheme.
Administrative access only.
Only users with Administrator privileges can access pages or components associated with an authorization scheme.
Click Set Application Mode.
Note that the user interface of your page is dependent upon the theme you selected for your application. See "Managing Themes".
Next, add users to the Access Control List.
To add users to the Access Control List:
Under Access Control List, click Add User.
A new row appears.
Enter a user in the Username field.
Associate a privilege with the user. Available options include:
Administrator
Edit
View
Click Apply Changes.
Repeat steps 1 to 5 for all users.
The Access Control Wizard creates authorization schemes that correspond to the application mode list options and the privileges available in the Access Control List.
You can control access to a specific page or page component by selecting one of the following authorization schemes on the page or component attributes pages:
access control administrator. Only users with Administrator privileges can view the page or component.
access control - edit. Users with both Edit and Administrator privileges can view the page or component. Users with View privileges cannot view the page or component.
access control - view. Users with Administrator, Edit, or View privileges can view the page or component.
Not access control administrator. Users with Administrator privileges cannot view the page or component.
Not access control - edit. Users with both Edit and Administrator privileges cannot view the page or component. Users with View privileges can view the page or component.
Not access control - view. Users with Administrator, Edit, or View privileges cannot view the page or component.