ESS/MSS and backend security challenges

We use different Lawson logins for ESS, MSS, and backend users. We are working on combining these so users will only have one login for Lawson. I'm currently testing the security. We keep adding code to various Lawson forms to restrict access. I have HR11.1 controlled using HR10.1 and HR09.1. I just encountered a MSS form (HS10.2) that will allow our non-HR managers access an employee's birth date, including year. The user simply has to look up a supervisor by name from the supervisor field and inquire. All the birthdates for the supervisors direct reports are listed. When Employee Dates (HS10.2) is access via MSS bookmark, only the month and day appear. This is not the only form we have had to look at adding code to restrict access. I'm wondering how anyone else that uses ESS/MSS handles these situations.

Find more posts tagged with

Infor Lawson Human Resources Group - Discussion

Comments

unknown

Sarah We are just starting a project to combine our 2 types of users just as you explained here. Sorry I can't answer your testing questions. I would love to stay in touch with you and wonder if you have any documnets on how you went from 2 logins to 1 login. We plan to do a corporate bind to login with our corporate network ID once the merge is complete. Any information you can provide would be most appreciated. Thanks Kathy

0712131256598360.doc

unknown

Our MSS security classes use the global function user.is InChainOfCmdOfEmpInHR, but you could also use the user.isSupervisorOfEmpInHR if you wanted to limit it just to the manager they report to.

Copyright © 2025 Infor. All rights reserved.