Function Security 1. In Oracle Several Business Functions are available on a Form. 2. A user is defined and is assigned responsibilities. 3. Oracle User account (Oracle UID) provides access to specific tables in the database. 4. User passwords are case sensitive depending on profile value (sign on password case) 5. An application is a collection of forms, reports, functions and programs. 6. A responsibility is a context in which the user operates and gives the user access to (specific restricted)forms, reports and applications. 7. In other words a responsibility is a collection of authorizations that allows access to specific application/s, ledger/s, restricted windows, functions and reports. 8. Responsibility now has been reduced to navigation menus with the advent of roles in OUM. 9. Access is controlled on a need to know basis and all users need not access all the functions. 10. A function is a part of an applications’ functionality, registered uniquely with the purpose of excluding it or including it as part of a responsibility. 11. Functions are of two types executable (form-accessed from the navigator) and non-executable (sub-functions -executed from within a form e.g. buttons) 12. Responsibility denotes the privileges a user has when he logs on to Oracle applications a)The functions he can access b)the reports he can run and c) the database account to which the forms, reports and concurrent programs connect to. 13. Every responsibility has a menu assigned and represents the functions/menus and permissions. 14. Menu entries not displayed on the navigator are a)non-executable functions b)menus without prompt and c) Menus without entries 15. Menu and Data Group are required components of a Responsibility. 16. Functions and Menu exclusions is optional when defining a responsibility. 17. If a submenu and a function is defined in the same line of a menu a)If the function is executable the submenu will not be displayed b)if the function is not executable then the submenu will be displayed on the navigator. 18. When you define a custom application you specify the application, shortname and base path. Application description is optional. 19. Only system administrators can create Oracle ID’s. 20. Install group denotes the data group associated with an application. It is 0 when the application spans all data groups and 1 or greater for specific data group. 21. An application can be listed only once in a data group. 22. An Oracle ID can be associated with more than one application. 23. Custom applications can be included in a data group. 24. Data group is nothing but oracle ID associated with an application 25. Function Security Reports a) Function Security Function Report b)Function Security Menu Report c)Function Security Navigator Report 26. Menu Types: Standard – Navigator use Tab- Self service use Security- For security purposes (not used on navigator) 27. Grant – automatically enables a function for the user. 28. Modifying a user menu takes immediate effect. If you change the user menu name the entries are not affected and exist under the new name. 29. Menu viewer is a read only window giving a hierarchical view of menus. 30. There are 3 view styles : vertical, Org-chart and Interleaved. 31. Functions can be excluded at any level 32. Excluding a menu from a responsibility will result in all functions and menus that are nested to be excluded. 33. Excluding a function from a responsibility will result in exclusion of the function from the menu structure of that responsibility. 34. When a Request Group is assigned to a responsibility it becomes a request security group. 35. Request Security group specifies the Reports , Request Sets and concurrent Programs that the user can run from the SRS. 36. A request security group can contain requests and request sets from different applications. 37. The Privileges for Individual programs/requests not included individually in a request security group but form part of a request set in the group is a)users can run such requests as they are included in a request set in the group b)user can add new requests to the request set or delete from the request set c)however they cannot edit or stop such individual requests in the request set. 38. Steps for defining a Menu a) Identify menu needs b)Print Function security Report for similar menus c)Plan the structure d)start on a blank form e)Build from bottom to top f)Assign to a Responsibility g)Run function security report to document and signoff.