This view will give the clear mapping of the oprid and permission that he has on the set of the pages in particular menu path.
This view also displays ROLENAME and CLASSID through which oprid has the permission to a particular page.
SELECT DISTINCT h.oprid , h.oprdefndesc , g.rolename
, a.classid ,Decode(SUBSTR (b.menugroup , 1 , INSTR (b.menugroup , '&') - 1) SUBSTR (b.menugroup , INSTR (b.menugroup , '&') + 1 , LENGTH (b.menugroup) ) ,'PeopleSoft'
,'PeopleTools' ,SUBSTR (b.menugroup , 1 , INSTR (b.menugroup , '&') - 1) SUBSTR (b.menugroup , INSTR (b.menugroup , '&') + 1 , LENGTH (b.menugroup) )) AS menugroup_label , SUBSTR (b.menulabel , 1 , INSTR (b.menulabel , '&') - 1) SUBSTR (b.menulabel , INSTR (b.menulabel , '&') + 1 , LENGTH (b.menulabel) ) AS menu_label
, a.menuname , c.barname , SUBSTR (c.barlabel , 1 , INSTR (c.barlabel , '&') - 1) SUBSTR (c.barlabel , INSTR (c.barlabel , '&') + 1 , LENGTH (c.barlabel) ) AS bar_label
, SUBSTR (c.itemlabel , 1 , INSTR (c.itemlabel , '&') - 1) SUBSTR (c.itemlabel
, INSTR (c.itemlabel , '&') + 1 , LENGTH (c.itemlabel) ) AS menuitem_label
, c.pnlgrpname AS component , DECODE (a.authorizedactions , 1 , 'Add' , 2 , 'Update/Display'
, 3 , 'Add Update/Display' , 4 , 'Update/Display All' , 5 , 'Add Update/Display All'
, 6 , 'Update/Display Update/Display All' , 7 , 'Add Update/Display Update/Display All'
, 8 , 'Correction' , 9 , 'Add Correction' , 10 , 'Update/Display Correction'
, 11 , 'Add Update/Display Correction' , 12 , 'Update/Display All Correction'
, 13 , 'Add Update/Display All Correction' , 14 , 'Update/Display Update/Display All Correction'
, 15 , 'Add Update/Display Update/Display All Correction' , 129 , 'Add Data Entry'
, 131 , 'Add Update/Display Data Entry' , 135 , 'Add Update/Display Update/Display All Data Entry' , 143 , 'Add Update/Display Update/Display All Correction Data Entry' , 139
, 'Add Update/Display Correction Data Entry' , 133 , 'Add Update/Display All Data Entry'
, 137 , 'Add Correction Data Entry' , 141 , 'Add Update/Display All Correction Data Entry'
, 130 , 'Update/Display Data Entry' , 134 , 'Update/Display Update/Display All Data Entry'
, 138 , 'Update/Display Correction Data Entry' , 142 , 'Update/Display Update/Display All Correction, Data Entry' , 132 , 'Update/Display All Data Entry' , 140 , 'Update/Display All Correction Data Entry' , 136 , 'Correction Data Entry' , 128 , 'Data Entry' ) AS authorized_actions , SUBSTR (d.itemlabel , 1 , INSTR (d.itemlabel , '&') - 1) SUBSTR (d.itemlabel , INSTR (d.itemlabel , '&') + 1 , LENGTH (d.itemlabel) ) AS componentitem_label
, d.pnlname AS pagename , DECODE (a.displayonly , 1 , 'READONLY' , 0
, 'WRITE') AS read_write , c.itemnum , d.subitemnum FROM psauthitem a
, psmenudefn b , psmenuitem c , pspnlgroup d , pspnlgrpdefn e , psroleclass f
, psroleuser g , psoprdefn h WHERE a.menuname = b.menuname AND a.menuname = c.menuname AND a.barname = c.barname AND a.baritemname = c.itemname
AND a.PNLITEMNAME=d.ITEMNAME AND c.itemtype = 5 AND d.pnlgrpname = c.pnlgrpname AND d.market = c.market AND d.pnlgrpname = e.pnlgrpname AND d.market = e.market AND e.pnlgrpname = c.pnlgrpname AND e.market = c.market AND f.classid = a.classid AND f.rolename = g.rolename AND g.roleuser = h.oprid AND h.acctlock = 0
Friday, October 23, 2009
Sign on Process in PeopleSoft
The following six steps will walk us through the PeopleSoft signon process and explain where the Signon Peoplecode comes into play here.
1. As is the process in ALL PeopleSoft applications, the user signs on with their User ID & Password and the system then validates the ID & password against the PSOPRDEFN table. If ID & Password are valid, then the user is successfully signed on. This will be done no matter what type of authentication process we are going to use. We cannot get around this, as this is the way the application is designed to work.
2. If the initial signon authentication against the PSOPRDEFN table is unsuccessful, then the system Checks to see if LDAP Authentication Signon Peoplecode is enabled. If it is not, then the user is denied access assuming that the user is trying to authenticate with their LDAP user id and password.
3. If the LDAP Authentication Signon Peoplecode is enabled, then system invokes LDAP Authentication with the directory via the LDAP_SEARCH and LDAP_BIND Business Interlinks.
4. Using these businesses interlinks the Signon Peoplecode will then validates the User ID & Password Against the directory using the values we have setup in the directory authentication setup pages.
5. If the Directory does not validate the User ID & password, then the Directory Authentication fails, the PeopleSoft Authentication fails, and the user is denied access. This failure could happen for a number of Reasons.
6. However, if the directory authentication is successful, then a user profile is created using the USER_PROFILE Component Interface, assuming we have the USER_PROFILESYNCH is enabled as Part of our wLDAP authentication setup, the PeopleSoft Authentication is validated, and the signon is Successful.SIGNON PEOPLECODEThere are three technologies used during this signon process and they are signon Peoplecode, business Interlinks, and USER_PROFILE component interface.Signon Peoplecode is the ability to execute Peoplecode during the signon process. Any Peoplecode Program can be executed at signon time. PeopleSoft delivers LDAP Authentication Signon Peoplecode As of People Tools 8.LDAP Authentication Signon Peoplecode uses the LDAP Business Interlink and the USER_PROFILE Component Interface (UPCI) to verify the USER NAME and PASSWORD and automatically update or Create the user profile information in the PeopleSoft database if it does not already exist.The LDAP_SEARCH and LDAP_BIND Business Interlinks are called by Signon Peoplecode for LDAP authentication and come delivered, ready to use, with PeopleSoft 8.The LDAP Business Interlink provides an Application Programming Interface (API) to LDAP with Peoplecode. The API is used to access LDAP compliant directories.The first thing we need to do is to navigate to the PeopleTools > Maintain Security > Setup > DirectoryAuthentication page. – to do the set for Directory access server.
1. As is the process in ALL PeopleSoft applications, the user signs on with their User ID & Password and the system then validates the ID & password against the PSOPRDEFN table. If ID & Password are valid, then the user is successfully signed on. This will be done no matter what type of authentication process we are going to use. We cannot get around this, as this is the way the application is designed to work.
2. If the initial signon authentication against the PSOPRDEFN table is unsuccessful, then the system Checks to see if LDAP Authentication Signon Peoplecode is enabled. If it is not, then the user is denied access assuming that the user is trying to authenticate with their LDAP user id and password.
3. If the LDAP Authentication Signon Peoplecode is enabled, then system invokes LDAP Authentication with the directory via the LDAP_SEARCH and LDAP_BIND Business Interlinks.
4. Using these businesses interlinks the Signon Peoplecode will then validates the User ID & Password Against the directory using the values we have setup in the directory authentication setup pages.
5. If the Directory does not validate the User ID & password, then the Directory Authentication fails, the PeopleSoft Authentication fails, and the user is denied access. This failure could happen for a number of Reasons.
6. However, if the directory authentication is successful, then a user profile is created using the USER_PROFILE Component Interface, assuming we have the USER_PROFILESYNCH is enabled as Part of our wLDAP authentication setup, the PeopleSoft Authentication is validated, and the signon is Successful.SIGNON PEOPLECODEThere are three technologies used during this signon process and they are signon Peoplecode, business Interlinks, and USER_PROFILE component interface.Signon Peoplecode is the ability to execute Peoplecode during the signon process. Any Peoplecode Program can be executed at signon time. PeopleSoft delivers LDAP Authentication Signon Peoplecode As of People Tools 8.LDAP Authentication Signon Peoplecode uses the LDAP Business Interlink and the USER_PROFILE Component Interface (UPCI) to verify the USER NAME and PASSWORD and automatically update or Create the user profile information in the PeopleSoft database if it does not already exist.The LDAP_SEARCH and LDAP_BIND Business Interlinks are called by Signon Peoplecode for LDAP authentication and come delivered, ready to use, with PeopleSoft 8.The LDAP Business Interlink provides an Application Programming Interface (API) to LDAP with Peoplecode. The API is used to access LDAP compliant directories.The first thing we need to do is to navigate to the PeopleTools > Maintain Security > Setup > DirectoryAuthentication page. – to do the set for Directory access server.
Peoplesoft 9.1 enhanced features
The following lists most of the major new features.
Enhanced Web 2.0 Features
PeopleSoft Enterprise Portal contains many Web 2.0 capabilities. Collaborative Workspaces--which is a set of features that come with PeopleSoft Enterprise Portal--supply the majority of those capabilities.
PeopleSoft Enterprise Portal 9.1, along with PeopleTools 8.50, also introduces an exciting innovation that allows business analysts to provide collaborative services in their PeopleSoft application pages. Now users can work collaboratively in the context of the business data, in their PeopleSoft application pages, without having to go to a portal or collaboration workspaces. More importantly, the collaborative content is contextually tied to the business data and always available to the users of these applications.
PeopleSoft Enterprise portal 9.1 will provide these important new features:• Wikis• Blogs• Tagging (also known as Social Bookmarking)• Feeds (ATOM) publishing• Related Discussion • Tagging • Links servicesThe new features when combined with existing Web 2.0 features provide a comprehensive Web 2.0 platform. These include:• Discussion forum• Document management• Community Calendaring• Action items• PollingThese features, along with the inherent, delivered integration with PeopleSoft applications, make PeopleSoft Enterprise Portal a strong platform to support your PeopleSoft-focused business processes as well as those that require external or other content.
Enhanced User Experience
PeopleSoft Enterprise Portal is delivered on PeopleTools 8.50. This will give Portal some important usability improvements. Among the most notable:• Partial page/pagelet refresh. (Content in a single pagelet can be refreshed without refreshing everything in the Portal. This improves performance.)• Drag-and-drop pagelets. Now users will be able to arrange the layout of their portal by simply dragging pagelets to their desired location.• Composite UIs/Mashups delivered via Related Content framework • Improved search.• Contemporary styles
Enhanced Web 2.0 Features
PeopleSoft Enterprise Portal contains many Web 2.0 capabilities. Collaborative Workspaces--which is a set of features that come with PeopleSoft Enterprise Portal--supply the majority of those capabilities.
PeopleSoft Enterprise Portal 9.1, along with PeopleTools 8.50, also introduces an exciting innovation that allows business analysts to provide collaborative services in their PeopleSoft application pages. Now users can work collaboratively in the context of the business data, in their PeopleSoft application pages, without having to go to a portal or collaboration workspaces. More importantly, the collaborative content is contextually tied to the business data and always available to the users of these applications.
PeopleSoft Enterprise portal 9.1 will provide these important new features:• Wikis• Blogs• Tagging (also known as Social Bookmarking)• Feeds (ATOM) publishing• Related Discussion • Tagging • Links servicesThe new features when combined with existing Web 2.0 features provide a comprehensive Web 2.0 platform. These include:• Discussion forum• Document management• Community Calendaring• Action items• PollingThese features, along with the inherent, delivered integration with PeopleSoft applications, make PeopleSoft Enterprise Portal a strong platform to support your PeopleSoft-focused business processes as well as those that require external or other content.
Enhanced User Experience
PeopleSoft Enterprise Portal is delivered on PeopleTools 8.50. This will give Portal some important usability improvements. Among the most notable:• Partial page/pagelet refresh. (Content in a single pagelet can be refreshed without refreshing everything in the Portal. This improves performance.)• Drag-and-drop pagelets. Now users will be able to arrange the layout of their portal by simply dragging pagelets to their desired location.• Composite UIs/Mashups delivered via Related Content framework • Improved search.• Contemporary styles
Subscribe to:
Posts (Atom)