Information Technology Reference
In-Depth Information
•
Application implementation manager
: This role has the following rights:
•
To manage an implementation project
•
To assign tasks
•
To setup export and import processes
•
Application implementation consultant
: This role has broad access rights.
It includes the ability to set up all enterprise structures.
Implementation users can be restricted to specific data subsets. This is done by cre-
ating a new data role using the
Create Data Role for Implementation Users
task list.
Application user
Once the enterprise structure is defined, end users or application users can be cre-
ated. These users are the true end users of the application. An application user is
created by invoking the
Manage User
task.
The Manage User task does not use OIM pages. All user creation information is
gathered from the Oracle Fusion Applications' HCM pages. Once all the informa-
tion has been collected, an internal web service call is made to provision the user in
OIM. To maintain security, this service call is made using the
Service Provisioning
Markup Language
(
SPML
).
Application users have rights to transact with Oracle Fusion Applications. They have
the ability to create and modify application data via application-defined functionality.
Application users have an entry in the
PER_USER
table.
Before creating a user it is recommended to run the
Retrieve Latest LDAP Change
job. This retrieves the latest roles and any role changes from OIM so that they are
available in Oracle Fusion Applications.
Managing authorization
Oracle Fusion Applications define authorization as "Who can do what on which func-
tion or data set under what conditions." This maps to the components of Oracle Fu-
sion Applications as follows:
Search WWH ::
Custom Search