Information Technology Reference
In-Depth Information
The job, abstract, and data roles that are used to implement the authorization ap-
proach are stored in the LDAP. The LDAP is a part of the OIM suite and is persisted
within the OIM suite. From an application maintenance perspective, Oracle Fusion
Applications provide a user interface for managing all enterprise roles. This is the
Oracle Provisioning Manager
(
OPM
).
Duty roles are also known as applications' roles since they are specific to actions
that can be performed within Oracle Fusion Applications. Duty roles are stored in the
policy store, and their scope is restricted to the application.
Oracle Fusion Applications have a comprehensive list of predefined enterprise roles.
These roles can be managed via APM. APM also provides the ability to extend the
existing role definitions. These custom roles extend the authorizations provided by
the existing roles.
New job roles can be created using the
Manage Job Roles
task. This task links to
the APM home page and provides the ability to add job roles to the existing role hier-
archy. The following screenshot shows the role hierarchy for the
Order Manager
role
in OIM:
The duty role hierarchy is managed through the Oracle Authorization Policy Man-
ager. The
Manage Duties
task provides the ability to view duty roles inherited by en-
Search WWH ::
Custom Search