The system restricts access to its transactions as follows:
- An application service exists for every securable function in
the system. For example, an application service exists for every transaction
and zone in the system.
- You grant access to the application services to your user groups. For example, you may create a user group called
Senior Management and give it access to senior manager-oriented pages
and portals.
- When you grant a user group access to an application service,
you must also define the actions they can perform. For example, you
may indicate a given user group has inquire-only access to an application service, whereas
another user group has add, change, freeze, cancel and complete access to the same service.
Refer to action level security for more information.
- If the application service has field level security enabled, you must also define the user
group's security level for each secured field on the transaction.
- And finally, you link individual users to the user groups to which they belong. When you link a user to
a user group, this user inherits all of the user group's access rights.
CAUTION:
Menu items and menus may be suppressed! If a
user doesn't have access to an application service, s/he will not
see the menu item that corresponds with the application service. And,
if all menu items on a menu are suppressed, the menu is suppressed.
Copyright © 2011, Oracle and/or its affiliates. All rights reserved.