Defining Application Security

To define application security, use the Security Profile Definition (RSEC_PROFILE_DEFN), Security Membership Definition (RSEC_MEMBER_DEFN), Security View Definition (RSEC_VIEW_DEFN), Security Function Definition (RSEC_FUNC_DEFN), Security Function Group (RSEC_FUNC_GROUP), Security Object Definition (RSEC_OBJECT_DEFN), Security Builder (RSEC_BUILDER_RUN), Security Static Transfer Menu (RSEC_STAT_MENU) components.

This topic discusses how to define application security.

Page Name	Definition Name	Usage
Security Object Page	RSEC_OBJECT_DEFN	Define the characteristics of the security object.
Add Membership List (Definition) Page	RSEC_MEMBER_SMRY	Enter the membership list name and description.
Add Membership List (Object) Page	RSEC_SRTY_WIZ1	Select the membership list security object (Customer, Person, or Role) that you want to add.
Add Membership List (Type) Page	RSEC_SRTY_WIZ2	Select the type of addition to use, either Static to select from a list of object members, or Dynamic to build a SQL query to define criteria for the list.
Customer Static Member List - Add Membership List Page	RSEC_ML_CUSTOMER	Select the customers that you want to add to the membership list from the static list.
Person Static Member List - Add Membership List Page	RSEC_ML_PERSON	Select the individuals from the static list that you want to add to the membership list.
Role Static Member List - Add Membership List Page	RSEC_ML_ROLE	Select the roles from the static list that you want to add to the membership list . Note: Roles are static and are therefore not available dynamically from a query.
Customer Search - Add Membership List Page	RSEC_CUSTOMER_SRCH	Specify the criteria to use in the query to dynamically select customers for the membership list.
Person Search - Add Membership List Page	RSEC_PRSN_SRCH	Specify the criteria to use in the query to dynamically select individuals for the membership list.
Add View List (Definition) Page	RSEC_VIEW_SMRY	Enter the view list name and description.
Add View List (Object) Page	RSEC_SRTY_WIZ1	Select the view list security object (Catalog, Customer, Hold Code, or Performance Metric) that you want to add.
View List (Type) Page	RSEC_SRTY_WIZ2	Select type of addition to use, either Static to select from a list of objects, or Dynamic to build a SQL query to define criteria for the list.
Catalog Static View List - Add Customer to View List Page	RSEC_VL_CATALOG	Select the catalogs from the static list that you want to add to the view list.
View List Page	RSEC_VIEW_SMRY	Select the catalogs from the static list that you want to add to the view list.
Customer Static View List - Add Customer To View List Page	RSEC_VL_CUSTOMER	Select the customers from the static list that you want to add to the view list.
Hold Static View List - Add View List Page	RSEC_VL_HOLD	Select the hold codes from the static list that you want to add to the view list.
Performance Metrics Security - Add View List Page	RSEC_VL_RA_METRICS	Select the performance metrics from the static list that you want to add to the view list.
Customer Search - Add View List Page	RSEC_CUSTOMER_SRCH	Specify the criteria to use in the query to dynamically select customers for the view list.
Functional Option Page	RSEC_FUNC_DEFN	Define functional options, including enabling amount-related fields, conditional operators, application classes, and messages.
Functional Option Group Page	RSEC_FUNC_GROUP	Group functional options.
Security Profile Page	RSEC_PROFILE	Define a security profile.
Security Profile - Membership Page	RSEC_PROFILEMEMBER	Add membership lists to the security profile.
Refresh Dynamic Lists Page	RSEC_BUILDER_RUN	Set run controls for the List Build process.
Static Menu Transfer Path Page	RSEC_STAT_MENU	Enter static menu transfer paths.

Use the Security Object page (RSEC_OBJECT_DEFN) to define the characteristics of the security object.

Navigation

select Set Up CRM, then select Security, then select CRM Application Security, then select Security Object, then select Security Object

Image: Security Object page

This example illustrates the fields and controls on the Security Object page.

Field or Control	Definition
Object Type	Select either `Membership` or `View Privilege.` The Object type determines whether the Security Object is used for defining Membership List or View List.

Field or Control	Definition
View Record	View record is used to resolve the list of members for a dynamic membership or view list. The view record must be a distinct subset of the search record that is used in defining the search for dynamic criteria.

Field or Control	Definition
Security List Record	Select the record where you want the system to store the results of the query or static list that is associated with the security object. The security list record may vary for each security object.

Field or Control	Definition
Object Source Navigation	Select the object source to which you want the system to navigate while creating dynamic membership or view lists. Selecting the object source that corresponds to the security object that you are creating provides for the proper transfer of the object source during the creation of dynamic membership or view lists. Data searches that are enabled for application security are only available as part of the selection. It is important to choose the correct search definition for the security object.

Field or Control

Definition

Object Source Navigation

Select the object source to which you want the system to navigate while creating dynamic membership or view lists. Selecting the object source that corresponds to the security object that you are creating provides for the proper transfer of the object source during the creation of dynamic membership or view lists. Data searches that are enabled for application security are only available as part of the selection. It is important to choose the correct search definition for the security object.

Field or Control	Definition
Static List Navigation	Select the static list that you want the system to navigate to during the creation of the security profile. This is the navigation that is used for entering static list data or viewing static list data that is either dynamically created or manually entered. You set up static list navigations on the Static Menu transfer page. The system builds the Static List page with the static list record as a level 1 grid.
Cache Option	Select the cache option that you want the system to use for the security object. The caching option is mainly used for customer security. Basically, when a customer is added or updated in the Customer Data Model (CDM), it tells the system how often to cache the list members in the list tables and run the Application Engine job that creates the dynamic queries.

Field or Control

Definition

Static List Navigation

Select the static list that you want the system to navigate to during the creation of the security profile.

This is the navigation that is used for entering static list data or viewing static list data that is either dynamically created or manually entered. You set up static list navigations on the Static Menu transfer page. The system builds the Static List page with the static list record as a level 1 grid.

Cache Option

Select the cache option that you want the system to use for the security object. The caching option is mainly used for customer security. Basically, when a customer is added or updated in the Customer Data Model (CDM), it tells the system how often to cache the list members in the list tables and run the Application Engine job that creates the dynamic queries.

Field or Control	Definition
Security Object Options	Select one or multiple security object options values: `Allow Dynamic Members:` Select this check box if you want to create dynamic membership or view lists. `Allow Reuse:` Select this check box if you want to create lists that can be associated with more than one security profile. If you clear this check box, the static or dynamic lists that you create can be attached to only a single security profile, and the security list record for these security objects will contain the security profile value. Note: This check box is used for performance reasons. When you select this check box, the system adds the security profile ID to the Security List Table. Using this option enables the system to make a three-table join and retrieve results quickly. `Secure All:` Select this check box if you want the system to apply the view record on the security object definition. If you clear this check box, no security is applied on the view record. Clearing this check box also causes applications to skip the security check. Note: This check box is used for performance reasons. For example, if one of your security profiles is set up to give access to All, the security API will not return any data. It is implied that the calling application would display everything. In this situation users in Order Capture Administration have access to all hold codes. When the Order Capture application calls the Security API, the Security API gives the administrators access to all hold codes. In the code for the Order Capture application the system doesn't have to create an extra Where clause to show the filtered list of hold codes. Note: If you clear this check box, the SQL API returns a state status of three `(3).` If the SQL string that is returned contains SQL, then security must be applied. Empty strings cause the system to skip the security check. ERROR (or some other constant) indicates that the context has access to no security profiles and zero rows should be returned. `Allow All:` Select this check box if you want the system to display the All field when you are adding view or membership lists to the security profile. `Allow Multiple Members:` Select this check box if you want the system to display the Multiple Listas an available option when you are creating a view or membership lists. `Allow Single Member:` Select this check box if you want the system to display the Single Member as an available option when you are creating a view or membership list. `Show In Wizard:` Select this check box if you want the system to display the security object as a selectable option in the drop-down list box when you are creating membership or view lists.
Related Security Objects	Select the security objects that you want to be available with a security profile. For example, if a Membership-type security object is defined and associated with two related View-type security objects, then if a Security Profile is created using the same Membership object, only the two related objects that were specified on the Security Object page will be visible as options in the Security Object drop down list that appears after selecting the Add View List option for that Security Profile. Warning! Note that as delivered, the system is designed to only process certain combinations of membership and view objects, and that these combinations apply only to certain products (applications) within the system. These combinations are shown in the accompanying table. Only these combinations should be used when setting up your data. Other combinations are not supported in the system as delivered, and would require customized coding to implement.

Field or Control

Definition

Security Object Options

Select one or multiple security object options values:

Allow Dynamic Members: Select this check box if you want to create dynamic membership or view lists.
Allow Reuse: Select this check box if you want to create lists that can be associated with more than one security profile. If you clear this check box, the static or dynamic lists that you create can be attached to only a single security profile, and the security list record for these security objects will contain the security profile value.

Note: This check box is used for performance reasons. When you select this check box, the system adds the security profile ID to the Security List Table. Using this option enables the system to make a three-table join and retrieve results quickly.
Secure All: Select this check box if you want the system to apply the view record on the security object definition. If you clear this check box, no security is applied on the view record. Clearing this check box also causes applications to skip the security check.

Note: This check box is used for performance reasons. For example, if one of your security profiles is set up to give access to All, the security API will not return any data. It is implied that the calling application would display everything. In this situation users in Order Capture Administration have access to all hold codes. When the Order Capture application calls the Security API, the Security API gives the administrators access to all hold codes. In the code for the Order Capture application the system doesn't have to create an extra Where clause to show the filtered list of hold codes.

Note: If you clear this check box, the SQL API returns a state status of three (3). If the SQL string that is returned contains SQL, then security must be applied. Empty strings cause the system to skip the security check. ERROR (or some other constant) indicates that the context has access to no security profiles and zero rows should be returned.
Allow All: Select this check box if you want the system to display the All field when you are adding view or membership lists to the security profile.
Allow Multiple Members: Select this check box if you want the system to display the Multiple Listas an available option when you are creating a view or membership lists.
Allow Single Member: Select this check box if you want the system to display the Single Member as an available option when you are creating a view or membership list.
Show In Wizard: Select this check box if you want the system to display the security object as a selectable option in the drop-down list box when you are creating membership or view lists.

Related Security Objects

Select the security objects that you want to be available with a security profile. For example, if a Membership-type security object is defined and associated with two related View-type security objects, then if a Security Profile is created using the same Membership object, only the two related objects that were specified on the Security Object page will be visible as options in the Security Object drop down list that appears after selecting the Add View List option for that Security Profile.

Warning! Note that as delivered, the system is designed to only process certain combinations of membership and view objects, and that these combinations apply only to certain products (applications) within the system. These combinations are shown in the accompanying table. Only these combinations should be used when setting up your data. Other combinations are not supported in the system as delivered, and would require customized coding to implement.

When adding values to the Related Security Objects field, the supported combinations are:

Membership Object	View Object	Product (Application Usage)
`CUSTOMERMEMBER` (Customer)	`CATALOG` (Catalog)	Order Capture
`PERSON` (Person)	`CATALOG` (Catalog)	Order Capture
`PERSON` (Person)	`HOLDCODE` (Hold Code)	Order Capture
`ROLE` (Role)	`HOLDCODE` (Hold Code)	Order Capture

Use the Add Membership List (definition) page (RSEC_MEMBER_SMRY) to enter the membership list name and description.

Navigation

select Set Up CRM, then select Security, then select CRM Application Security, then select Add Membership List, then select Add Membership List

Image: Add Membership List (definition) page

This example illustrates the fields and controls on the Add Membership List (definition) page .

Enter a name for the membership list that you want to create. Select the Active status. Enter text that describes the type of membership list that you are creating.

Use the Add Membership List (object) page (RSEC_SRTY_WIZ1) to select the membership object and the members to which you want the security object to apply.

Navigation

Click Next at the bottom of the Add Membership List (definition) page.

Image: Add Membership List (object) page

This example illustrates the fields and controls on the Add Membership List (object) page.

Field or Control	Definition
Security Object	Select the security object that you want to use for your membership list: `Customer` `Person` `Role` Note: You can also create your own security object and select it from this list. You would, however, need to call the delivered security APIs at runtime to access security.
Membership Applies To	Indicate to whom you want the membership list to apply. Select: `All:` Select if you want to the membership list to apply to all members associated with the security object. `Multiple Members:` Select if you want the membership list to apply to select group of members that are associated with the security object. When you click Next, the system displays the next Add Membership List page, where you can select the membership type that you want to use (either dynamic or static). `Single Member:` Select if you want the membership list to apply to a single member associated with the security object. When you click Next, the system displays the page that is associated with the security object (either customers, persons, or roles).
Next	Click to go to the next page. The system displays a new page based on the selections that you have made on the previous Add Membership List pages.

Field or Control

Definition

Security Object

Select the security object that you want to use for your membership list:

Customer
Person
Role

Note: You can also create your own security object and select it from this list. You would, however, need to call the delivered security APIs at runtime to access security.

Membership Applies To

Indicate to whom you want the membership list to apply. Select:

All: Select if you want to the membership list to apply to all members associated with the security object.
Multiple Members: Select if you want the membership list to apply to select group of members that are associated with the security object. When you click Next, the system displays the next Add Membership List page, where you can select the membership type that you want to use (either dynamic or static).
Single Member: Select if you want the membership list to apply to a single member associated with the security object. When you click Next, the system displays the page that is associated with the security object (either customers, persons, or roles).

Click to go to the next page. The system displays a new page based on the selections that you have made on the previous Add Membership List pages.

Use the Add Membership List (type) page (RSEC_SRTY_WIZ2) to specify whether you want to select objects (customers, or persons) from a static list or dynamically using a SQL query.

Navigation

Select Dynamic and then click Next at the bottom of the Add Membership List (object) page.

Image: Add Membership List (type) page

This example illustrates the fields and controls on the Add Membership List (type) page.

Field or Control	Definition
Membership Type	Select from these values: `Dynamic:` Select to choose a dynamic list of members. When you click Next, a search page appears based on the security object that you selected on the second Add Membership List page. `Static:` Select to choose a static list of members. When you click Next, a page appears based on the security object that you selected on the second Add Membership List page.
Next	Click to go to the next page. The system displays a new page based on the selections that you made on the previous pages.

Field or Control

Definition

Membership Type

Select from these values:

Dynamic: Select to choose a dynamic list of members. When you click Next, a search page appears based on the security object that you selected on the second Add Membership List page.
Static: Select to choose a static list of members. When you click Next, a page appears based on the security object that you selected on the second Add Membership List page.

Click to go to the next page. The system displays a new page based on the selections that you made on the previous pages.

Use the Customer Static Member List - Add Membership List page (RSEC_ML_CUSTOMER) to select the customers from the static list that you want to add to the membership list.

Navigation

With the security object of Customer selected on the Add Membership List (object) page, select Static, and then click Next at the bottom of the Add Membership List (type) page.

Image: Customer Static Member List - Add Membership List page

This example illustrates the fields and controls on the Customer Static Member List - Add Membership List page.

Select the SetID and customer that you want to add to the membership list. Click the Add Customer button to add new customer members.

Use the Role Static Member List - Add Membership List page (RSEC_ML_ROLE) to select roles from the static list that you want to add to the membership list.

Navigation

With the security object of Role selected on the Add Membership List (object) page, select Static, and then click Next at the bottom of the Add Membership List (type) page.

Image: Role Static Member List - Add Membership List page

This example illustrates the fields and controls on the Role Static Member List - Add Membership List page.

Select the role that you want to add to the membership list. Click the Add Role button to add new member roles.

Use the Add View List (definition) page (RSEC_VIEW_SMRY) to enter the view list name and description.

Navigation

select Set Up CRM, then select Security, then select CRM Application Security, then select Add View List, then select Add View List

Image: Add View List (definition) page

This example illustrates the fields and controls on the Add View List (definition) page.

Enter a name for the view list that you want to create. Select the Active status. Enter text that describes the type of view list that you are creating.

Use the Add View List (object) page (RSEC_SRTY_WIZ1) to select the view list security object (Catalog, Customer, Hold Code, or Performance Metric) that you want to add.

Navigation

Click the Next button from the Add View List (definition) page.

Image: Add View List (object) page

This example illustrates the fields and controls on the Add View List (object) page.

Field or Control	Definition
Security Object	Select the security object that you want to use for your view list. Choose from one of these delivered values: `Catalog` `Customer` `Hold Codes` `Performance Metric` Note: You can also create your own security object and select it from this list.
View Applies To	Select one of these values to indicate to whom you want the view list to apply: `All:` Select this value if you want the view list to apply to all members associated with the security object. `Multiple Members:` Select this value if you want the view list to apply to select group of members that are associated with the security object. When you click Next, the system displays the next Add View List page, where you can select the view type that you want to use (either dynamic or static). `Single Member:` Select this value if you want the view list to apply to a single member associated with the security object. When you click Next, the system displays the page that is associated with the security object (either hold codes, catalogs, performance metrics, or customers.
Next	Click to go to the next page. The system displays a new page based on the selections that you made on the previous Add View List pages.

Field or Control

Definition

Security Object

Select the security object that you want to use for your view list. Choose from one of these delivered values:

Catalog
Customer
Hold Codes
Performance Metric

Note: You can also create your own security object and select it from this list.

View Applies To

Select one of these values to indicate to whom you want the view list to apply:

All: Select this value if you want the view list to apply to all members associated with the security object.
Multiple Members: Select this value if you want the view list to apply to select group of members that are associated with the security object. When you click Next, the system displays the next Add View List page, where you can select the view type that you want to use (either dynamic or static).
Single Member: Select this value if you want the view list to apply to a single member associated with the security object. When you click Next, the system displays the page that is associated with the security object (either hold codes, catalogs, performance metrics, or customers.

Click to go to the next page. The system displays a new page based on the selections that you made on the previous Add View List pages.

Use the Add View List (type) page (RSEC_SRTY_WIZ2).to select type of addition to use, either Static to select from a list of objects, or Dynamic to build a SQL query to define criteria for the list.

Navigation

Select type of addition to use, either Static to select from a list of objects, or Dynamic to build a SQL query to define criteria for the list.

Image: Add View List (type) page

This example illustrates the fields and controls on the Add View List (type) page.

Field or Control	Definition
View Type	Select one of these values: `Dynamic:` Select to define criteria for a dynamic list of members that you want included in your view list. When you click Next, a search page appears based on the security object that you selected on the second Add View List page. `Static:` Select to choose a static list of members. When you click Next, a page appears based on the security object that you selected on the second Add View List page.
Next	Click to go to the next page. The system displays a new page based on the selections that you made on the previous pages.

Field or Control

Definition

View Type

Select one of these values:

Dynamic: Select to define criteria for a dynamic list of members that you want included in your view list. When you click Next, a search page appears based on the security object that you selected on the second Add View List page.
Static: Select to choose a static list of members. When you click Next, a page appears based on the security object that you selected on the second Add View List page.

Click to go to the next page. The system displays a new page based on the selections that you made on the previous pages.

Use the Customer Static View List - Add Customer To View List (RSEC_VL_CUSTOMER) to select the customers from the static list that you want to add to the view list.

Image: Add View List (static) page

This example illustrates the fields and controls on the Add View List (static) page.

Customer Static View List - Add Customer To View List page

This page displays different fields based on the security object that you selected on the previous page. Select the setID (if this field appears) and the catalog, customer, hold code, or performance metric that you want to add to the view list.

Use the Customer Search - Add View List page to specify the criteria to use in the query to dynamically select customers for the view list.

Image: Customer Search - Add View List page

This example illustrates the fields and controls on the Customer Search - Add View List page.

Select or enter the criteria that you want to use to create a view list. The system uses the criteria that you select to create a dynamic view list. To see the results of the criteria that you enter, click the Preview button. When you are satisfied with the results, click the Finish button at the bottom of the page.

Use the Functional Option page (RSEC_FUNC_DEFN) to define functional options, including enabling amount-related fields, conditional operators, application classes, and messages.

Navigation

select Set Up CRM, then select Security, then select CRM Application Security, then select Functional Option, then select Functional Option

Image: Functional Option page (1 of 2)

This example illustrates the fields and controls on the Functional Option page (1 of 2).

Image: Functional Option page (2 of 2)

This example illustrates the fields and controls on the Functional Option page (2 of 2).

Field or Control	Definition
Functional Option and Description	Enter a name for the functional option and then enter a description.

Field or Control	Definition
Revoke Wins	Conflicts may happen when a user is associated with multiple security profiles using functional options that conflict or when the same security profile has overrides for conflicting functional options. Select this check box if you want the system to not override the security for the functional option that you are creating when there are conflicts within or among different security profiles. Note: If one functional option group grants an option and another revokes it, the revoke takes precedence. If the Revoke Wins check boxes are not selected in the same scenario, the option is granted.

Field or Control

Definition

Revoke Wins

Conflicts may happen when a user is associated with multiple security profiles using functional options that conflict or when the same security profile has overrides for conflicting functional options. Select this check box if you want the system to not override the security for the functional option that you are creating when there are conflicts within or among different security profiles.

Note: If one functional option group grants an option and another revokes it, the revoke takes precedence. If the Revoke Wins check boxes are not selected in the same scenario, the option is granted.

Field or Control	Definition
Related to Amount	Select to enable amount-related fields during the setup of functional option groups and specific functional options within the security profile.

Field or Control	Definition
Maximum Amount Wins	Select this check box to indicate that you want the maximum amount to win when there are functional options that conflict within or among different security profiles

Field or Control	Definition
Use Conditional Operator	Select to enable the conditional operator field during the setup of functional option groups and specific functional options within the security profile for amount-related fields.

Field or Control	Definition
Base Currency	Select the currency that is used most often for the functional option that you are creating.

Field or Control	Definition
Application Class ID, Application Class Path, and Option Value Translate Field	Use these fields if you are writing PeopleCode programs required to evaluate the functional option. Select the ID and path of the application class that the system carries out when a user accesses the function or when the program runs. Also, you can specify a value translate field with values that will be interpreted by the calling application to perform a specific functional action. For example, the display template uses a translate field that makes the fields display-only or changeable. See Understanding Display Templates.

Field or Control

Definition

Application Class ID, Application Class Path, and Option Value Translate Field

Use these fields if you are writing PeopleCode programs required to evaluate the functional option. Select the ID and path of the application class that the system carries out when a user accesses the function or when the program runs. Also, you can specify a value translate field with values that will be interpreted by the calling application to perform a specific functional action. For example, the display template uses a translate field that makes the fields display-only or changeable.

See Understanding Display Templates.

Field or Control	Definition
Message Set Number and Denial Reason	Select the message that you want the system to display if a user is denied access to the function.

Use the Functional Option Group page (RSEC_FUNC_GROUP) to group functional options.

Navigation

select Set Up CRM, then select Security, then select CRM Application Security, then select Functional Option Group, then select Functional Option Group

Image: Functional Option Group page

This example illustrates the fields and controls on the Functional Option Group page.

Use functional option groups to group functional options. You may then associate the functional option groups with security profiles. Creating functional option groups and using them with security profiles can help make security maintenance faster and more efficient.

Field or Control	Definition
Functional Option Group and Description	Enter a name for the functional option group and then enter a description.

Functional Option Tab

Field or Control	Definition
Functional Option	Select the functional options that you want to include in the functional option group.
Option Value	Select the value that you want to use for the functional option. This field is available for entry only if a translate field was set up on the functional option.
Revoke	Select this check box if you want the system to override the security for the functional option when there are conflicts within or among different security profiles. Note: Revoke applies to the functional option only (for example, does a user have authorization to transfer money). If one functional option group says yes and another says no, the functional option that has the Revoke Wins check box selected wins and resolves the conflict. For transfer amounts, there is another type of conflict resolution called Max Amount Wins. In this situation, if one functional option group gives you access to 2000 USD and another gives you access to 3000 USD, the maximum amount wins and you have the authority to transfer up to 3000 USD.
Add Function Option	Click to add a new row in the functional option grid.

Amount Related Tab

The fields that appear on this page are used if the functional option is associated with an amount field.

Field or Control	Definition
Conditional Operator	Select the conditional operator (for example, equal to, less than, greater then, and so on) that you want to use for the functional option.

Field or Control	Definition
Amount	Enter the amount that you want associated with the conditional operator for the functional option.

Field or Control	Definition
Denial Reason	Select the reason that you want the system to display if the user is denied access to the transaction related to the functional option. For example, let's say you have given order capture representatives the ability to override prices. At some point in the season, you may want all of them to be denied from overriding prices on the items that you sell. You can go to the functional option group definition and set the Revoke Wins check box. From that point onward, the order capture representatives are denied from doing price overrides. You can set up similar situations for leads, opportunities, cases, and so on.

Field or Control

Definition

Denial Reason

Select the reason that you want the system to display if the user is denied access to the transaction related to the functional option.

For example, let's say you have given order capture representatives the ability to override prices. At some point in the season, you may want all of them to be denied from overriding prices on the items that you sell. You can go to the functional option group definition and set the Revoke Wins check box. From that point onward, the order capture representatives are denied from doing price overrides. You can set up similar situations for leads, opportunities, cases, and so on.

Use the Security Profile page (RSEC_PROFILE) to define a security profile.

Navigation

select Set Up CRM, then select Security, then select CRM Application Security, then select Add Security Profile, then select Security Profile

Image: Security Profile page

This example illustrates the fields and controls on the Security Profile page.

Defining security profiles involves the granting of view lists and/or functional options. You then grant or associate one or multiple membership lists with the security profile. An enterprise administrator or enterprise channel manager should know how to create and maintain security profiles, as well as understand how security is impacted when a security profile changes.

Warning! Inactivating a security profile removes the associated membership and view lists

Field or Control	Definition
Name and Description	Enter a name for the security profile and then enter a description.
Add Functional Option Group	Click to access the Functional Options Group page, where you can select the functional option groups that you want to include in the security profile. You can also use this page to view the functional options that are associated with the functional option group. The Enterprise Administrator who is assigning the Functional Option Groups must be aware of the groups that make sense for a given Membership list. Out of the box, all functional options and functional options groups that are delivered by PeopleSoft work with the 'Role' Security Membership Object.
Add View List	Click to access the Add View List page, where you can select the view lists that you want to include in the security profile.
	Click to access the Refresh Dynamic Lists page, where you can set up a process to periodically refresh the lists that you have associated with the security profiles that you created. View lists and Membership lists that are built based on dynamic criteria are refreshed.

Use the Security Profile - Membership page (RSEC_PROFILEMEMBER) to add membership lists to the security profile.

Navigation

select Set Up CRM, then select Security, then select CRM Application Security, then select Add Security Profile, then select Membership

Image: Security Profile - Membership page

This example illustrates the fields and controls on the Security Profile - Membership page.

Field or Control	Definition
Add Membership List	Click to access the Add Membership List page, where you can select the membership lists that you want to include in the security profile.
	Click to access the Refresh Dynamic Lists page, where you can set up a process to periodically refresh the lists that you have associated with the security profiles that you created. View lists and Membership lists that are built based on dynamic criteria are refreshed.

Use the Refresh Dynamic Lists page (RSEC_BUILDER_RUN) to set run controls for the List Build process.

Navigation

select Set Up CRM, then select Security, then select CRM Application Security, then select Refresh Dynamic Lists, then select Refresh Dynamic Lists
select Click Run from the Security Profile page.

Image: Refresh Dynamic Lists page

This example illustrates the fields and controls on the Refresh Dynamic Lists page.

Use this page to refresh the lists, security objects, and profiles that you have created to implement security for your PeopleSoft CRM environment. If the content of the lists, objects, and profiles changes frequently, you can set up this process to run daily, every few minutes, or every few hours.

Note: When a new user registers in Order Capture Self Service, they will not have immediate permission to view the product catalog. Application security needs to be triggered to get the appropriate product catalog access for the person who has just registered.

Field or Control	Definition
Process Type	Select one of these values based on the type of list that you want to refresh: `Dynamic List Refresh.` `New and Updated List Members.` `Data Integrity.`
Process Scope	Select one of these lists or objects that you want to refresh: `All Objects` `Security Object` `Security Profile` `Membership List` `View List` Note: If you select `All Objects,` you do not need to specify the objects that you want to refresh. If you select any other value, you must use the field that corresponds to your selection to select a list, profile, or object name.

Field or Control

Definition

Process Type

Select one of these values based on the type of list that you want to refresh:

Dynamic List Refresh.
New and Updated List Members.
Data Integrity.

Process Scope

Select one of these lists or objects that you want to refresh:

All Objects
Security Object
Security Profile
Membership List
View List

Note: If you select All Objects, you do not need to specify the objects that you want to refresh. If you select any other value, you must use the field that corresponds to your selection to select a list, profile, or object name.

Use the Static Menu Transfer Path page (RSEC_STAT_MENU) to enter static menu transfer paths.

Navigation

select Set Up CRM, then select Security, then select CRM Application Security, then select Static Menu Transfer Path, then select Static Menu Transfer Path

Image: Static Menu Transfer Path page

This example illustrates the fields and controls on the Static Menu Transfer Path page.

Use this page to create static menu transfer paths for entering or viewing static list data that is either dynamically created or manually entered. The static list navigations that you create on this page appear in the Static List Navigation drop-down list box on the Security Object page. Static list navigation is used when you create a security profile.

Defining Application Security

Pages Used to Define Application Security

Security Object Page

Add Membership List (Definition) Page

Add Membership List (Object) Page

Add Membership List (Type) Page

Customer Static Member List - Add Membership List Page

Role Static Member List - Add Membership List Page

Add View List (Definition) Page

Add View List (Object) Page

View List (Type) Page

Customer Static View List - Add Customer To View List Page

Customer Search - Add View List Page

Functional Option Page

Functional Option Group Page

Functional Option Tab

Amount Related Tab

Security Profile Page

Security Profile - Membership Page

Refresh Dynamic Lists Page

Static Menu Transfer Path Page