Understanding Content Security
A Composite Application Framework layout can include the following types of content:
Embedded EnterpriseOne forms
Generic URLs (contents from external web sites)
Oracle Business Intelligence Enterprise Edition reports (requires additional license)
In addition to setting up action and view security for Composite Application Framework layouts, you must set up content security to authorize users to work with or view the content types in Composite Application Framework layouts. Content security records are created by content type for a user, role, or *PUBLIC by content type. Without content security, users who are authorized to view or work with a Composite Application Framework layout will not be able to view or work with its contents.