Hi,
First of all, wishing all the Indian viewers a very Happy Gudi Padwa / Ugadi / New Year.
This post will describe the various security features available in PeopleSoft and their uses. We will see how to -
PeopleSoft provides various security levels to better manage the shared data. One can define multiple entry points and the best path to access data across different groups, departments, etc.
Security Access covers three areas :
Before setting up the row-level security, one must decide the level of security, the fields that need to be secured and how the security is to be defined, i.e., either through Permission Lists or through User Ids.
Note : If the number of users is too high and they have identical security access, the Permission List method is more suited.
PeopleSoft security can be implemented on data controlled by the following key fields :
Navigation : Setup Financials/Supply Chain -> Security -> Security Options -> Security Options
No Security - PS application security disabled. All users having access to a page can select any SETID, BU or Ledger.
User ID Level Security - PS security enabled by User ID. Users can access pages or prompt values associated with the SETIDs, BUs, Projects & Ledgers associated with their User ID.
Permission List Level Security - PS security enabled by Permission List. Users are restricted to key fields specified by the primary permission list to which their User IDs are assigned.
Note - This selection is not for a particular product but for all the FSCM products installed.
One can select which fields to secure. Each field has a separate use. These are as follows :
The following components are used to define row-level security.
One has to access the individual component and grant requisite access.
E.g. For each primary Permission List or User ID, select the accessible BUs.
Views are SQL statements that filter out those rows whose key values are not accessible by some users. This way users can access data spread over multiple tables and see only the relevant subset.
PS applications come without any security views built on prompt tables of the key fields. One has to enable or build their own views. Once these are set up, User IDs or Permission Lists can be granted access. However, setting up Security Views is an optional step.
Security view names have the following extentions to reflect the type of security views :
In the next post, I'll describe how to secure the PS chartfields.
First of all, wishing all the Indian viewers a very Happy Gudi Padwa / Ugadi / New Year.
This post will describe the various security features available in PeopleSoft and their uses. We will see how to -
- Specify System Security Options
- Define Row-level security
- Grant access to users
- Define Security Views - This is an optional step.
PeopleSoft provides various security levels to better manage the shared data. One can define multiple entry points and the best path to access data across different groups, departments, etc.
Security Access covers three areas :
- Network - covers the overall entry point to the system
- Database - covers the scope of users' access to information
- Application - covers the field level security
Row-level security in PS FSCM
Before setting up the row-level security, one must decide the level of security, the fields that need to be secured and how the security is to be defined, i.e., either through Permission Lists or through User Ids.
Note : If the number of users is too high and they have identical security access, the Permission List method is more suited.
PeopleSoft security can be implemented on data controlled by the following key fields :
- BU
- SetID
- Ledger
- Ledger Group
- Book
- Project
- Pay Cycle
- Planning Instance
Specifying Security Options
Navigation : Setup Financials/Supply Chain -> Security -> Security Options -> Security Options
Type of Security
No Security - PS application security disabled. All users having access to a page can select any SETID, BU or Ledger.
User ID Level Security - PS security enabled by User ID. Users can access pages or prompt values associated with the SETIDs, BUs, Projects & Ledgers associated with their User ID.
Permission List Level Security - PS security enabled by Permission List. Users are restricted to key fields specified by the primary permission list to which their User IDs are assigned.
Note - This selection is not for a particular product but for all the FSCM products installed.
Secured Fields
One can select which fields to secure. Each field has a separate use. These are as follows :
- BU - controls the transaction data.
- SETID - controls accounting structure and rules tables.
- Ledger - controls the ledger balances.
- Book - specific to BU. Refers to Book in AM.
- Pay Cycle - controls Pay cycle security.
- Project - controls Project Costing data.
- Planning Instance - controls the Planning Instance field.
- Proj Security Type - choose Use List to select from list of Projects, choose Use Tree to select from a tree detailing projects.
Define Row-Level Security
The following components are used to define row-level security.
- Unit Security by Perm List (unit security by permission list) (SEC_BU_CLS)
- Unit Security by User ID (SEC_BU_OPR)
- TableSet Security by Perm List (tableset security by permission list) (SEC_SETID_CLS)
- TableSet Security by User ID (SEC_SETID_OPR)
- Ledger Security by Perm List (SEC_LEDGER_CLS)
- Ledger Security by User ID (SEC_LEDGER_OPR)
- nVision Ledger Security (LEDGER_SECURITY)
- Pay Cycle by user ID (SEC_PYCYCL_OPR)
- Pay Cycle by permission list (SEC_PYCYCL_CLS)
- Project Security (SEC_PROJECT)
Grant Access To Users
One has to access the individual component and grant requisite access.
E.g. For each primary Permission List or User ID, select the accessible BUs.
Define Security Views
Views are SQL statements that filter out those rows whose key values are not accessible by some users. This way users can access data spread over multiple tables and see only the relevant subset.
PS applications come without any security views built on prompt tables of the key fields. One has to enable or build their own views. Once these are set up, User IDs or Permission Lists can be granted access. However, setting up Security Views is an optional step.
Security view names have the following extentions to reflect the type of security views :
- NONVW - Indicates that no security is chosen for the field using this view as the prompt table.
- OPRVW - Indicates that user ID security is chosen for the field using this view as the prompt table.
- CLSVW - Indicates that Permission List security is chosen for the field using this view as the prompt table.
In the next post, I'll describe how to secure the PS chartfields.