Embed Size (px)
Citation preview
Oracle Cloud Applications Common Technologies and User Experience
What’s New in Release 10
July 2015 Revised: July 2016
. 2
TABLE OF CONTENTS
REVISION HISTORY ................................................................................................................................................. 3
OVERVIEW ............................................................................................................................................................. 4
Give Us Feedback ................................................................................................................................................. 4
RELEASE FEATURE SUMMARY ................................................................................................................................ 5
USER EXPERIENCE .................................................................................................................................................. 6
Home .................................................................................................................................................................... 6 Groupings ............................................................................................................................................................. 8 Infolets ................................................................................................................................................................. 9 Information Tiles ................................................................................................................................................ 10 Integrated Social ................................................................................................................................................ 10 Search ................................................................................................................................................................. 11 Navigator ............................................................................................................................................................ 11
EXTENSIBILITY ...................................................................................................................................................... 13
Appearance ........................................................................................................................................................ 13 Structure ............................................................................................................................................................ 13 Page Integration ................................................................................................................................................. 15
APPLICATIONS SECURITY ..................................................................................................................................... 17
Security Console ................................................................................................................................................. 17 Simplified Reference Role Model ....................................................................................................................... 18 Copy Role and Inherited Roles ........................................................................................................................... 20 Analyze Roles by Category ................................................................................................................................. 21 Aggregate Privileges ........................................................................................................................................... 22 Generate X.509 Certificates ............................................................................................................................... 23 Generate Certificate Signing Requests for X.509 Certificates ............................................................................ 24 Import Certificates from Keystores .................................................................................................................... 24 New Reports ....................................................................................................................................................... 25 Worklist Access .................................................................................................................................................. 25
. 3
REVISION HISTORY
This document will continue to evolve as existing sections change and new information is added. All updates are logged below, with the most recent updates at the top.
Date What’s Changed Notes 19 JUL 2016 Worklist Access Added new feature delivered in Update 19 (July). 21 JUL 2015 Home Added tips and tricks bullet noting the
FND_CLASSIC_INTERFACE is for CRM only
. 4
OVERVIEW
This guide outlines the information you need to know about new or improved functionality in Oracle Applications Cloud Release 10. Each section includes a brief description of the feature, the steps you need to take to enable or begin using the feature, any tips or considerations that you should keep in mind and the resources available to help you.
For additional product family updates you will want to visit application focused What’s New collateral at http://cloud.oracle.com/readiness.
GIVE US FEEDBACK
We welcome your comments and suggestions to improve the content. Please send us your feedback at [email protected]. Please indicate you are inquiring or providing feedback regarding the Common Technologies Cloud What’s New for Release 10 in the body or title of the email.
. 5
RELEASE FEATURE SUMMARY
Some of the new Release 10 features are automatically available to users after the upgrade and some require action from the user, the company administrator, or Oracle.
The table below offers a quick view of the actions required to enable each of the Release 10 features.
Action Required to Enable Feature
Feature Automatically Available
End User Action Required
Administrator Action Required
Oracle Service Request Required
User Experience Home Groupings Infolets Information Tiles Integrated Social Search Navigator Extensibility Appearance Structure Page Integration Application Security Simplified Reference Role Model Copy Role and Inherited Roles Analyze Roles by Role Category Aggregate Privileges Generate Certificate Signing Requests for X.509 Certificates
Import Certificates from Keystores Worklist Access
. 6
USER EXPERIENCE
Oracle’s focus on providing an exceptional user experience pervades the Oracle Applications Cloud. Creating a compelling, pleasing user interface (UI) that provides only what you need right when you need it is of the highest priority. Following are a few key UX features and highlights in the simplified UI available in Release 10. These are the overall investments in user experience that Oracle has focused on in this release. In addition, there may be product family (e.g., HCM Cloud) user experience enhancements that have been made at the product level as well.
HOME
Oracle Applications Cloud home experience for Release 10 in the simplified UI is a clean, modern, contemporary entry experience for the Oracle Applications Cloud that provides everything in one stop. The home experience uses our “Glance, Scan, Commit” -- design philosophy guiding the Oracle user experience. It allows you to easily take a quick glance at your device to see what you need to know, then scan if you need more information, and finally commit to a work area to perform a task if necessary.
It’s what you see when the simplified UI application opens: the springboard page and infolet pages, which are represented by a pagination control that appears above the springboard. A single click on the Home icon or the logo quickly returns you back to the entry page.
New default home content is set by the application but can be configured to meet your business needs. Enhanced extensibility features allow you to maintain more control over who sees what. Please refer to the extensibility section for more details.
Oracle Applications Cloud Home Experience
. 7
STEPS TO ENABLE
For a new implementation, there are no additional steps necessary to enable this feature.
For an upgrade implementation, you will experience a new home page after the upgrade. To enable a smooth transition, ensure that individual bookmarks are refreshed to point to the newly published home URL.
• You should ensure you always use the newly published home URL to access cloud applications.
• Even though automatic URL redirection is enabled for bookmarked URLs of old home pages, it is recommended to switch to new URLs for a better user experience.
• Redirection of old URLs to the new one is enabled only for home pages. Any other work areas or dashboards accessed using old bookmarked URLs do not support URL redirection and should be replaced.
TIPS AND CONSIDERATIONS
When upgrading, you should consider the following:
• The new home is designed to provide a unified access to both desktop and simplified interfaces. Therefore, after the upgrade you may experience new content that was not previously available. This could be either due to new functionality being offered in this release or due to the unified access.
• The new home content has been reorganized and therefore some of the old icons may no longer be present on the springboard.
Example: You can still open the Navigator using a new icon in the global header. In this release, it has moved to the leftmost position in the global header.
• You may continue to access your dashboards in desktop user interface by using My Dashboard from the springboard or the Navigator.
• If a page has both desktop and simplified versions, by default, the application opens the simplified version of the page from the Navigator or springboard. Your administrator can configure the application to open the desktop page instead of the simplified page by setting the profile option Work Area Classic Interface (profile option code: FND_CLASSIC_INTERFACE) to ‘Yes’.
• If the profile option is set as ‘No’ at the site level and if you access the desktop home page using the old home page URL for the first time, then the system detects you as a desktop user and sets the profile option for you as ‘Yes’.
• This profile may be set or reset at the Site level or the User level by your administrator. • The FND_CLASSIC_INTERFACE is only applicable to the CRM applications.
. 8
KEY RESOURCES
• Oracle Applications Cloud Customizing the Applications for Functional Administrators • Home Page Setup • Oracle Applications Cloud Common Features
GROUPINGS
Groupings consolidate and simplify the welcome experience by allowing the user to navigate to all functional areas they can access directly from the home page. This UI provides the user with a set of icons that map to all functional overview pages (work areas and dashboards). These icons are clustered and placed under category icons when necessary. Groupings allow users to combine functional work areas and dashboards and organize them into logical, related categories.
Individual work area icons arranged under a grouping
When you are inside a work area, only the specific icons contained within that grouping are shown in the filmstrip at the top, giving you direct access to what you need to work with greater efficiency.
. 9
Strip mode showing peer icons on the top and the horizontal bar to collapse the strip
TIPS AND CONSIDERATIONS
• If a total number of icons rendered on the springboard is less than sixteen, then a group is flattened and only child icons are rendered on the springboard. The group to be flattened is determined based on the rendering order of the group on the springboard.
• Your administrator may choose to hide some items in the springboard. However, they will be available from the Navigator.
• Use the Structure interface to configure the group icons or strip mode. Refer to the Extensibility Section for more details.
KEY RESOURCES
• Oracle Applications Cloud Customizing the Applications for Functional Administrators • Oracle Applications Cloud Common Features
INFOLETS
One touch on your home page leads to infolets like these, which provide information at a glance. Scanning the page gives users the right information just when they’re looking for it.
Infolets allow users to consume chunks of information from different sources, including BI, social tools, transactions, and more, in an efficient, timely, and engaging way directly from the home page. If something needs your attention, it’s easy to dig a little deeper: just touch the arrow in the lower corner of the infolet, or touch the center of the infolet to reveal even more detailed information. The Infolet can also be hidden or even inverted to reveal more information about a given metric.
. 10
Oracle Sales Cloud infolet
STEPS TO ENABLE
Administrators please review Customization Guide to enable this feature.
TIPS AND CONSIDERATIONS
In Release 10, only the Sales Cloud infolets page is available to be enabled.
KEY RESOURCES
• Oracle Applications Cloud Using Common Features (Infolet Personalization) • Oracle Applications Cloud Customizing the Applications for Functional Administrators
(Infolet Customization)
INFORMATION TILES
Information tiles, such as “My Forecast” and “Open Pipeline” in Oracle Sales Cloud, allow users to scan information in greater detail, all from a single page. As you navigate among information tiles, related details and glanceable infographics are refreshed below. Information tiles are designed specifically for users who need to orient themselves quickly in intense, repetitive, and highly focused tasks. They can glance to see what is going on and then scan for details, regardless of the size of the data.
INTEGRATED SOCIAL
Social capabilities are truly integrated in Release 10. This means you can view integrated conversations in the context of the current task. A slide-out panel lets users easily view conversations or lists of activities without leaving the current application.
. 11
When viewing an in-context conversation specific to a worker’s 2013 review, for example, a manager can evaluate an employee’s competencies, goals, and any related social conversations within the context of the task at hand -- in this case, an annual review.
KEY RESOURCES
Review the Oracle Applications Cloud Using Common Features (Conversations) for additional information.
SEARCH
In Release 10, the number of searchable objects for the global search has been expanded to yield better search results. In the refined search, users may narrow their search by including certain objects, categories, and date ranges as well as save frequently used searches for later. Users get new ways of looking at their data to aid with analysis of complex objects. These enhancements build upon the autosuggest functionality in Release 9 by expanding the list of searchable objects, making navigating faster and increasing productivity.
KEY RESOURCES
• Oracle Applications Cloud Using Common Features (Search) • Oracle Applications Cloud Customizing the Applications for Functional Administrators (Saved
Searches)
NAVIGATOR
Providing another way to access all work areas, the Navigator has been moved in Release 10 for increased usability, according to our research. It is now located next to the brand logo in the global header on the left side of the page. When a user clicks the Navigator icon button, the Navigator menu opens.
The Navigator represents the information architecture for the roles assigned to each user. While the home page provides you an iconic view of your most commonly used applications, the Navigator provides you a list view of every application you may access. The visual style has been updated and all groupings are displayed in the exact same order as in the navigator for a consistent user experience.
Logical, related tasks are organized into groups or categories and are displayed in a predetermined order set by the application but can be configured to meet your business needs. Use the Structure interface to maintain control over who sees what in the home springboard and the Navigator, or change the grouping or the ordering of the content. Refer to the extensibility section for more details.
. 12
Navigator
KEY RESOURCES
• Oracle Applications Cloud Customizing the Applications for Functional Administrators (Navigation)
. 13
EXTENSIBILITY
While Oracle Applications provide robust out-of-the-box functionality, we want you to be able to run your business your way, and configuring the user experience is easier than ever with Oracle’s modern cloud extensibility tools. Here are a few ways to take advantage of these tools starting in Release 10.
APPEARANCE
We’ve made it even easier in Release 10 for organizations to configure their cloud visual design to match their branding and identity. Sandbox sessions while editing Appearance force testing of changes before pushing them live, further securing the administrator’s investment in the user experience. They’re MDS-enabled and upgrade- and patch-proof.
In Appearance, you also have increased flexibility for color selection and improved opportunities for an exact color match with your brand. Using either files or URLs, you can set the logo, background, and color scheme. Button colors may now also be modified, and corner rounding has been added. You can save what you create, too, so you won’t lose it.
TIPS AND CONSIDERATIONS
When using extensibility tools all changes in process require the creation of a sandbox environment to protect production users. The sandbox header appears wherever configuration changes are being applied.
KEY RESOURCES
• Oracle Applications Cloud Customizing the Applications for Functional Administrators
STRUCTURE
While the categories and application groupings provided by the Oracle Applications Cloud are intuitive, organizations sometimes wish to make additional configuration changes specific to industries and markets or role consolidation. Using the Structure feature, an administrator can configure the simplified UI so that the user experience is tailored to match these requirements. Drilling down into landing pages and making edits to them, hiding or showing applications to streamline user roles, reordering or moving applications, creating new page entries or categories, and setting system options are just a few configurations you can adjust.
. 14
Structure allows administrators to easily change the layout of the Oracle Applications Cloud
Structure also has capabilities allowing administrators to Set System Options which can enable or disable the Springboard Strip, Home Panel, and Infolets.
Set System Options allow the enablement or disablement of advanced settings
. 15
TIPS AND CONSIDERATIONS
When using extensibility tools all changes in process require the creation of a sandbox environment to protect production users. The sandbox header appears wherever configuration changes are being applied.
Use the Move Up and Move Down icons on the Structure page to reorder categories and page entries on both the Navigator and springboard. For page entries, you can use the Move To icon to arrange page entries to different categories or to the top level.
Access the Set System Options dialog box to configure the following:
• Springboard strip settings. By default, both the check boxes are selected: o One enables you to hide or display the springboard strip. o Another is used to display the springboard strip by default.
• Home Panel. Specify the content of the side panel that appears to the left of the springboard on the home page. Select to display either social networking content or announcements in the panel. By default, Social panel is selected.
• Enable Infolets. Select the infolet pages that you want to include on the home page. By default, none of the infolets are enabled.
KEY RESOURCES
• Oracle Applications Cloud Using Common Features (Personalization) • Oracle Applications Cloud Customizing the Applications for Functional Administrators
(Infolet Customization) • Oracle Applications Cloud Customizing the Applications for Functional Administrators
(Home Page setup)
PAGE INTEGRATION
New in Release 10, the Page Integration feature allows administrators to integrate external applications seamlessly into the Oracle Applications Cloud. Here’s what that process looks like:
• Enrich: Build custom cloud applications with Oracle’s own building blocks using PaaS. • Emulate: Use the UX Rapid Development Kit to mimic Oracle Cloud’s SaaS user experience. • Integrate: Seamlessly connect SaaS and PaaS for a unified and complete user experience.
Using the UX Rapid Development Kit with Page Integration, partners can seamlessly integrate their PaaS-deployed applications that emulate the Oracle Applications Cloud user experience. Even easier, customers also have the option of procuring applications through the Oracle Marketplace to extend their Oracle Applications Cloud capabilities. Utilizing these new extensibility options will help configure a consistent user experience that works anywhere, anytime, on any device.
• Create page entries and link them to your own custom applications in the cloud application suite based on your enterprise needs.
. 16
Page Integration provides organizations seamless integration of their PaaS-deployed applications into the cloud
TIPS AND CONSIDERATIONS
• When using extensibility tools all changes in process require the creation of a sandbox environment to protect production users. The sandbox header appears wherever configuration changes are being applied.
• Create categories and group your page entries on the Navigator and springboard. Page entries are navigator links or springboard icons that you can use to open pages.
• Use the Visible field on the Create Category and Create Page Entry pages to control displaying the category and page entry on both the Navigator menu and springboard. Similarly, use the Show on Springboard field on the Create Category and Create Page Entry pages to control displaying the category and page entry on the springboard only.
. 17
APPLICATIONS SECURITY
Oracle Fusion Applications Security provides a new Security Console as an additional tool in which security managers and security administrators can now perform new tasks such as copy role. Combined with the Authorization Policy Manager it is now easier to review, design, and modify roles in Oracle Fusion Applications. They enable you to visualize the relationships among roles, and to model applications-menu and task-pane entries for any role. Administrators can also manage certificates and review a set of security reports.
SECURITY CONSOLE
Using this feature, you can perform all role-design tasks from a single console. You can also execute role-management activities that had previously required two tools: Oracle Identity Manager and Authorization Policy Manager. Visualize relationships among roles, and create, edit, copy, and compare roles.
SETTING UP THE SECURITY CONSOLE
To prepare the Security Console for use, set two profile options, Security Console Working App Stripe and Enable Data Security Policies and User Membership Edit. Also run an Import User and Role Application Security Data process, and configure options in the Administration page of the Security Console.
1. Profile Options
To set the profile options, search for and select the Manage Administrator Profile Values task in the Setup and Maintenance work area. Then search for and select each option.
• The Security Console Working App Stripe profile option (ASE_WORKING_APP_STRIPE) specifies a policy stripe within the policy store. In effect, this option selects an application whose roles are available to be worked with in the Security Console. For example, if you copy a job role in the Security Console, then you see inherited duty roles belonging to the application designated by your policy-stripe selection.
The default policy-store application is HCM. To see roles inherited from another application, update the profile option to change to that application. (Note that some roles inherit from multiple applications.)
• The Enable Data Security Policies and User Membership Edit profile option (ASE_ROLE_MGMT_PREF) determines whether users can enter data in the Data Security Policies page and the User page of the Security Console role-creation and role-edit trains.
. 18
2. Import User and Role Process
The Import User and Role Application Security Data process copies users, roles, privileges, and data security policies from the identity store, policy store, and ApplCore grants schema to Oracle Cloud Applications Security tables.
Run the process to populate Applications Security tables. You will then need schedule it to run regularly to update those tables. Select Scheduled Processes in the Tools work area, and then select the process from the Schedule New Process option.
You are recommended to schedule the Import User and Role Application Security Data process to run at the same frequency as the Retrieve Latest LDAP Changes and Send Pending LDAP Requests processes. With each scheduled run, the process copies only changes made since its previous run.
3. Administration Options
Within the Security Console, select the Administration tab to set these options:
• Role Copy Preferences: Create the prefix and suffix added to the name and code of role copies. Each role has a Role Name (a display name) and a Role Code (an internal name). When a user copies a role, the copy adopts the name and code of the source role, with this prefix or suffix (or both) added to distinguish the copy from its source. By default there is no prefix, the suffix for a role name is "Custom," and the suffix for a role code is "_CUSTOM."
• Certificate Preferences: Set the number of days for which a certificate remains valid. (Certificates establish keys for the encryption and decryption of data that Oracle Cloud applications exchange with other applications.)
KEY RESOURCES
• Upgrade Guide for Oracle Cloud Applications Security (Chapter: Before you Start) • Upgrade Guide for Oracle Sales Cloud Applications Security • Upgrading Applications Security in Oracle HCM Cloud Release 10 • Oracle Human Capital Management Cloud Securing Oracle HCM Cloud (Chapter 14) • Oracle Sales Cloud Securing Oracle Sales Cloud (Chapter 9) • Oracle ERP Cloud Securing Oracle ERP Cloud (Chapter 7)
• Oracle SCM Cloud Securing Oracle SCM Cloud (Chapter 7)
SIMPLIFIED REFERENCE ROLE MODEL
Role definitions for the security reference implementation are simplified. The simplified roles reduce the complexity of role administration. Every job or abstract role that existed in Release 9 also exists in the simplified hierarchy for Release 10, and each authorizes the same privileges. Beneath that level many roles have been consolidated.
. 19
The nodes in the hierarchy between a job and its privileges are reduced and simplified. Release 10 will include both the hierarchy you are used to and the new simplified hierarchy. On upgrade, users will be members of the old hierarchy. You can move users to the new hierarchy at your discretion. Note that new functionality will exist under the new reference hierarchy. New functionality exists under the old hierarchy only if the role to which it is granted remains. You can use role comparison to locate functionality that only exists in the simplified hierarchy if you wish to move it to your old model.
STEPS TO ENABLE
To take advantage of the Role Simplification:
1. Opt in to utilize the new Release 10 simplified role hierarchies, ensuring all future new application features will be added without effort:
a. Review the new Release 10 roles b. Review the privileges for new product features in these roles and compare to your
company policy c. Execute the steps in the Migrating to the Simplified Reference Role Model section of the
Upgrade Guide for Oracle Cloud Applications Security 2. Move authorizations for new functionality released in your applications
a. Review and execute the instructions found in the Implementing New Features in a Pre-existing Role Model section of the Upgrade Guide for Oracle Cloud Applications Security
3. Use new product feature privileges with your previously created custom roles a. Review the Implementing New Features in a Pre-existing Role Model section of the
Upgrade Guide for Oracle Cloud Applications Security
THE REFERENCE MODEL (NEW)
Beginning in this release, you receive a new reference model for each enterprise role that was previously provided to you. The new reference role hierarchy is not linked to any enterprise role that you already have, therefore it is inactive. In other words, your existing hierarchies are not impacted during the upgrade and to take advantage of the new reference role hierarchy steps will need to be executed. Detailed steps are found in the above referenced white papers.
The exclusivity of the new reference model presents the following benefits:
• Provides a clean reference at all times • Ensures that your role models are preserved over time • Allows Oracle Applications Cloud to introduce new features in an isolated model • Gives you the option to test new features, validate the new features for business fit, and
implement the new features at your own pace
. 20
IMPORTANT: Reference Role Models: You should not modify the delivered reference role model noted by the ‘ORA_’ prefix. This delivered role model will always be refreshed by Oracle Applications Cloud, and if you modify in any way, your modifications will be reset at each upgrade cycle. Customized Roles: It is recommended that you copy your reference role and make customizations to the new copy
KEY RESOURCES
• Upgrade Guide for Oracle Cloud Applications Security • Upgrade Guide for Oracle Sales Cloud Applications Security • Upgrading Applications Security in Oracle HCM Cloud Release 10 • Oracle Applications Cloud Security Reference for Common Features • Oracle Human Capital Management Cloud Security Reference • Security Reference for Oracle Sales Cloud • Security Reference for Oracle Enterprise Contracts • Security Reference for Oracle Incentive Compensation • Security Reference for Oracle Financials Cloud • Security Reference for Oracle Procurement Cloud • Security Reference for Oracle Project Portfolio Management Cloud • Security Reference for Inventory Management, Shipping, and Receiving • Security Reference for Order Orchestration • Security Reference for Product Management and Cost Management • Security Reference for Supply Chain Financial Orchestration
COPY ROLE AND INHERITED ROLES
You may create a new role by copying an existing role, then editing the copy. If so, you have the option of copying only the "top" role (the role itself), or the top role and its inherited roles.
If you choose to copy only the top role, your copy shares its role hierarchy with the source role. That is, the source role inherits subordinate roles, and your copy inherits the same roles. Subsequent changes to those inherited roles will affect not only the source role, but also your copy.
If you choose to copy the top role and its inherited roles, the copied top role inherits new copies of all subordinate roles. This option insulates the copied role from any changes to the original versions of the inherited roles.
. 21
The following screen capture illustrates the feature.
Copy options for a role selected in a visualization
STEPS TO ENABLE
There are no steps necessary to enable this feature.
KEY RESOURCES
• Upgrade Guide for Oracle Cloud Applications Security • Upgrade Guide for Oracle Sales Cloud Applications Security • Upgrading Applications Security in Oracle HCM Cloud Release 10
ANALYZE ROLES BY CATEGORY
A role belongs to a category, which describes a purpose the role shares in common with other roles. Typically, a category contains a type of role configured for an application, such as "Financials — Duty Roles." You can review statistics about the categories themselves: the number of roles in each, the number of role memberships (roles belonging to other roles within the category), and the number of function and data security policies created for those roles. (A Roles by Category pie chart compares the number of roles in each category with those in other categories.)
You can select a category and list the roles belonging to it. For each role, you can review its role memberships, function and data security policies, and users assigned to it.
. 22
The following screen capture illustrates the Analytics page.
The Security Console Analytics page
STEPS TO ENABLE
You will need to schedule the Import User and Role Application Security Data job to run daily. This job populates the Application Security tables used for role analytics.
KEY RESOURCES
• Oracle Human Capital Management Cloud Securing Oracle HCM Cloud (Chapter 19) • Oracle Sales Cloud Securing Oracle Sales Cloud • Oracle Supply Chain Cloud Securing Oracle Supply Chain Cloud • Oracle ERP Cloud Securing Oracle ERP Cloud (Chapter 7)
AGGREGATE PRIVILEGES
An aggregate privilege, which is new in this release, combines the functional privilege for an individual task or duty with the relevant data privileges. Oracle defines aggregate privileges, and you cannot customize them, but you can include them within job hierarchies that you define. When a job hierarchy uses aggregate privileges, and you depict that hierarchy in a Security Console visualization, the aggregate privileges appear as distinct elements of the hierarchy.
. 23
The following screen capture, in which aggregate privileges are labeled "A," illustrates this feature.
A Security Console visualization of a role hierarchy that includes aggregate privileges
STEPS TO ENABLE
There are no steps necessary to enable this feature.
KEY RESOURCES
• Oracle Human Capital Management Cloud Securing Oracle HCM Cloud • Oracle Supply Chain Cloud Securing Oracle Supply Chain Cloud • Oracle ERP Cloud Securing Oracle ERP Cloud
GENERATE X.509 CERTIFICATES
A digital certificate establishes public and private keys for encrypting and decrypting data that Oracle Cloud applications exchange with other applications. You can now generate certificates in the X.509 format. (You continue to be able to generate certificates in the PGP format as well.) You can also export saved certificates for signing by a certifying authority or for use in other certificate systems.
KEY RESOURCES
• Oracle Human Capital Management Cloud Securing Oracle HCM Cloud (Chapter 19) • Oracle Sales Cloud Securing Oracle Sales Cloud (Chapter 11) • Oracle Supply Chain Cloud Securing Oracle Supply Chain Cloud (Chapter 11) • Oracle ERP Cloud Securing Oracle ERP Cloud (Chapter 11)
. 24
GENERATE CERTIFICATE SIGNING REQUESTS FOR X.509 CERTIFICATES
When you generate an X.509 certificate, it exists initially at a self-signed state. You would transform it to a trusted state by having it digitally signed by a certificate authority (CA). The Security Console enables you to create a certificate signing request (CSR) — a file you would send to a CA. You would then import the response as a trusted certificate.
STEPS TO ENABLE
There are no steps necessary to enable this feature.
TIPS AND CONSIDERATIONS
Although the Security Console creates the CSR, you are expected to follow a process established by your organization to forward the CSR to a CA. This process does not apply to PGP certificates.
KEY RESOURCES
• Oracle Human Capital Management Cloud Securing Oracle HCM Cloud (Chapter 19) • Oracle Sales Cloud Securing Oracle Sales Cloud (Chapter 11) • Oracle Supply Chain Cloud Securing Oracle Supply Chain Cloud (Chapter 11) • Oracle ERP Cloud Securing Oracle ERP Cloud (Chapter 11)
IMPORT CERTIFICATES FROM KEYSTORES
You can import a new X.509 certificate, typically belonging to an external source with which your system is to communicate. One or more X.509 certificates may be contained within a keystore, and you have the option of importing certificates from a keystore. (Alternatively, you may import a certificate file on its own.)
Keystore option selected during X.509 certificate import
. 25
STEPS TO ENABLE
There are no steps necessary to enable this feature.
KEY RESOURCES
• Oracle Human Capital Management Cloud Securing Oracle HCM Cloud (Chapter 19) • Oracle Sales Cloud Securing Oracle Sales Cloud (Chapter 11) • Oracle Supply Chain Cloud Securing Oracle Supply Chain Cloud (Chapter 11) • Oracle ERP Cloud Securing Oracle ERP Cloud (Chapter 11)
NEW REPORTS
Two new reports provide information about users and the rights they are granted:
• The Privilege Discoverer Report lists every secured action a user is authorized to within a work area.
• The User Role Membership Report lists each user's job roles.
WORKLIST ACCESS
By default, the actions that permit browsing of users in Worklist UIs are no longer enabled for external users. Access to the actions that allow browsing of users in the Worklist UIs is controlled using a new application role, BPM Worklist Internal Role (BPMWorklistInternalRole), which exists in the soa-infra policy stripe. This role is inherited by the predefined Employee and Contingent Worker roles, which means that users with those roles can continue to browse users in the Worklist UIs.
STEPS TO ENABLE
There are no steps necessary to enable this feature.
ROLE INFORMATION
• If your internal users do not have the predefined Employee and Contingent worker roles, and you want those users to retain the ability to browse users in the Worklist UIs, then you must give those users the new BPM Worklist Internal Role. Use the Authorization Policy Manager to give the BPM Worklist Internal Role to relevant roles. For example, if internal users who are currently authorized to browse users in the Worklist UIs have a custom Employee role, then add the BPM Worklist Internal Role to that role. Do not modify predefined roles. If appropriate, create custom roles and assign the BPM Worklist Internal Role to your custom roles, as summarized in this table.
Application Role Custom Abstract Role
BPM Worklist Internal Role
Employee Contingent Worker
. 26
• If your external users do not have the predefined Employee and Contingent Worker roles, and you do not want those users to be authorized to browse users in the Worklist UIs, then no action is required.
---
. 27
Copyright © 2015, Oracle and/or its affiliates. All rights reserved.
This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.
PB10.19
