Roles and Database

Similar Messages

• Oracle JAAS with roles from database tables and Oracle SSO integration

  I have the following requirement for user authentication and authorization. The applications are build using ADF Faces and BC4J. User authentication should be done using Oracle SSO. User roles and functions will be stored in custom tables. These roles will be used on ADF application pages to restrict access to the UI components on a page. Example: User will "Employee" role cannot create a new employee; however, user with "HR" role can create a new employee.
  In this case, "Create" button will be visible on the ADF page.
  1. How can we use Oracle JAAS to use custom tables for roles instead of using flat XML files?
  2. How does ADF applications use these roles to restrict components on a page?
  3. For authentication, I guess we should be able to use SSO and integrate with Oracle JAAS?
  Thanks.

  Hi,
  I can give you the answers to 1 and 2 but haven't tried 3.
  1) Oracle OC4J since 10.1.3.1 has a database LoginModule that is explained in the OC4J security guide.
  I have a how-to document in review that will be published probaby next week and that explains how to set this LogiNModule up for JDeveloper and stand alone OC4J, though the OC4J documentation is pretty good as well
  http://download-west.oracle.com/docs/cd/B32110_01/web.1013/b28957/loginmod.htm#BABCDDAI
  2) Create a managed bean with boolan methods like isUserManager, isUserEmployee, isUserTechnician etc. In this methods check for the security role on teh request object's isUserInRole() method. Then access this methods from the disabled or rendered property using ExpressionLanguage
  A custom Login ModuleDoesn't use Oracle JAAS but plugs into it. So I am not sure if SSO would work with this because the custom LoginModule wouldn't get a username password pair but only a username that it has to trust.
  Frank

• Associate roles and permissions to users that existe on a database

  Hi,
  i want realise a secure authentification i used ADF Configuration but i found out that i cant bring my users from my database. i can just create new users with roles in Jdeveloper.
  do you how we can bring users to Jdeveloper and associate to them roles and permission ?

  i found this tutorial that is that what i did :
  1. Start up weblogic server (Run .. Start Server Instance)
  2. Log on to weblogic console ( http://localhost:7101/console/ )
  3. Use default username/password weblogic/weblogic1
  4. Create a datasource to connect to the schema where the authenticating database tables are (Services .. JDBC .. Data Sources)
  5. Use unique name for datasource. Use JINDI name of jdbc/
  6. Enter database name, schema name and password and test
  7. Add new Authentication provider (Security Realms .. myrealm .. Providers .. New)
  8. Enter datasource name, type SQLAuthenticator click Ok
  9. Going back into provider, change control flag to Sufficient
  10. Select Provider Specific tab and choose Plaintext passwords, password algorithm SHA-1
  11. Shut down weblogic
  12. Edit config.xml file in JDEV_DIR/system11.1.1.2.36.55.36/DefaultDomain/config and replace sql authenticator sql statements with those from web blog
  13. Restart weblogic.
  14. Go to users/groups tab in securty realm and view users and groups imported from database
  15. Set control flag for other providers to "Sufficient"
  source : http://brent.hmdclinical.com/2010/03/using-database-tables-as-weblogic.html
  but the step 12 i dont know what i need to change and with what ?

• Database roles and APEX

  Can database roles be used with APEX to control table and other object access between schemas?
  If so, please provide an example.
  If not, please explain why the product would be limited in this way. One of the major short comings we see is the need to directly grant privileges to each schema, rather than having the power of roles to do this.

  Kannan,
  With DATABASE ACCOUNT credentials set, we were able to authenticate users for each page, in accordance with their table privileges, as follows. Please join us in encouraging Oracle to build this logic into Application Express, as one of the authentication options. We consider this to be a major shortcoming of an otherwise great product.
  For each page, create a PL/SQL anonymous block process "before header", to determine if the user has the necessary privileges. In this example, the user must have UPDATE privilege for one table, and SELECT privilege for the other table used by the page.
  DECLARE
  CURSOR c_get_role IS
  SELECT DISTINCT drp.granted_role,dtp.privilege,dtp.table_name
  FROM dba_tab_privs dtp, dba_role_privs drp
  WHERE dtp.grantor = '<database name>'
  AND dtp.grantee = drp.granted_role
  AND drp.grantee = v('APP_USER')
  AND dtp.table_name IN ('<updateable table name>','<readable table name>')
  AND dtp.privilege IN ('UPDATE','SELECT');
  BEGIN
  :Pnn_USER_ROLE_MESSAGE := 'NO ROLE';
  :Pnn_USER_ROLE_PROTOCOL := 'NO ROLE';
  :Pnn_USER_HAS_PRIVS_FLAG := 0;
  FOR rec IN c_get_role
  LOOP
  IF rec.table_name = '<updateable table name>' AND
  (rec.privilege = 'UPDATE')
  THEN
  :Pnn_USER_ROLE_MESSAGE := rec.granted_role;
  ELSIF rec.table_name = '<readable table name>' AND
  (rec.privilege = 'SELECT' OR rec.privilege = 'UPDATE')
  THEN
  :Pnn_USER_ROLE_PROTOCOL := rec.granted_role;
  END IF;
  END LOOP;
  IF (:Pnn_USER_ROLE_MESSAGE != 'NO ROLE') AND (:Pnn_USER_ROLE_PROTOCOL != 'NO ROLE')
  THEN
  :Pnn_USER_HAS_PRIVS_FLAG := 1;
  END IF;
  END;
  Note that APEX_PUBLIC_USER must have read privilege for the dictionary tables.
  Now you can use the flag variable and create an HTML region to source the error message to display if the user has insufficient privileges.
  PL/SQL Function Body Returning a Boolean..
  IF :Pnn_USER_HAS_PRIVS_FLAG = 0 THEN
  RETURN TRUE;
  ELSE
  RETURN FALSE;
  END IF;
  Add a condition to the normal page regions to display themselves only if the user has privileges and appropriate role, based on the flag being TRUE (same as the IF block above, except FLAG = 1).

• Where are role and administrator settings saved?

  We have had issues in the past that have caused us to have to
  re-setup our site, including all administrative settings and all
  roles and users. Surely all of this is saved somewhere. If we just
  knew where, we could backup the info for an easier restore if
  further problems ensue.
  Anyone know how to backup site settings?

  I got the following reply on a separate forum:
  quote:
  For a website that has been administered by Contribute
  (Publishing server is not enabled), you would find an _mm folder in
  the website root on the remove server. This is a contribute
  specific folder and it contains the administrative settings, role
  information and users.
  For CPS managed sites, the _mm folder still holds the
  information about the administrative settings and role information.
  The user information of the sites are stored in the Database folder
  of CPS. The Database folder can be found in the following location,
  <CPS Install Path>\Database.

• HOW TO CREATE ROLE AND ASSIGN TO USER

  Dear all
  1- Create ROLE data_entry
  2- Now open the Form Builder --> open Mennu.mmb --> F4,it open the property pallete --> Set use secturity option
  YES and in Module Role option set Roles --> form_entry
  5- Press F3 (Come back in Navigator Pane) then double click on Mennu, it open Mennu which is attached Forms then
  double click on that one Form which attach Role with it --> click on Item Role --> and attach the Role
  6- Go start Mennu --> Oracle Form6i-Admin --> Build after this it will ask
  ‘Enter System Passwors’ then Give the Local Password.
  'Enter database connection ( e.g. t:node:SID) [LOCAL] ' Give ORCL ( but me confused what should i give over
  here)
  7- Create User DEO Identified By DEO
  8- Grant DBA to DEO
  9- Grant data_entry to DEO
  When i run my application and get login by DEO user then i receive this Error:
  FRM-10247: No activate items in root menu of application.
  please let me know where i am making mistake
  Thanks in advance
  Regards,

  Hi,
  Just check your second point.
  - Now open the Form Builder --> open Mennu.mmb --> F4,it open the property pallete --> Set use secturity option
  YES and in Module Role option set Roles --> form_entryHere, you are using "form_entry" role to the menu but you've granted data_entry role to the user.
  Hence, at run time forms is expecting user with form_entry role, which it's not getting.
  Hope it helps.
  Please mark answer as helpful / correct, if it helps you
  Navnit

• What are Roles and Role entry points in the context of windows azure?

  I am just starting out with my journey towards understanding azure. I have a vague idea about the Web and Worker roles.
  So when I am publish-deploying a website on azure from visual studio, am I doing something with respect to roles? Am I starting up a Web role?!
  RoleEntryPoint: But this is actually related with the web/worker roles and services. My understanding is that the RoleEntryPoint is some code which is executed when you deploy "services" on the azure cloud. These services either have a web role or
  a worker role.
  What is "services" in this context? So what traditional (on-premise) app would be analogous to a service that has a web worker role? A WCF service or WebApi? Or can it be a website? So would a service having a worker role be something analogous to
  a "windows service"?
  And finally RoleEntryPoint. I don't get the use case. From what I've seen,
  say you want to initialize some related services that support your main service, for e.g. a cache server, or a sql database, you have have the initialization logic written in these classes and make the code perform them.
  There are definitely other ways to do this right? You don't need to necessarily tie the deployment of that main service with the initialization of the other services. They could be separate deployments, right?!
  I am a bundle of mistakes intertwined together with good intentions

  Hi deostroll,
  From you post I understand you've read quite a lot about Azure, but I'm affraid there's still some misunderstanding on what all these terms mean.
  Azure is a cloud computing suite of services tiered into three categories: IaaS, PaaS and SaaS. IaaS stands for Infrastructure-as-a-service and is an offering where Microsoft allows you to run your own virtual machines. You will handle everything from software
  patching, network connectivity (from the application level: virtual networks etc.), software installition and configuration etc. Basically everything you would do today on your own premise except for whatever concerns hardware (bare-metal). PaaS stands for
  Platform-as-a-service, and is a middle offerint, where Microsoft selects some VMs and is responsible for periodically patching this machines. You don't have to care about IIS or whatever existing applications there are on the VM either, because it's Microsoft's
  job to do this. Last but not least, SaaS stands for Software-as-a-service, and is the offering where you use a piece of software without even knowing what infrastructure exists behind it: I guess you've used some sort of webmail client before, right? That's
  a SaaS.
  When it comes to Windows Azure, IaaS is offered as Azure VM, PaaS is offered as Azure Cloud Services (formely known as Azure Hosted Services, should you get across documentation that uses that term instead) and SaaS is offered in the form of: Azure WebSites,
  Azure Mobile Services, Azure Media Services and many more.
  When you talk about either web roles or worker roles, you actually talk about two forms of roles that exist in the context of an Azure Cloud Service. Basically, when you create a cloud project from Visual Studio, you end up in adding either Web projects
  which might (but not necessarily) be linked as a Web Role to your Azure Cloud Service. You may also add, to the same solution, Worker Role projects. As you've probably already guessed, whenever you add a Web role, the web project it references is a web project
  in the literal term: ASP.NET Web Project, whether that is WebForms, MVC, MVC WebAPI that's all completely up to you. However, what is a worker role project, you might ask? A worker role project might be though of just as a console application. You basically
  get absolutely no UI, but your code runs as long as it runs inside an infinite loop at some point. If the loop stops, just like a console application, your worker role will stop which will force the Azure FabricController to refresh your role. Consider the
  FabricController has the guardian of all roles, which will auto-magically 'respawn' your roles whenever something goes wrong, whether that's a software issue in your app, in the OS or a hardware failure.
  Moreover, keep in mind that every role in your cloud service project ends up in being created as a separate VM. What this means is that you will have separate VMs for each roles in your cloud service, so even if you create several web projects, you still
  get one machine, with one IIS instances with a single web application (yours) for each of your cloud's roles. Same goes for worker roles.
  I hope this information clears up some of the questions you might have.
  Alex

• How to enable Load Roles from database in workflow builder

  Hi,
  I am new to workflow.
  In the wrokflow builder, How to enable file -> Load Roles from database.
  I am working on workflow builder2.6.3.5.
  Thanks & Regards,
  Bharathi.S

  You have to connect to database to load roles. File --> Open --> Database, then select the workflow.
  Then load roles, then save to database.
  The save as to .wft file and work on for customizations.

• Oracle Database Vault vs Audit Vault and database firewall

  Hi All,
  I would like to know the main difference between Oracle Database Vault and Oracle Audit Vault and Database firewall.
  I have read all the white papers and documents on them both and find them very similar in work process.
  Only difference I see in the pricing.
  I feel Oracle audit Vault can do all the work of Database Vault with added feature of proactive session monitoring.
  If someone can help me based on their knowledge and experience it would be appreciated.
  Thank you.

  I have read the white papers of both Database Vault and Audit Vault
  According to database Vault sessions can be managed using various roles created as per business requirements.
  Audit vault offers same thing in terms of a firewall which manages and restrictions based on roles created .
  From the white papers:
  DATABAES VAULT:
  Oracle Database Vault restricts access to specific areas in an Oracle database from any user, including users who have administrative access.
  This enables you to apply fine_grained access control to your sensitive data in a variety of ways.
  Oracle Database Vault enables you to create the following components to manage security for your database:
  Realms
  Command Rules
  Factors
  Rule Sets.
  DATABAE AUDIT AND FIREWALL:
  Oracle Audit Vault and database Firewall consolidates database activity monitoring events and audit logs. Policies enforce expected application behaviour, helping preventing SQL injection, application bypass, and other malicious activities from reaching the database while also monitoring and auditing privileged users and other activities inside the database.
  To me these sound very similar of doing same work.
  My apologies as I am unable to paste the whole text here and I cannot type full documents here 

• Role and privilege used by JDBC

  Is there any reqiured role and privilege used by JDBC?
  I use Oracle JDBC9203 for Oracle to connect Oracle8163, when executing certion codes, the JDBC raise a exception as below:
       at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:134)
       at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:179)
       at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:269)
       at oracle.jdbc.oracore.OracleTypeCOLLECTION.initCollElemTypeName(OracleTypeCOLLECTION.java:1026)
       at oracle.jdbc.oracore.OracleTypeCOLLECTION.getAttributeType(OracleTypeCOLLECTION.java:1056)
       at oracle.jdbc.oracore.OracleNamedType.getFullName(OracleNamedType.java:110)
       at oracle.jdbc.oracore.OracleTypeADT.createStructDescriptor(OracleTypeADT.java:2262)
       at oracle.jdbc.oracore.OracleTypeADT.unpickle81(OracleTypeADT.java:1656)
       at oracle.jdbc.oracore.OracleTypeUPT.unpickle81UPT(OracleTypeUPT.java:466)
       at oracle.jdbc.oracore.OracleTypeUPT.unpickle81rec(OracleTypeUPT.java:416)
       at oracle.jdbc.oracore.OracleTypeCOLLECTION.unpickle81_imgBody_elems(OracleTypeCOLLECTION.java:979)
       at oracle.jdbc.oracore.OracleTypeCOLLECTION.unpickle81_imgBody(OracleTypeCOLLECTION.java:923)
       at oracle.jdbc.oracore.OracleTypeCOLLECTION.unpickle81(OracleTypeCOLLECTION.java:743)
       at oracle.jdbc.oracore.OracleTypeCOLLECTION._unlinearize(OracleTypeCOLLECTION.java:242)
       at oracle.jdbc.oracore.OracleTypeCOLLECTION.unlinearize(OracleTypeCOLLECTION.java:208)
       at oracle.sql.ArrayDescriptor.toJavaArray(ArrayDescriptor.java:963)
  I decompile "OracleTypeCOLLECTION.class", in funtion "initCollElemTypeName", i see a SQL as "select elem_type_name, elem_type_owner from all_coll_types where ....", this sql raise the error.
  Since all_coll_types is a system view of Oracle, i think the user connect to Oracle must have some role and privilege, it has connect role and execution privileges on some user-defined packages, is there any other role and privilege it needs? I don't like to grant DBA role to it for security reason.
  Very thanks for your reply.

  Can you post the code (Java and PL/SQL) that is being executed when this error is thrown? You don't need any particular privilege to execute PL/SQL via JDBC-- just the privileges you'd need to execute it in SQL*Plus or anywhere else.
  Justin
  Distributed Database Consulting, Inc.
  www.ddbcinc.com/askDDBC

• Did I kept worthy roles and responsibilities in my resume?

  I am trying jobs on SAP BASIS. My resume is not getting shortlisted by the companies. Here I am keeping my roles and responsibilites whcih I kept in my resume. Can u please check them once and suggest me regarding this?
  Support Project: Roles and Responsibilites; Kept 1 year experience in this
  &#61558;     Resolving the tickets, which were raised by the end users
  &#61558;     Defining STMS, supporting and managing transport process
  &#61558;     Transported programs, Tables, authorizations and User Master Records across clients and systems
  &#61558;     Monitoring the work processes
  &#61558;     Performed Client Transports between Development and Production Servers.
  &#61558;     Performing user administration for 40,400 users, Created authorization Profiles, Activity Groups/Roles and Users and Managing security authorizations within SAP.
  &#61558;     Processing, controlling and trouble shooting the issues related to the background jobs
  &#61558;     Daily analyzing of ABAP dumps, Systems logs, Systems Trace, Lock Entries
  &#61558;     Setting up operation modes.
  &#61558;     Performing health checkup for system and database on daily basis
  &#61558;     Database Backup, Restoration, Recovery & BRARCHIVE’s, Tablespace administration.
  &#61558;     Maintaining Spool system.
  Implementation *** upgradation project: Roles and Responsibilites;
  Kept 2.2 years experience in this.
  &#61558;     Creating Users and Maintaining User Master Record  
  &#61558;     Creating Roles using Profile Generator tool
  &#61558;     Troubleshooting Authorizations Profile issues of the users
  &#61558;     Performing Local Remote, Client Export and Import
  &#61558;     Configuring RFC for Remote Client Copies
  &#61558;     Performing Creation of new Clients, Client copies from Development, Quality and Production systems
  &#61558;     Working with the Transport organizer and workbench organizer, releasing tasks and requests, checking Transport results
  &#61558;     Free space and adding data file & table spaces as necessary
  &#61558;     Applying SPAM update, Support package, technical/informative note fixes to       program
  &#61558;     Knowledge of Kernel upgrade process
  &#61558;     Knowledge of Installation of SAP R/3 4.X on Windows 2000/2003 servers and on UNIX.
  Can anyone suggest me regarding this...

  Try a different forum and a little less resume inflation
  Cheers
  Mikie

• Implementing roles and rules based authorisation with Azure AD

  Hi all,
  I would greatly appreciate some input on feasibility and patterns I should look at for a complex technical requirement that I am currently tasked with designing.
  We have a system that comprises a web and mobile app. In the past we have implemented session based authentication through ADAM and authorisation through custom business rules contained within the applications. The authentication mechanism is in the process
  of being migrated to Azure AD and authorisation is planned to be moved to Azure AD for our next release.
  Existing authorisation within our web application is already complex. We have users that belong to different groups with a range of permissions such as read, write or admin. Additionally each user is granted access to N customers and also N locations within
  each customer. We have a requirement that any number of combinations of customers and locations be supported. Users also need to have different permissions for each entity, i.e. read access to customer 1 location 2, write access to customer 4 and administer
  customer 7. Currently these privileges are maintained within a relational database and enforced as part of each PageLoad(). Essentially this is a combination of roles and rules based authorisation.
  We are struggling to represent this complex matrix structure within Azure AD and efficiently implement the authorisation decision in Azure AD. The driver for this technical requirement is to provide re-usability of the authorisation component to other (as
  yet unidentified) applications.
  Currently the best option we have come up with is implementing custom attributes for each class of permissions and storing within this 2048 bit field a bitmask that represents whether this permission is granted for a given location (which has a many to one
  relationship with customer).
  Any help or comment would be gratefully received,
  Phil

  Hi
  When "Advance routing" is used for Task assignment; the task service asserts the folllowing fact types : Task, PreviousOutcome and TaskAction to the rules engine. These facts gives all the reqd info about the task (like outcome of the participant, task stage .. etc)
  Now in the defined ruleset; we can have rules as per our requirement that can extract info from the asserted fact types and assign task to the required/next participant.
  Also note that we write the advance rules for exception cases only.
  For example; let's say all participants have 2 possible Outcomes [COMPLETE, RECHECK]. We have defined the ideal task routing flow as :
  Participant A -> Participant B -> Participant C. This is the flow when all participant selects "COMPLETE"
  Now suppose B selects outcome as "RECHECK" then the task shld move back to A. So for this case only we need to write a advance rule.
  Pls refer to the code sample at : http://download.oracle.com/technology/sample_code/hwf/workflow-106-IterativeDesign.zip
  Also dev guide : refer to section 28.3.7.2 http://download.oracle.com/docs/cd/E14571_01/integration.1111/e10224/bp_hwfmodel.htm#BABBFEJJ
  Thanks
  Edited by: Kania on May 19, 2010 2:41 AM

• Role and User not listed

  Previously I had created a role and added a user. The user
  waited several weeks to try to login and now is receiving a message
  that his role is no longer valid. When I login to administer the
  site his role is not listed and when I re-created the role I can't
  add him because his name is 'grayed' out and indicates that he is
  currently assigned to the previous role.
  Has anyone else had this problem? How can I fix it?

  When selecting "Database", a Planning Create will create (or recreate) the Planning application in Essbase. This will erase any Planing supporting detail, account annotations, etc. It will also (IIRC) blow away the Essbase database.
  A Planning database refresh updates Essbase with metadata changes (if any).
  You know, I've never tried doing a Create->Security Filters.
  Now if you mean Administration->Manage Security Filters->Create -- that will just update the filters with whatever the latest and greatest dimensional security is. If you selected all of the filters, it is as if you did a Administration->Manage Database->Security Filters. The idea being you might want to target it if you have many users/large filters.
  I think the first time that user logs in you will see the username in the Administration->Manage Security Filters list.
  Going backwards, re your first question -- provision the username in SS with access to the Planning app (however you do that, groups, individually, etc.), and give him Essbase server access. Have him log in. All should be good to go.
  Regards,
  Cameron Lackpour

• What are the Roles and Responsibilities of SAP Testing Consultant?

  Hello,
             i want to know about The Roles and Responsibility of SAP Testing Consultant,,pls anybody guide me Real time scenarios.
  regards,
  Balaram

  Understanding the business scenarios
  Organization Structure to incorporate the tune of the script.
  Preparation of test scripts
  Execute and record results to see if it is fine before going to approval.
  Make changes to your test script if required.
  What is Test Script (Scenario Testing)
  Header Data
  Step in Process
  Transaction Code / Program (FB60)
  Menu Path
  Description
  Field Data and actions to complete
  Expected Results
  Actual Results
  TPR
  Closing Period
  F.19 Clearing GR/IR Account
  F.13 Adjustments GR/IR Account
  Using of these above two accounts will help us in clearing the balances and adjustments to those respective clearing accounts so that the GR/IR account will be zero balance and the balances will appear in respective reconciliation accounts accordingly the balances will be carried forwarded to next fiscal year.
  GR/IR Clears the following Documents
  GL Document
  Customer Documents
  Vendor Documents
  Assignment Field is important in any document (ZUONR), Amount (DMBTR)
  Foreign Currency Valuation
  Lowest Value Method, If we are in loss then only we will account for it.
  GL Accounts which are important in Testing
  Enjoy Transaction   - FB50
  Normal Transaction - FB01
  Document Parking   - FV50
  Post with Clearing   - F-04
  Incoming Payment   - F-06
  Outgoing Payment   - F-07
  Document Related
  Reset Cleared Items   - FBRA
  Parking Document Posting  - FBVO
  Reversal Documents   - F-14
  Company Code Clearing A/C
  (Trial Balance purposes) reversal  -  (FBUB)
  Clearing Account
  Partial clearing Invoice  - 100 - Open Item
                             Paid  -   70 - Open Item
                         Balance -   30
  In Partial Clearing you can see 100 and 70 are cleared line items and 30 as balance and if it is in Residual you can only 30 as balance as it creates new line item and you canu2019t see the other cleared line items.
  As no company will use residual clearing as it affects on ageing reports.
  Open Items in Foreign Currency in all Modules GL/AP/AR  - F.05
  Master Data
  Company Code
  Currency
  Only Balances in local currencies
  Reconciliation Account Type
  Year End Scripts
  Re Grouping Receivables / Payables  - (F101)
  Bad Debts Provisions u2013 Scripts
  We assume that the customer has not paid at the end of the year you doubt whether this receivable will ever be paid. So you make a transfer posting for the receivables to an account for individual value adjustments using special GL Indicator E and Transaction Code F-21
  Carry forward Balances
  Sub Ledgers and General Ledger balances to be forwarded to next Fiscal Year
  Accounts Payables
  Vendor Down Payments
  Invoice
  Parking
  Reversal
  Outgoing Payments
  Automatic Clearing
  Manual Clearing
  Advance (Down Payment)
  Post with Clearing
  Post without Clearing
  Reset Clearing
  Carry forward
  Regrouping
  Foreign Currency Valuations
  Accounts Receivables
  Customer Down Payments
  Invoice
  Parking
  Reversal
  Incoming Payments
  Manual Clearing
  Advance (Down Payment)
  Post with Clearing
  Post without Clearing
  Reset Clearing
  Carry forward
  Regrouping
  Foreign Currency Valuations
  Other than that, it is important to know the following:
  Unit Testing
  When you test every single document is called unit testing.
  String Testing
  One transaction full activity is called string testing . For example Vendor invoice, goods received and vendor payment.
  Integration Testing
  It is purely with other modules and we have to check whether the FI testing is working with other related modules or not.
  Regression Testing
  Testing for whole database. Bring all the data into another server and do the testing is called regression.
  UAT
  When we test any particular document with the user and if it is ok immediately we have to take the signature on the document, which is signed off and can be forwarded to the immediate boss. There are some steps to be followed when we go for user acceptance testing.
  Transaction u2013 Script Writing u2013 Expected Results u2013 Compare with Actual Results
  TPR (Transaction Problem Reporting)
  While doing the user acceptance testing if we get any problems then there are some methodologies to be followed according to the companyu2019s policy and normally as a tester we always need to write on Test Script itself.
  Hope this helps you.
  Regards,
  Rakesh

• Configuring roles and users (adf security) application context wise.

  Dear All,
  I referred this tutorial (http://biemond.blogspot.com/2008/12/using-database-tables-as-authentication.html) which shows how to hook up adf security with database schema but at domain level which will be common to all applications in that domain. I want to make it different to each application. (i.e each application will use differene database schema for storing user credientials i.e enterprise roles,application roles and users.)
  Can any one please point me to proper way..
  Regards,
  Santosh
  jdev 11.1.1.2.0

  Dear Frank,
  <i>
  Instead you have a single identity management system and have the application policies being different for the applications.Using ADF Security, users and groups can have different privileges in different applications
  </i>
  suppose i have 3 applications that use adf security, the users will be common to all applications. right..?Roles and group can be different for applications.
  application polices means roles and group..?
  So how it(application polices) can be made different for applications? is it inbuilt or some configurations needed ?. Can you point me to some blogs or tutorials for more reference.
  Bet: Incase i hook up adf security with database schema.
  Regards,
  Santosh.