Oracle Applications (E-Business Suite)
Oracle Applications (E-Business Suite)
Oracle Applications (E-Business Suite)
Table of Contents
1/10
.
1. Execute E-Business Suite Security Report
This built-in report validates the profile option values, seeded application user accounts for security.
Use the following procedure to execute the report:Start Oracle E-Business SuiteConnect to responsibility
Application DiagnosticsSelect the Diagnose menu optionClick button Select Application and select
Application "Oracle Application Object Library"Scroll down to group "EbusinessSecurity"Select test name
"Best Practices: E-Business Suite Security Tests"Input Parameters (* required)None
MAINOPTIONS
MAINOPTIONS
MAINOPTIONS
2/10
FND_AUDIT_SCHEMAS
FND_AUDIT_TABLES
FND_CONCURRENT_PROGRAMS
FND_DATA_GROUPS
FND_DATA_GROUP_UNITS
FND_ENABLED_PLSQL
FND_FLEX_VALIDATION
FND_FORM
FND_FORM_FUNCTIONS
FND_GRANTS
FND_MENUS
FND_MENU_ENTIRES
FND_ORACLE_USERID
FND_PROFILE_OPTIONS
FND_PROFILE_OPTION_VALUES
FND_REQUEST_GROUPS
FND_REQUEST_GROUP_UNITS
FND_RESP_FUNCTIONS
FND_USER_RESP_GROUPS
REFERENCE
MAINOPTIONS
MAINOPTIONS
3/10
Applications user ID from FND_USER LAST_UPDATE_LOGIN Login ID from FND_LOGINS
LAST_UPDATE_DATE Date and Time row as last updated LAST_UPDATED_BY Oracle Applications
user ID from FND_USERS
MAINOPTIONS
MAINOPTIONS
REFERENCE
MAINOPTIONS
REFERENCE
4/10
MAINOPTIONS
REFERENCE
MAINOPTIONS
Some forms allow users to modify the EBS security setup. Through these forms users could alter security
configuration (e.g. grant inappropriate privileges to themselves or to others). Assign users only those
responsibilities necessary for them to perform their tasks.
REFERENCE
Form Function Form Name FND_FNDATDAG FNDATDAG Audit Groups FND_FNDATDAI FNDATDAI
Audit Installations FND_FNDATDAT FNDATDAT Audit Tables FND_AUDIT_COLUMNS
FND_FNDFMFBF FNDFMFBF Forms FND_FNDFMFUN FNDFMFUN Functions FND_FNDMNMNU
FNDMNMNU Menus FND_FNDPOMPV FNDPOMPV Profile System Values FND_FNDRSGRP
FNDRSGRP Request Groups FND_FNDSCAUS FNDSCAUS Users FND_USER FND_FNDSCPLS
FNDSCPLS Web Enabled PL/SQL FND_FNDSCRSP XDP_FNDSCRSP FNDSCRSP Responsibilities
MAINOPTIONS
5/10
Architecture: Internet/External, Multi-Node
Oracle Applications responsibilities like SYSADMIN responsibility has broad administrative privileges. For this
reason, regularly review this list of users having administrative responsibilities including SYSADMIN and
product administrative responsibility.
MAINOPTIONS
MAINOPTIONS
MAINOPTIONS
6/10
cannot identify which user performs a function. Instead, create shared responsibilities which is assigned to
multiple users. It helps to share the same functions, reports and permission sets while the system tracks
individual user actions.
MAINOPTIONS
MAINOPTIONS
17. Enable custom password profile options for Oracle Application Login
Enabling the profile options support strong application passwords, account lockout after failed logon attempts
and session inactivity timeout.
For additional password security custom password rules can be implemented by using Signon Password
Custom profile option to define a custom validation Java class. To enable custom password validation for
Oracle Application Login Use oracle.apps.fnd.security.PasswordValidation to customize password
implementation if SSO is not implemented. The details of the functions are:
Signon Password Case - enables to use upper and lower case chars
Signon Password Failure Limit - control number unsuccessful login attempts
Signon Password Hard To Guess - checks for atleast one char & one number, doesn't contain username and
no repeating characters
Signon Password Length - minimum length of the password
Signon Password No Reuse - number of days before which one cannot reuse an old password
Password Expire section in user - define form, to make passwords expire
Oracle supports Single Sign-on(SSO) integration with other enterprise identity management platforms. Check
out SSO sections for more details.
REFERENCE
MAINOPTIONS
7/10
Categories: Database Tier, Application Tier
REFERENCE
MAINOPTIONS
MAINOPTIONS
MAINOPTIONS
MAINOPTIONS
8/10
Versions: 12.1.1+, 12+, 11.5.10+, 11.5.9
Compliance: PCI-DSS, HIPAA, EU Privacy Law
Categories: Application Tier
MAINOPTIONS
MAINOPTIONS
MAINOPTIONS
9/10
REFERENCE
MAINOPTIONS
MAINOPTIONS
MAINOPTIONS
10/10