baseline product

Baseline SystemsBaseline Systems

Baseline Product Baseline Product ComponentsComponents

Development Infrastructure


Time Recording and HR Leave

Systems

Menu Access

Management

System Configuration

Menu Subsystem with

Database Security Integration

Menu SubMenu Sub--System and System and Access ManagementAccess Management




Systems

Menu Access

Management


Menu Subsystem with


Menu SubMenu Sub--System and System and Access ManagementAccess Management

� This module has a number of intrinsic components– Login Screens– Personnel Management - Functionality to manage

new and existing users – Menu Structure Management - Functionality to

manage the menu structure– Menu Access Management - Functionality that allows

the control of access by personnel, with respect to the created menu structure

– Database Security Integration - Direct integration with Oracle’s database security, prevents users from accessing data via other Oracle tools as well as via third party products.

Menu Login ScreensMenu Login Screens� This module allows existing users to login

into the menu system accessing only those menu items to which that they have been given access

Menu Personnel Menu Personnel ManagementManagement

� These screens allows the user to– Create or modify existing users– Manage Passwords, Database Roles and

Menu Access

Menu Structure Menu Structure ManagementManagement

� This screen allows the user to create custom built menu structures

� Once a menu tree structure has been created, the “Entry Point” concept can be applied

� This concept simply allows the one to select any leg in the created menu tree structure and assign a name to it

� Existing users or roles can then be associated to that ‘Entry Point’

� The associated user, when logging in, will only see that part of the tree for which he has authority

Menu Access ManagementMenu Access Management

Menu Access ManagementMenu Access ManagementWhen Creating a Menu StructureStep 1 - Create an “Entry Point”Step 2 - Associate a user to the created

“Entry Point”

When Logging into the SystemStep 3 - The user, when logging in,

will only see that part of thetree for which he has authority

Step 1

A “Entry Point” associated to the menu tree item ‘System Maintenance’

Step 2

Associate a user to the created “Entry Point”

Step 3

On login, select the appropriate ”Entry Point”

Database Security Database Security IntegrationIntegration

•Allows the creation of menu and database users

•On user creation, passwords are encrypted when creating the database user

•Allows the system Administrator to associate existing ‘Database Roles’ to users

•Based on a setup parameter, entry point access is controlled via either

- An individual user basis- Oracle database roles

Oracle Database

•Database roles are created

•Application objects (tables, procedures etc) are assigned to these ‘Database Roles’

•Based on access permissions, created users are then granted specific ‘Database Roles’

Oracle Database

•Database roles are created

•Application objects (tables, procedures etc) are assigned to these ‘Database Roles’

•Based on access permissions, created users are then granted specific ‘Database Roles’

[Menu] - User Maintenance

Screen

[Menu] - User Maintenance

Screen[Menu] –

Login Screen

[Menu] –Login Screen

•Login names and passwords are encrypted and checked. If correct then…

•Reconnects to the Oracle Database using login name and encrypted password - thus enforcing standard Oracle database security

•If the reconnection fails -processing is stopped and the menu structure is not displayed

•When logging in, the user is forced to change expired passwords.

Database Security IntegrationDatabase Security IntegrationBase ComponentsBase Components

� Database Schemes - Prefixed with a three letter acronym plus a ‘$’ sign (e.g. BSL$…)

� Database Roles and Profiles - Also prefixed with the same three letter acronym plus ‘$’ sign

� Private Synonyms� Encrypted Database Passwords - Controlled

via an algorithm within the menu sub-system

� On installation of the system, a three letter prefix is selected (say “BSL”)– All tables created for the menu system will be

owned by the database scheme “BSL$OWNER”– Any other database users created from within the

menu sub-system will also automatically have this prefix (e.g. “BSL$SMITH”)

Database Security IntegrationDatabase Security IntegrationOn Installation…On Installation…

� Once installation has completed, the following ‘Users’ and ‘Roles’ will exist– Roles

� BSL$LOGON: Which will have only the ‘Select’ privilege on a small subset of tables required for the logging into the system

� BSL$USER_ACCESS: Which will have all privileges on all the menu’s objects (e.g. Tables, procedures etc.)

– Users / Schemes:� BSL$OWNER: Which owns all the menu’s tables and procedures� BSL$LOGO: Which is granted the role ‘BSL$LOGON’ and is used

for the initial logging onto the system� BSL$ADMIN: Which is granted the role ‘BSL$ USER_ACCESS’

as well as private synonyms for all objects granted to the role ‘BSL$ USER_ACCESS’

Database Security IntegrationDatabase Security IntegrationUsers and RolesUsers and Roles

� Personnel Maintenance Screen (User Creation)– Before User Creation - The user password is run through a password encoding

algorithm which generates an encrypted password– On User Creation - The database user is created using the encrypted password

� Menu Login Screen– The entered password is run through the same password encoding algorithm– Using this encrypted password, this screen reconnects to the database using the

entered login name– On an error, processing is stopped and the menu structure is not displayed– Password expiration is controlled via the use of database ‘User Profiles’. This

ensures that on expiration the user is forced to change his password before proceeding any further.

� What This Means – The user password entered to log into the menu system is different

to the password for the created database user, thus preventing unauthorized access via other Oracle tools and third party products

Database Security IntegrationDatabase Security IntegrationPassword EncryptionPassword Encryption

System ConfigurationSystem Configuration




Systems

Menu Access

Management


Menu Subsystem with


System ConfigurationSystem Configuration� These values allow the user to control the way the system

reacts to allow the user to customize this to his own preferences

Development InfrastructureDevelopment Infrastructure




Systems

Menu Access

Management


Menu Subsystem with


Development InfrastructureDevelopment InfrastructureOn a High Level…On a High Level…

� This is a comprehensive set of Oracle libraries, classes, functions and object groups that are automatically made available to all newly created forms

� Development undertaken using this infrastructure will have the same look and feel about it

� A major benefit of this architecture is an enforced standard of programming that should ease the understanding of code within the development team

Development InfrastructureDevelopment InfrastructureBase Component ExamplesBase Component Examples

� Objects– Calendars, Toolbars, Navigation Buttons, Error and Information

Message Boxes

� Standard Properties– Screen types and sizing (Tabs, Pop-ups etc.)– Field types, Sizing and properties (Tick-boxes, Radio buttons,

Fonts, Colours, Sizing)– Screen Reactions (Query mode colour, Message display etc.)

� Screen Parameters– User selected entity, Screen name, User defined parameters

Thank you forThank you foryour timeyour time

baseline product

Documents