I’m highlighting OpenWorld 2008 presentations that cover some of the most popular E-Business Suite technology stack topics. A catalog of all of the Applications Technology track sessions with links to the presentations is available here:

Our Applications Technology Group announced an important set of new authentication capabilities for Java-based E-Business Suite extensions and custom programs at OpenWorld this year.  Veshaal Singh, Director in our Applications Technology Group,
discusses the new capabilities and how they relate to the E-Business Suite’s existing security model in this presentation:

Architecture diagram showing authentication and authorization flow for new JAAS LoginModule for E-Business Suite

Veshaal covers the following topics in his presentation:


  • Security for custom development using ADF

  • Implementation challenges and existing solutions:

    • Example: EJBs running in a separate OC4J instance on an external Healthcare platform

    • Getting access to the APPS schema

    • Using the existing EBS responsibilities and function security in custom programs or extensions

    • Developing or extending E-Business Suite using J2EE

  • Authentication vs. authorization

  • Overview of the existing E-Business Suite Security model

    • Function security

    • Data security

    • Role Based Access Control (RBAC) and use cases

  • Java Authentication and Authorization Services (JAAS)

    • Technical overview

    • New lightweight LoginModule for JDK or J2EE environments

    • Supports JAAS authentication via AOL Security

    • Supports JAAS Authorization via UMX roles

    • Architecture and flow

    • Works for Oracle E-Business Suite Release 11i and 12

Related Articles