To delete the server cache, normally we bring down the application server services and deltete the contents under $PS_HOME/appserv/{domain}/cache folder. We can workaround this complicated process by invalidating the current cache. You can use the following command to invalidate the cache.
UPDATE PSSTATUS SET LASTREFRESHDTTM = SYSDATE
Hope this helps some of you guys.
Clearing the Application Server Cache Without Shutting it Down
Friday, April 17, 2009
comments
0
Configuring PeopleSoft Forgotten password in the site
When first looked into PeopleBooks on how to implement the Fortgot Password functionality, it was very disappoing that the information provided is no where close to a successful implementation. After a deep struggle I was able to set this thing up, but if I look back I felt like “Oh! this is a piece of cake”
Basically you can set this thing in one of two ways.
- Setup a separate PIA site for password retrieval.
- Using the same site for password retrieval.
Here I’m giving you a step by step instructions to setup a separate PIA site. If you want to use the other type (option 2: using same site), you need to tweak it little bit.
Note: This was tested successfully on PeopleTools 8.45.17 . The procedure might be different for your tools version (may be not).
- Shutdown your web server
- Install a sepate PeopleSite by going to {PS_HOME}/setup/mpinternet/setup.xxx
- Select the same JOLT port number which matches to your application server (Look into psappsrv.cfg or configuration.properties for the other PIA site)
- Login to PeopleSoft 3-tier
- Create a new permission list called “RECOVERPSWD“ by going to PeopleTools -> Security -> Permissions & Roles -> Permission Lists menu
- Click on Pages tab and add MAINTAIN_SECURITY menu
- Click on Edit Components and authorize the component EMAIL_PSWD by going to Edit Pages and Select All
- Click OK , OK and then click Component Interfaces tab of the same permission list, then add a component called USERMAINT_SELF and give Full Access to it by clicking the edit button.
- Go to Web Libraries tab of the same permission list and add the WEBLIB_PORTAL and WEBLIB_PT_NAV web libraries and give the Full Access by clicking the Edit button for the libraries like in the previous step.
- Create a new role called “Forgot Password“ by going to PeopleTools -> Security -> Permissions & Roles -> Roles menu and add the permission list “RECOVERPSWD” to it.
- Now create a new user called FPSWD (or whatever you like) and remember the password. Click Id tab and select Id Type as None. On the roles tab add the role “Forgot Password“ role to the user.
- Sign out and log back in with the new user id FPSWD to see if you are able to login.
- Open a permission list, which have access to all your users (example: ALLPAGES) and on the General tab turn on the checkbox that says “Allow Password to be Emailed?” and save it.
- Go to PeopleTools -> Security -> Password Configuration -> Forgotten Password Hint and create a new password hint or you can use one of the delivered hints.
- Go to PeopleTools > Security > User Profile > Forgot My Password Email Text to add whatever comments you want returned on the email you are sending to users. You MUST also add <<%PASSWORD>> to the end.
- Go to “My System Profile”. Make sure that the email address for this user, and any other user profile who will be using this functionality, is filled in and points to an account that you can use to retrieve email from.
- While still in the “My Profile” click on the link “Change or set up forgotten password help”. Select the appropriate question to ask the user, then fill in the answer that will correctly answer the question. Note that this answer gets converted to all UPPERCASE. Make sure that you save the user profile. ALL Users will be required to set this up BEFORE they can use the Forgot Password link.
- Use a text editor to edit the signin.html file in your web server directory that you installed PeopleSoft into (this should be the original site not the site that you just installed). The filename will most likely be something like {PS_HOME)/webserv/peoplesoft/applications/portal/web-inf/psftdocs/ps/signin.html or websphere/appserver/installedapps/peoplesoft/portal/web-inf/psftdocs/ps/signin.html
- Now open your configuration.properties file from your web server psftdocs folder and add the following 3 lines and recycle the webs server.
- Go to PeopleTools -> Web Profile -> Web Profile Configuration , search and select your web profile and under security tab select public access and enter user id and password that your created above.
- Now go to the signon page. You should now see a hyperlink right below the password box that says, “Forgot your password?” Clicking on this link will take you to a page that allows you to input your user id. Type in the user id that you were logged in as when you did the “My Profile” stuff above.
- Then you will be presented with the question that you setup for this user. Type in the correct answer and then you will get the password mailed to you. (Note that you need to setup SMTP settings in your application server configuration. Otherwise this functionality will not work)
- Use the new password to logon.
Find two lines that look like the following by searching for the string “pwd.
<input TYPE=”password” id=”pwd” name=”pwd” class=”PSEDITBOX”></td>
Insert a new line after the first one, so that you have something that looks like this:
<BR><A HREF=” http://yoursite/psp/FSPRD/EMPLOYEE/ERP/c/MAINTAIN_SECURITY.EMAIL_PSWD.GBL”>Forgot your password?</A></td>
Note that the above address is just an example. You would need to find your own URL.
If you don’t know what is the url you need to add before MAINTAIN_SECURITY in the above string, navigate to PeopleTools–>Security–>User Profiles, and open any content reference in this menu. All the components referenced are in the MAINTAIN_SECURITY menu and therefore they have same url than EMAIL_PSWD.GBL. So copy/paste the URL before MAINTAIN_SECURITY to your link.
bypasssignon=true
defaultuserid=FPSWD
defaultpwd = whatever password you used for this user id.
SQL - Roles Assigned to Permission List
SELECT b.rolename, b.classid AS permission_list
FROM psclassdefn a, psroleclass b
WHERE a.classid = b.classid AND a.classid = :permissionlist;
Thursday, April 16, 2009
comments
0
Permission List Page Access
SELECT b.menuname, b.barname, b.baritemname, b.pnlitemname AS pagename,
c.pageaccessdescr,
DECODE (b.displayonly, 0, 'No', 1, 'Yes') AS displayonly
FROM psclassdefn a, psauthitem b, pspgeaccessdesc c
WHERE a.classid = b.classid
AND a.classid = :1
AND b.baritemname > ' '
AND b.authorizedactions = c.authorizedactions;
Permission List for the Component
SELECT menu.menuname, compdfn.pnlgrpname, auth.classid permission_list,
CLASS.classdefndesc permission_desc
FROM psauthitem auth,
psmenudefn menu,
psmenuitem menuitm,
pspnlgroup comp,
pspnlgrpdefn compdfn,
psclassdefn CLASS
WHERE menu.menuname = menuitm.menuname
AND menuitm.pnlgrpname = comp.pnlgrpname
AND compdfn.pnlgrpname = comp.pnlgrpname
AND compdfn.pnlgrpname LIKE UPPER (:component_name)
AND auth.menuname = menu.menuname
AND auth.barname = menuitm.barname
AND auth.baritemname = menuitm.itemname
AND auth.pnlitemname = comp.itemname
AND auth.classid = CLASS.classid
GROUP BY menu.menuname, compdfn.pnlgrpname, auth.classid, CLASS.classdefndesc
ORDER BY menu.menuname, compdfn.pnlgrpname, permission_list;
Peoplesoft Internet Architecture (PIA)
The PeopleSoft Internet Architecture (PIA) is a server-centric component architecture that enables secure end user access to PeopleSoft applications. Its components include the following:
• Internet Access Device
• Web Server
• Application Server
• Database Server
Each component fulfills a unique niche within the system, all of which are described in the PeopleSoft Internet Architecture Components lesson of this course.
With PIA there is no "traditional" client. Workstations simply need to have a supported browser installed. No other applets or connectivity software is needed on the workstation that runs the browser because all processing occurs at the server level. Dynamic HTML, rendered by the Application Server, is passed to the Web Server and sent on to a supported browser interface.
PeopleSoft Integration Technologies:
•Application Messaging - System-to-system communication.
•Component Interfaces - Transactions from external systems to PeopleSoft.
•Application Engine - Used in batch application processing.
•File Layouts - Used for integration with legacy systems.
PIA supports pure internet access for all PeopleSoft applications. It enables you to take advantage of all of the PeopleSoft intranet and internet solutions, as well as the PeopleSoft Integration Technologies, such as Application Messaging.
These technologies streamline integration of PeopleSoft applications with other PeopleSoft applications, custom internal systems, eMerchants, and customer trading partner systems. By supporting the open flow of information between systems, the PeopleSoft Integration Technologies provide true internet- based system integration.
The PeopleSoft Internet Architecture delivers intuitive, high-performance, HTML-based thin client applications that run on any machine with internet access. PIA deploys all transactions through a web browser.
Benefits of Browser-Based Deployment
•Minimizes the Training Effort
•Reduces Application Deployment Costs
•Lowers Client Hardware Requirements
•Allows Extensive Portability
There are two basic access methods with the PeopleSoft Internet Architecture:
(1) Directly, through a delivered homepage dedicated only to PeopleSoft applications, or
(2) Through a portal that may contain non-PeopleSoft content references.
Both of these deployment options are further discussed in the PeopleSoft Development and Deployment lesson of this course. Both options provide the benefits listed above of browser-based deployment.
Minimizes the Training Effort:
• Simple access
• Intuitive web look and feel
Less training is needed because most people with access to computers are very familiar with the look and feel of web pages, and know how to navigate within web browsers like Yahoo! and Amazon.com. End users just click a hyperlink to enter the PeopleSoft applications.
Reduces Application Deployment Costs:
• HTML-based for low bandwidth access
• HTML and JavaScript deployed to the browser
• No client installations required
Browser-based applications are easily deployed to end users.
By placing a hyperlink in an email or on a corporate website, users can access the applications just like they access any other website.
The cost of deploying browser-based applications is close to zero.
Lowers Client Hardware Requirements:
• Robust, scalable server-centric architecture
• Supports thousands of concurrent users
Because the browser-based applications put very small demands on the client machine, the end user does not need a high-end, expensive computer to use PeopleSoft applications. This means lower costs to customers, as they will not need to upgrade their client machines in order to use the latest PeopleSoft release.
Allows Extensive Portability:
• Web browser independence
• Client operation system independence
HTML browser-based applications are very portable across client operating systems. As long as the end user has a currently supported browser that is JavaScript 1.1 compliant, access to PeopleSoft applications can be through a Windows, Mac, Linux, or Unix client machine. From an end user's perspective, browser-based application deployment of PeopleSoft applications is cost-effective and easy to use.
Because PIA is completely server-based, client machines to this architecture can be nearly any kind of internet-enabled device, including:
• Web browser running on a PC or Macintosh
• Wireless device or cell phone
• External or third-party system
These devices use the standard internet technologies: HTTP, HTML, WML, and XML.
A web browser running on a workstation (client) using the HTTP protocol is the most common internet access. The browser does not download any applets nor does it require any plug-ins. Rather, a servlet installed on the Web Server facilitates all browser connections to the Application Server through JOLT.
When the browser sends a request to the Web Server, it is forwarded to the Application Server.
The Application Server sends only the following back to the browser:
• HTML
• JavaScript
• Cookies
The client workstation is free of any processing responsibility because there are no PeopleSoft executables on the client. This is why PeopleSoft Internet Architecture is termed an "architecture without a client."
With PeopleSoft Internet Architecture, only a single sign-in is needed between PeopleSoft databases. This is possible by leveraging Web Browser cookies that store a unique access token for users when they are initially authenticated. The token in the browser cookie is used to re-authenticate users when they connect to other PeopleSoft systems. This way, a user does not have to go through the sign-in process again. The browser cookie is stored in memory and never written to disk. It is encrypted by the Web Server and check-summed to prevent snooping and tampering.
As you can see, there is no "traditional" client involved in PeopleSoft Internet Architecture. The system sends pure HTML to a supported browser interface, while all processing occurs at the server level.The Web Server must be Java-enabled so that it can run the PeopleSoft-delivered Java Servlets that are installed as part of PeopleSoft Internet Architecture. One of these is the Portal Servlet, which relays all inbound and outbound transaction requests for the browser.
Using JOLT, the Web Server communicates browser requests to the Application Server. The pure HTML that the Application Server generates is formatted and presented in the browser by the Portal Servlet.
Together the Web Server and the Application Server make up the middle-tier of PIA; however, the Application Server does most of the work.
The Application Server is the core of PeopleSoft Internet Architecture. It handles messages from the Web Server through JOLT and executes all PeopleSoft business logic. In addition, it maintains the SQL connection to the Database Server for both browser requests and for the PeopleSoft development environment. PeopleSoft uses TUXEDO to manage database transactions.
At execution time, the Application Server fetches the most recent application definitions from the Metadata Repository of the Database Server. The Application Server caches the definitions in memory and executes the business rules, based on the definitions. Definitions such as pages, are created using the Application Designer tool in the PeopleSoft 8 development environment.
The Application Server consists of numerous PeopleSoft services and server processes that handle transaction requests. One of these server processes, PSAPPSRV, performs all application processing for a PeopleSoft internet session and generates the HTML to be displayed in the browser. For example, it is the PSAPPSRV process of the Application Server that builds and loads the pages which are then transmitted to the browser, as requested, through the Web Server.
As you can see, the Application Server is truly the heart of PeopleSoft Internet Architecture.
Just as in the PeopleSoft three-tier architecture, with the PeopleSoft 8 Internet Architecture, information is stored on the Database Server in three types of tables: System Catalog Tables, PeopleTools Tables, and PeopleSoft Application Data Tables. Each table type contains specific information that is related to running PeopleSoft applications.The PeopleSoft database is the repository for all information that is managed by PeopleSoft applications. Not only is application data stored in the database, but the PeopleSoft metadata is also maintained in the database. Metadata is what drives PeopleSoft Internet Architecture. Because PeopleSoft architectures have always been metadata-driven, PeopleSoft has been able to make the leap from client/server to internet-based applications without having to completely rewrite existing applications.
Several internet-related definitions were enhanced in PeopleTools 8.4 to enable full internet application development. These are the HTML Catalog, images, and style sheets. Just like fields, records, pages, menus, and other definitions, these definitions are stored in the PeopleTools Tables of the Database Server, and are fully upgradeable.
Multiple Application Servers can be connected to a single Database Server, which simultaneously handles the Application Server connections and development environment connections
Traversing the Dept Security tree
We can use the connect by prior function provided by Oracle to traverse the Dept security Tree . Suppose an Organization has 7 levels in Dept tree i.e. 1 to 7 .
We want to traverse the dept tree from level 3 to level 6.
Also we know the deptid at the level 3 say 'LVL3-DPT' .
We can use the following SQL to traverse the whole tree (3-6) starting from 'LVL3-DPT'. Only child of 'LVL3-DPT' will be seen in sql output. The starting deptid has to be used with "START WITH " clause.
SELECT TR.TREE_NODE , TR.TREE_LEVEL_NUM
FROM PSTREENODE TR
WHERE TR.TREE_NAME = 'DEPT_SECURITY'
AND TR.SETID = $SETID
AND TR.EFFDT = (SELECT MAX(TR_ED.EFFDT) FROM PSTREENODE TR_ED
WHERE TR.SETID = TR_ED.SETID AND TR.TREE_NAME = TR_ED.TREE_NAME
AND TR_ED.EFFDT <= TO_DATE (SYSDATE, 'DD/MM/YY'))
AND LEVEL <= (6 - 3 + 1)
CONNECT BY PRIOR TR.TREE_NODE = TR.PARENT_NODE_NAME
START WITH TR.TREE_NODE = 'LVL3-DPT'
Subscribe to:
Posts (Atom)