AP: TIN Matching Inquiry Shows Rows To Unauthorized Users
Last updated on JULY 11, 2018
Applies to:PeopleSoft Enterprise FIN Payables - Version 9.2 and later
Information in this document applies to any platform.
On : 9.2 version, General
Users are shown information related to SetIDs that they were not authorized to access.
The issue can be reproduced at will with the following steps:
1. Set Security Options
- Select User ID Level Security for Type of Security and Setid under Secured Fields
2. Define the Setid accessible by a user. In this example Setid defined for the user VP2 is SHR02.
3. Run Apply Security Setups
4. Logout and login as VP2
5. Test the changes by navigating to Supplier > Supplier Information > Maintain >TIN Matching Inquiry > Extract TIN Matching File
6. Click Look up for Setid
- Notice that it is showing only SHR02 which is correct
7. Leave the Setid search parameter as blank
8. Click Search.
- The result shows rows with Setid that was not defined for the user.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms