II 6. Securing Web Libraries

A.     Introduction to Web Libraries

PeopleSoft provides a way for the developers to create custom pagelets to extend the functionality of the application or to display information fetched from a different database using Hypertext Transfer Protocol (HTTP). These custom pages or pagelets utilize special PeopleCode functions called iScripts (Internet Scripts) that generate dynamic content based on request-response paradigm of the HTTP. For example, the navigation collections that appear in the main window of the PeopleSoft application upon selecting a menu is generated using iScripts.

iScript PeopleCode functions are stored as function libraries (FUNCLIBS) in special derived records in Application Designer as field formula PeopleCode. These special records, called Web libraries have a standard naming convention of WEBLIB_%.

When PeopleSoft attempts to generate the dynamic HTML page or pagelet area during a user session, the logged in user should have access to invoke the particular web library and the iScript being called by the url parameters of the HTML page. There are several Web libraries that are required for users during the general usage of the PeopleSoft application. It is recommended that these and any other Web Libraries specific to your environment be added to a common role that is granted to all users.

Name Description
WEBLIB_NAVMAIN Contains iScripts for the menu pagelet, drop-down navigation, and left-hand navigation for transaction pages.
WEBLIB_PORTAL Contains iScripts for functionality of the portal header, homepage, side navigation etc
WEBLIB_PT_NAV Contains iScripts for the menu pagelet, drop-down navigation, and left-hand navigation for transaction pages.
WEBLIB_PTPP_PGT Renders navigation pagelets without Pagelet Wizard.
WEBLIB_PTPP_SC Contains iScripts for generating navigation pages and the Main Menu navigation pagelet.
WEBLIB_PTPPB Contains iScripts for displaying Pagelet Wizard pagelets as homepage pagelets and template pagelets
WEBLIB_PTPPB1 Contains an iScript for displaying Pagelet Wizard pagelets as WSRP portlets
WEBLIB_QUERY Contains the iScripts for generating a URL for running queries
WEBLIB_RPT Contains iScript for the Run report to window output option. Supports access to the new browser window
WEBLIB_TIMEOUT Contains iScripts for generating an inactivity timeout warning script.
WEBLIB_SOAPTOCI This is the entry point for ExcelToCI and the WSDL Discovery

 

** Not all web libraries listed above are always required. There could be other web libraries required depending upon the specific implementation. The above list is to serve as a starting point for web libraries access while designing security.

B.     Assign Web Libraries to Permission List (PSAUTHITEM):

 

  1. Navigate to Permission Lists page and open the permission list you want to assign the access to.
  2. Once in the Permission list, go to the Web Libraries tab.
  3. In the Web Libraries grid, enter the name of the Web Library and hit tab.
  4. Click on the ‘Edit’ hyperlink that becomes available.
  5. On the Weblib Permissions page, select ‘Full Access’ from the drop down for the functions that you want the user to be able to access. Select ‘No Access’ for the functions that user should not be able to call.
  6. Click OK, and save the permission list.

18

Figure III‑17 Permission List – Web Libraries

19

Figure III‑18 Permission List – Web Libraries – Weblib Permissions

** You can click on ‘Full Access (All)’ button on the Weblib permissions page to grant access to all functions in the Web Library or ‘No Access (All)’ to remove access to all functions in the Web Library (same as deleting the entire Weblib from the permission list access).