Continuing with the review of Oracle Fusion Applications Development and Extensibility Handbook (Oracle Press) I’m going to look at chapters 3 & 4. Chapter 3 looks at the different types of Flex Fields from the well known Dynamic Flexfields (DFF) and the more advanced EFFs and KFFs (different ways to provide more advanced flex values such as linking other tables of data).

The book describes briefly the steps to utilise many of the capabilities with some screenshots but don’t mistake this for a detailed key this value followed by click that button combined with screenshots of every step for all aspects (if you did that we’d probably trying to read 5000 pages not 500). So if you want to see and feel all the different aspects explained you will need to have an instance of Fusion apps to try the techniques out with. For me, this is no bad thing, I want to understand what the capabilities are and a sense of the effort and complexity involved – if I want to have blow by blow guide I’d turn to OTN and the tutorial video clips being made available everyday by Oracle on YouTube.

The book also recognises not all strategies are available with all Fusion apps and what can therefore be done. Either by implementing the capability yourself, or asking Oracle to prioritise feature development in the Fusion apps domain.

Unusually rather than continuing with customisation capabilities in Chapter 4 we look at Security. This is no bad thing as if you want to achieve security in depth you need to understand how it can be incorporated at every level as you go rather than as an after thought at the end. But as you go through this chapter you’ll see just how central the security framework is to working with Fusion Apps.

The security perspective comes primarily from an authentication and authorisation (A&A) perspective so bringing in OAM and OID along with related tooling (including APM which is a central tool for Fusion Apps Security). The A&A framework provides an advanced hierarchy of roles and permissions as the capability to integrate extensions with it. The book again provides a solid foundation on which you can build specific implementation understanding.  Security comes in two forms – functional (i.e. restricting access to Fusion app capabilities) and data (which records a user can or cant see). The fascinating aspect for me is the data view because the different organisational possibilities that can influence the data you can or can’t see – for example by value, by internal organisational structures such as departments, by suppliers/partners/customers and so on (Oracle use the terminology of sets).

Security considerations go beyond just managing major roles, but how to autoprovision users (i.e. I create an OID entry for a new employee – how to provide them with a standard set of credentials). How to interact with Fusion Apps at the web service level from inside or outside the secured FusionApps environment.

As with Chapter 3, there are illustrations on how to establish some security settings and leverage security for your own development, but not in an exhaustive click by click manner.

Both chapters, particularly Chapter 4 introduce the ideas and approaches in a succinct manner explaining both the more well known concepts but also the more advanced capabilities along with identifying some common challenges and how they can be overcome (through the provision of tooling or technique for diagnosis).

So far this has been the best introduction to Fusion Applications I have come across.