From the user's perspective:
1. To access application through PIA , one must have an UserID to login to the application.
3. Once Employee access the pages there might be certain fields which need to be hidden .
4. Also if the Employee has a role of Manager, and if the Manager wants to know the list of resources available from his department so that he/she can assign them to different projects in such a case the search results should show only the Resources under his department which is nothing but access restriction at data level.
5. If user wants to run a job then a process profile is required so that access is given to run only those jobs.
6. Suppose user wants to run a query through PIA, then the same can be achieved through Query Manager. To build a query , a table is required. To restrict user to build queries on only certain tables you need to assign query access profile which controls user to access certain tables.
7. Also if the Client has more than one PeopleSoft application and user wants to connect to other application without providing credentials again , this can be achieved through Single Sign on.
8. If we want user not to update any data on the page and just view it then we can set the same at the Page Permissions.
Now lets dig further and see what restrictions are there at Developer level :
1. Developers login to the tool called App Designer to build applications. If we want developers to restrict that certain objects like CI etc then we assign security at Definition level.
At PSAdmin Level:
1. The Webserver and Appserver config files will have information related to security which is used in validation of the requests that come browser and then give access to valid users.
2. Not everyone will have access to webserver and App Server. These tasks are handeled by PeopleSoft Admins (PS Admin)
This post is intended to give an Overview of PeopleSoft Security.