Search Results jtf_auth_principals_b

Overview

The JTF_AUTH_PRINCIPALS_B table is a core repository for security principals within the Oracle E-Business Suite CRM Foundation (JTF) module. It serves as the master table for all entities—specifically users and roles—that can be granted permissions within the application's discretionary access control (DAC) framework. Every record in this table represents a unique security identity, which is a fundamental building block for the authorization model. Its primary role is to establish a normalized, central reference point for principals, enabling the complex mapping of users to roles, roles to permissions, and the inheritance of access rights across the CRM architecture.

Key Information Stored

The table's structure is designed to differentiate between user and role principals while maintaining a unified identifier. The most critical columns include the surrogate key JTF_AUTH_PRINCIPAL_ID, which uniquely identifies each principal record. The PRINCIPAL_NAME column holds the unique name of the principal, such as a role name or a username. The IS_USER_FLAG is a decisive indicator; when set to '1' (or 'Y'), it signifies the principal is a user, and the USER_ID column then holds a foreign key reference to the corresponding user in the FND_USER table. If the flag indicates a role, the USER_ID is null. The PRINCIPAL_DESC_ID column links to the translated description of the principal in the JTF_AUTH_PRINCIPALS_TL table.

Common Use Cases and Queries

This table is central to user authorization and security reporting. Common operational scenarios include querying all roles in the system, identifying which principals are mapped to a specific user, or validating a user's effective access by tracing role memberships. A typical query to list all role principals would be: SELECT principal_name FROM jtf_auth_principals_b WHERE is_user_flag = '0' ORDER BY principal_name;. To find the JTF principal record for a specific EBS user, one would join to FND_USER: SELECT p.principal_name, p.jtf_auth_principal_id FROM jtf_auth_principals_b p, fnd_user u WHERE p.user_id = u.user_id AND p.is_user_flag = '1' AND u.user_name = '&USERNAME';. This table is also frequently joined with mapping tables like JTF_AUTH_PRINCIPAL_MAPS to resolve role hierarchies.

Related Objects

The JTF_AUTH_PRINCIPALS_B table has extensive relationships, acting as a hub for the authorization schema. Key documented foreign key relationships include:

• JTF_AUTH_PRINCIPALS_TL: Joined via PRINCIPAL_DESC_ID for translated descriptions.
• JTF_AUTH_PRINCIPAL_MAPS: Referenced twice, for both the child principal (JTF_AUTH_PRINCIPAL_ID) and the parent principal (JTF_AUTH_PARENT_PRINCIPAL_ID), defining role membership and inheritance.
• JTF_AUTH_ACCT_ROLE_MAPS, JTF_AUTH_READ_PERMS, JTF_AUTH_ROLE_PERMS, JTF_DAC_ROLE_PERM_CRIT: Joined via JTF_AUTH_PRINCIPAL_ID to assign account access, read permissions, role permissions, and permission criteria.
• JTF_UM_SUBSCRIPTIONS_B: Referenced by AUTH_DELEGATION_ROLE_ID for user management delegation roles.
• JTF_UM_SUBSCRIPTION_ROLE & JTF_UM_USERTYPE_ROLE: Joined via PRINCIPAL_NAME for subscription and user type role assignments.

These relationships underscore its critical position in the CRM security infrastructure.