The Feature
Do Not Forward Oracle Notifications from Outlook!
February 9, 2006 on 9:44 pm | by Marian Crkon | In Feature of the Week | Enter Comments |
Print
| 
Email
You can encounter this feature if you are using Oracle Internet Expenses and use email notifications to approve expense reports:
The Feature
There is a vulnerability in iExpenses approval workflow. Here is a scenario:
- Employee enters his expenses report and submits to his manager
- Manager receives an email notification to approve the expense report
- Manager forwards the notification USING OUTLOOK FORWARD FUNCTION (not an Oracle link provided in the email) to the the expense report preparer requesting more information.
- Employee receives the manager’s approval email, and is able to approve his own expense report.
- Expense report in iExpenses becomes approved, and shows it was approved by the expected approver.
The Summary
Employee can approve his own expense report after his manager forwarded the approval email to him. Furthermore, in Oracle iExpenses it looks like the expense report was approved by the manager himself.
The Workaround
Configure the Workflow Mailer to not allow a user to respond by email to an email notification that has been forwarded from another user. As Oracle Applications Manager (available from the Oracle Applications Rapid Install Portal window):
- Log in as Oracle Application Manager
- Navigate to Workflow Manager page
- Under Workflow System: click on Notification Mailers
- Click on your Mailer Name, and then Edit.
- Navigate to Edit Workflow Mailer: EMail Servers page.
- Make sure to uncheck the Allow Forwarded Response flag.
No Comments yet »
RSS feed for comments on this post.
Leave a comment
Popular Topics
-
Analysis
Assets
Billing
BI Publisher
Blogs
Calendar
COLLABORATE
Conversations
Conversion
Costing
DataLoad
EBS
Experience
Financials
Flexfields
FSG
Fun
Fusion
GL
Go Live
Guides
HRMS
Ideas and Opinions
iExpenses
Implementation
Integration
Intercompany
Linux
MOAC
OAUG
OpenWorld
Oracle
OTL
Partners
Payables
Payroll
Press
Projects
Purchasing
R12
Receivables
Reviews
SQL
Support
SysAdmin
Training
Usability
WebADI
Workflow
YouTube
Most Popular
- How to Use XML Publisher to Generate Oracle Reports in Excel and PDF (113,009 Views)
- How To Set Up Oracle iExpenses (61,860 Views)
- Application Blogs I Read and Why You Should Too (54,172 Views)
- Sample DataLoad Templates for Oracle Financials (50,539 Views)
- New Features in Oracle HRMS Release 12 (44,654 Views)
- Nobody Knows Oracle Projects, Right? (38,651 Views)
- Go-Live Checklist for Oracle Financials (29,197 Views)
- Projects, Templates Form Does Not Let You Update More Than 25 Records (28,970 Views)
- Sample Operational Analysis Questionnaires for Oracle Financials and Projects (28,884 Views)
- Oracle Internet Expenses Has Grown Up (28,014 Views)
Most Recent
- How To Set Flexible PO Approval Limits
- Let’s Make Entry of Project-Related Purchasing Documents Easier!
- Sample DataLoad Templates for Oracle Financials
- Confused About Setting Up MOAC in R12?
- Take the Oracle Financials Product Strategy Survey
- OAUG Invites You to Present at COLLABORATE11 in Orlando
- How To Capitalize Legacy CIP Costs in Oracle Projects
- Who Knew? YouTube Becoming a New Oracle Training Resource?
- Projects, Templates Form Does Not Let You Update More Than 25 Records
- Check Out New User Interface Applications from Project Partners
Categories:
Quick Oracle Links
Disclaimer
Opinions expressed on this site are entirely of their authors and do not neccessarily reflect the position of Oracle, its partners and customers, or any other organization.
Oracle Applications and other Oracle products and services mentioned on this site are trademarks of Oracle Corporation, and use of these product names does not imply any association with Oracle.
Any tips or advice provided on this site may not apply to your own particular circumstances and no warranty is offered on their use.
This site looks its best if you
Powered by WordPress with Pool theme design by Borja Fernandez.
Entries and comments feeds.
Valid XHTML and CSS. ^Top^