Skip to main content

OBIEE 11g Security




To configure security in OBIEE, use the following tools:

1. Oracle Weblogic Server Administration Console.

2. Oracle Fusion Middleware control.

3. Oracle BI Administration tool.

4. Oracle BI Presentation service.








Oracle Web logic Administration:

1. you use Oracle weblogic Administration console to manage the embedded directory server that is used to authenticate users and groups.

Oracle Fusion Middleware Control:

1. To create and manage application roles and application policies.

Oracle BI Administration tool

1. To configure privileges in metadata.



Administration page OBI Presentation Catalog:

1.To configure privileges in BI Server.

In OBIEE 11g, we have following security providers.

1.Authentication Provider:

a. The default authentication provider is the embedded LDAP server that is installed along with web logic server.

b. The name given for that is "DEFAULT AUTHENTICATOR". This is meant for authenticating users.

2. Policy Store Provider:

a. It provides user to security policy and determines what users can see, what users cannot see, what users can do and what cannot do.

3. Credential Store Provider:

b. It is responsible for storing and providing access to credentials required by OBI

c. Flexible security framework allows users easily linking to external security.

d. All enabled through Oracle platform security service(OPSS)

Installed Application Roles, Groups and Users:



BI System: Role:

1. It is used for inter application communication between the multiple OBI system components.

2. In OBIEE 10g we were having Administrator account for having communication between system components.

3. In OBIEE 11g, if we forget a password for the repository, there is no way to use the repository. i.e.., Lost password=Lost Repository

OPSS:

· Application Role:It is a defined job, role to which permissions are assigned. For example marketing manager, webcatalog Admin.



· Credential Store:Application policies are collection of permissions assigned to the roles.



· Identity Store:LDAP server, Database etc.., that stores users & groups.



· Policy Store:Files ,database etc.., that stores application roles & policies.



· Web logic server Embedded LDAP server: The built in LDAP server within web logic server(restricted use license)(Ex: Pega)



· Security Realms: It is a container for the mechanisms including users, groups, security roles, security policies and security providers that are used to protect web logic resources.





Note: While migrating security , all that we have to do is create users and groups in

the target LDAP server and migrate the application roles. Application roles will

map to the users and groups and security will be enforced as it is.







Hands On:

1.Creating Users and Groups:



· Login to Web logic Admin console

· From left side click on security realms

· From right hand side screen click my realm

· Click on users and Groups

· Click on New to create user.

· Provide name : User1

· Provide Password : Admin123

· Click on OK.

· Click on Groups

· Click on New

· Provide group name: group1

· Click on OK

· Click on Users tab

· Click on user1

· Click on Groups tab

· Select Group1 also select BI Authors

· Click on Save.



2. Creating Application Roles and Assigning Groups:




· Login to Enterprise Manager

· Expand Business Intelligence --> Select Core Application --> Right Click --> Security.

· Click on Create

· Provide the Role Name : Group1

· Provide D.Name : Group1

· Click on Add Group

· Select : Group 1

· Click on OK

· Click on OK

· Restart BI services.

· In Online mode from tool bar of the rpd click on Manage-->Identity--> You can see the User and new application role created in web logic console and Enterprise Manager.

· Now double click on User --> Role. You will be able to see permissions by using that we can implement all levels of security like OBIEE 10g.

i. Object Level Security (Table, Column )

ii. Row level security (Data level)

iii. Time period level security

Comments

  1. Thanks for sharing fabulous information.It' s my pleasure to read it.I have also bookmarked you for checking out new posts.
    Digital Marketing Training in Hyderabad


    ReplyDelete
  2. Thank for sharing Data Warehousing and Business Intelligence.

    Regards

    Salesforce Training in Hyderabad

    ReplyDelete

Post a Comment

Popular posts from this blog

Contact Me

Do You have any queries ?                   If you are having any query or wishing to get any type of help related Datawarehouse, OBIEE, OBIA, OAC then please e-email on below. I will reply to your email within 24 hrs. If I didn’t reply to you within 24 Hrs., Please be patience, I must be busy in some work. kashif7222@gmail.com

Top 130 SQL Interview Questions And Answers

1. Display the dept information from department table.   Select   *   from   dept; 2. Display the details of all employees   Select * from emp; 3. Display the name and job for all employees    Select ename ,job from emp; 4. Display name and salary for all employees.   Select ename   , sal   from emp;   5. Display employee number and total salary   for each employee. Select empno, sal+comm from emp; 6. Display employee name and annual salary for all employees.   Select empno,empname,12*sal+nvl(comm,0) annualsal from emp; 7. Display the names of all employees who are working in department number 10   Select ename from emp where deptno=10; 8. Display the names of all employees working as   clerks and drawing a salary more than 3000   Select ename from emp where job=’clerk’and sal>3000; 9. Display employee number and names for employees who earn commissi...

Informatica sample project

Informatica sample project - 1 CareFirst – Blue Cross Blue Shield, Maryland (April 2009 – Current) Senior ETL Developer/Lead Model Office DWH Implementation (April 2009 – Current) CareFirst Blue Cross Blue Shield is one of the leading health care insurance provided in Atlantic region of United States covering Maryland, Delaware and Washington DC. Model Office project was built to create data warehouse for multiple subject areas including Members, Claims, and Revenue etc. The project was to provide data into EDM and to third party vendor (Verisk) to develop cubes based on data provided into EDM. I was responsible for analyzing source systems data, designing and developing ETL mappings. I was also responsible for coordinating testing with analysts and users. Responsibilities: ·          Interacted with Data Modelers and Business Analysts to understand the requirements and the impact of the ETL on the business. ·  ...