OBIEE Security

Last updated on Sep 27 2021
Ketan Gandhi Gandhi

Table of Contents

OBIEE Security

OBIEE security is defined by the use of a role-based access control model. It is defined in terms of roles that are aligned to different directory server groups and users. In this chapter, we will be discussing the components defined to compose a security policy.

One can define a Security structure with the following components

  • The directory Server User and Group managed by the Authentication provider.
  • The application roles managed by the Policy store provide Security policy with the following components: Presentation catalog, repository, policy store.

image1 9

Security Providers

Security provider is called in order to get the security information. Following types of security providers are used by OBIEE −

  • Authentication provider to authenticate users.
  • Policy store provider is used to give privileges on all applications except for BI Presentation Services.
  • Credential store provider is used to store credentials used internally by the BI application.

Security Policy

Security policy in OBIEE is divided into the following components −

  • Presentation Catalog
  • Repository
  • Policy Store

Presentation Catalog

It defines the catalog objects and Oracle BI Presentation Services functionality.

Oracle BI Presentation Services Administration

It enables you to set privileges for users to access features and functions such as editing views and creating agents and prompts.

Presentation Catalog privileges access to presentation catalog objects defined in the Permission dialog.

Presentation Services administration does not have its own authentication system and it relies on the authentication system that it inherits from the Oracle BI Server. All users who sign in to Presentation Services are granted the Authenticated User role and any other roles that they were assigned in Fusion Middleware Control.

You can assign permissions in one of the following ways −

  • To application roles − Most recommended way of assigning permissions and privileges.
  • To individual users − This is difficult to manage where you can assign permissions and privileges to specific users.
  • To Catalog groups − It was used in previous releases for backward compatibility maintenance.

Repository

This defines which application roles and users have access to which items of metadata within the repository. The Oracle BI Administration Tool through the security manager is used and enables you to perform the following tasks −

  • Set permissions for business models, tables, columns, and subject areas.
  • Specify database access for each user.
  • Specify filters to limit the data accessible by users.
  • Set authentication options.

Policy Store

It defines BI Server, BI Publisher, and Real Time Decisions functionality that can be accessed by given users or users with given Application Roles.

Authentication and Authorization

Authentication

Authenticator Provider in Oracle WebLogic Server domain is used for user authentication. This authentication provider accesses users and group information stored in the LDAP server in the Oracle Business Intelligence’s Oracle WebLogic Server domain.

To create and manage users and groups in an LDAP server, Oracle WebLogic Server Administration Console is used. You can also choose to configure an authentication provider for an alternative directory. In this case, Oracle WebLogic Server Administration Console enables you to view the users and groups in your directory; however, you need to continue to use the appropriate tools to make any modifications to the directory.

Example − If you reconfigure Oracle Business Intelligence to use OID, you can view users and groups in Oracle WebLogic Server Administration Console but you must manage them in OID Console.

Authorization

Once authentication is done, the next step in security is to ensure that the user can do and see what they are authorized to do. Authorization for Oracle Business Intelligence 11g is managed by a security policy in terms of Applications Roles.

Application Roles

Security is normally defined in terms of Application roles that are assigned to directory server users and groups. Example: the default Application roles are BIAdministrator, BIConsumer, and BIAuthor.

Application roles are defined as functional role assigned to a user, which gives that user the privileges required to perform that role. Example: Marketing Analyst Application role might grant a user access to view, edit and create reports on a company’s marketing pipeline.

This communication between Application roles and directory server users and groups allows the administrator to define the Application roles and policies without creating additional users or groups in LDAP server. Application roles allows business intelligence system to be easily moved between development, test and production environments.

This doesn’t require any change in security policy and all that is required is to assign the Application roles to the users and groups available in the target environment.

image2 8

The group named ‘BIConsumers’ contains user1, user2, and user3. Users in the group ‘BIConsumers’ are assigned the Application role ‘BIConsumer’, which enables the users to view reports.

The group named ‘BIAuthors’ contains user4 and user5. Users in the group ‘BIAuthors’ are assigned the Application role ‘BIAuthor’, which enables the users to create reports.

The group named ‘BIAdministrators’ contains user6 and user7, user 8. Users in the group ‘BIAdministrators’ are assigned the Application role ‘BIAdministrator’, which enables the users to manage repositories.

So, this brings us to the end of blog. This Tecklearn ‘OBIEE Security’ blog helps you with commonly asked questions if you are looking out for a job in Oracle BI. If you wish to learn OBIEE and build a career in Business Intelligence domain, then check out our interactive, Oracle Business Intelligence Enterprise Edition (OBIEE) Training, that comes with 24*7 support to guide you throughout your learning period. Please find the link for course details:

https://www.tecklearn.com/course/oracle-business-intelligence-enterprise-edition-training-and-certification/

Oracle Business Intelligence Enterprise Edition (OBIEE) Training

About the Course

Oracle Business Intelligence Enterprise Edition (OBIEE) Training and Certification training course lets you master the Oracle Business Intelligence and Analytics platform. You will gain in-depth knowledge on OBIEE advanced features, BI dashboards, reports, etc., through hands-on training sessions. This course is meant to provide detailed knowledge of the OBIEE 12c. You will be trained in various Business Intelligence scenarios, BI life cycle, concepts of OLAP and working with charts and graphs.

Why Should you take OBIEE Training?

  • The average salary for “oracle business intelligence consultant” ranges from approximately $76,703 per year for Business Consultant to $113,285 per year for Full Stack Developer. -Indeed.com.
  • Oracle Business Intelligence has a market share of around 8% globally.
  • OBIEE gives you experience with next-generation solutions that can help strategize, plan and optimize business operations. Allow you to become an Oracle Certified Expert or Oracle Implementation Specialist of an in-demand solution.

What you will Learn in this Course?

Data Modelling and Data Warehousing Concepts

  • Introduction to Oracle Business Intelligence Enterprise Edition (OBIEE)
  • Data models
  • Data warehousing
  • Data modelling implications and the impact of Data modelling on business intelligence

Business Intelligence Concepts

  • Overview of Business Intelligence
  • Description of BI Stack: BI technology, BI Server and BI Scheduler
  • Need for reporting in business
  • Difference between OLTP and OLAP
  • Multidimensional and relational analytical processing

OBIEE Installation

  • OBIEE Installation (12c)
  • Oracle Business Intelligence Suite
  • Architecture of OBIEE
  • Key features and components

Online Analytical Processing (OLAP)

  • Concept of Online Analytical Processing
  • Significance of OLAP in business intelligence life cycle
  • Star Schema and Designing with Star Schema
  • Enterprise information model
  • Snow flake and constellation

Oracle BI Repository

  • What is Oracle Business Intelligence Repository?
  • Directory structure installation, services,
  • Analytics and interactive reporting,
  • Dashboard creation and multiple report creation

Business Intelligence Repository Business Model

  • How to build a Business Model and Mapping Layer in BI Repository
  • Data format, Conditional format, Removing filters,
  • Report Saving
  • Creation of new folder
  • Working with the Enterprise Manager
  • Testing and validation of the Repository
  • Understanding the process of Cache disabling
  • Dashboard prompt and filtering

Dashboard Creation

  • Creation and Setup of OBIEE Dashboard
  • Basics of OBIEEE dashboard
  • Deploying Dashboard Builder for building Dashboards
  • Edit, Share and Save options in Dashboard analysis
  • Process of Cache creation and clearing
  • ODBC functions
  • Logical Table Source, Summary and Detail Report

OBIEE Repository

  • OBIEE Repository
  • Creation of Test Report and adding calculations
  • Deployment of OBIEE analysis
  • Repository variables, session and presentation variables

OBIEE Security & Management

  • Securing the Oracle Business Intelligence Suite with Enterprise Manager
  • Creation of alerts and notifications
  • Administration, Maintenance and Grouping
  • Types of security in OBIEE
  • Task and folder level security

Differences between OBIEE 11g and 12c

  • Hands on Variables

New Features of OBIEE 12c

  • Repository Development
  • Catalog Development
  • Deployment-Online
  • RPD Deployment

 

0 responses on "OBIEE Security"

Leave a Message

Your email address will not be published. Required fields are marked *