OBIEE Step by Step Guide

October 29, 2009

OBIEE Security FAQ Explained

How is security set up in OBIEE?  How many methods of security can be set up in OBIEE..

Lets start with Authentication and Authorization. 

Authentication is process of confirming whether the user is a valid user or not. Is he part of this company? Is he an employee of our external suppliers?

 Authorization is process of giving access to different pieces of the OBIEE. One user “UserA” can access dashboards, can create iBots, can schedule reports and can do administrative tasks. Another user “UserB” can see only part of what “UserA” has access to and “UserB” has access to some other tabs of the dashboard that “UserA” does not.

This layer of separating who can access what is done as part of Authorization.

How does OBIEE handle Authentication?

Its very flexible and can be integrated to one of your existing technologies like LDAP, Oracle EBS, AD, Oracle Database. So, do the same username have to exist in OBIEE security layer as part of rpd development? Yes, by default, OBIEE stores list of usernames and passwords and checks incoming credentials against it. 

Heard about External Table Authentication? Where does this come into play?

Instead of storing usernames and passwords directly in the rpd, these are stored in the database for better management purposes. This also helps in rpd migration and deployment across multiple environments.

 How is Authorization handled in OBIEE?

Authorization is done as part of security in Presentation Services.

 Does OBIEE have two layers of security?

Yes, first at the rpd level and second at the presentation services level.

Do you have to have the same username established at both rpd and presentation services levels for this to work?

Not necessarily based on my knowledge.. I will let others comment on this 🙂

What kind of priveleges can be granted from presentation services level?

Access to iBots, certain tabs in the dashboard, delivers, alerts, schedule reports etc etc..

Why is OBIEE security different compared to other BI tools?

Because its very flexible and can integrate into any existing security architecture an organization has built and reduces the need for one more layer of administration.. 

Did Oracle OBIEE did a good job of communicating and convincing the user community regarding the security architecture?

Probably not.. I understand the complexity behind this and the mere flexibility of the tool makes this even difficult.

 Until next time, kudos to all OBIEE evangelists

Thanks for your feedback……

 

Advertisements

Create a free website or blog at WordPress.com.