Security can be considered as one of the important aspects of project implementation in OBIEE. You can implement the security in many ways either by defining the security in the repository or by the implementation of the external tables. You can also work out the LDAP authentication or the database authentication. Now, let us go through each of the ways in details.
Classify Security In Repository: You can create different users and the groups for defining the authentication and the permissions within the Oracle BI tool of administration. Through the repository, the permissions to the users and the groups are allowed with ease. There are some privileges which are offered exclusively for the individual user and not for the group. In cases of conflicts within the group, all the privileges with less restriction can be applied.
LDAP Authentication: The Lightweight Directory Access Protocol or LDAP authentication can be implemented by many of the companies for the authentication of their server. But for the project some companies may prefer the Active Directory Service Interface (ADSI). The LDAP server can be created by the security manager through a specific step. You can proceed to the Action >New>LDAP server. The LDAP server dialog box will open after this action. Here the specific parameters can be filled like the LDAP version, name, port no., host name, base DN, Bind DN. The settings of the advanced tab can also be filled up where there are fields like Enable /Disable SSL etc, Domain Identifier, Connection Time Out etc. The initialization block of LDAP can be created by associating with the LDAP server. The user here can be considered as the system variable and can easily be located in the LDAP ID. For importing the group and the user identification, the LDAP server can also be used. This server can only be used if you do not want to use the LDAP external authentication.
External Table Authentication: For implementing this authentication, you are required to create tables in the database using the groups, log level, display name, password, etc.; all the information for defining the privileges and the security. In OBIEE, for using the table you have to create a new connection pool within the physical layer for connecting the database tables. After that, the initialization block can be created for defining the connection pool of the table. The initialization string can be defined with the username, password, group name, log number, etc where the username can be given as USER and the password can remain PASSWORD. The corresponding variables with log level, user and password can also be identified. You should ensure that the order of the variables is similar to the initialize section.
Database Authentication: The modification can initially be done in the NQSConfig.ini.file. The authentication database can be specified within the security section. The users can then be created within the repository same as the user within the database. The privileges of the users can be assigned without any obstruction. The database can be imported with the physical layer of the repository by utilizing the DSN of that particular database. The non shared logon activities can be done for this particular connection. The connection pool can be used for connecting through the database properly. After you have connected, you can be authenticated with the database effectively.
The security of Oracle Business Intelligence Enterprise Edition should be configured properly by following the above mentioned ways. The security models can therefore be applied according to the type of the business intelligence edition. The database related activities can effectively be done through the secured editions of the Oracle Business Intelligence.
Author Bio: George Fleming is a well known Oracle expert who specializes in OBIEE. In this article he shares his suggestions on the security methods regarding the Oracle business Intelligence.