Friday, 29 June 2012

Differences between OBIEE 10g and 11g security models?


Security Task/Object
OBIEE 10g
OBIEE 11g
Define Users and Groups in RPD file using OBIEE Admin Tool
Default
N/A. By default, users are defined in embedded WLS LDAP via FMW EM Console, or alternatively, in external LDAP.
Defining security policies
Policies in the catalog and repository can be defined to reference groups within a directory
Policies are defined in terms of application roles, which map to users and groups in a directory.
“Administrator” user
Unique user with full administrative privileges
No single user named for full administrative privileges. Administration can be performed by any user who is member of BIAdministrators group.
Repository encryption
Available on sensitive elements only – i.e. user passwords, connection pool passwords, etc.
Entire RPD encrypted via a password.
External Authentication and OBIEE Initialization (Init) Blocks
Init blocks are required for external LDAP or external table authentication.
Init blocks not required for WLS embedded LDAP. Init blocks are required for external LDAP or external table authentication.
Catalog Groups
Defined in Presentation Server Administration link
Available for backward compatibility. Use of Application Roles in FMW EM Console recommended.
SA System Subject Area
Optional
Available for backward compatibility and requires init blocks and external tables. Use of Embedded LDAP is recommended.
“Everyone” Presentation Server Group
Default
Replaced with AuthenticatedUser role

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...

ShareThis