Why do we need security in OBIEE?
OBIEE is a reporting tool wherein multiple users belonging to multiple groups create multiple reports and dashboards. Reports created by a particular group of users should be visible to that particular group only or some specific data should be visible to only a specific set of people. So, to achieve this we need to have some sort of security thereby we can protect reports belonging to a group of users from the users of other groups.
Users and Groups in OBIEE
End users who make use of OBIEE for reporting need to be defined somewhere. These users can be defined either in the OBIEE RPD, External database tables, LDAP Servers or in Active directories with their respective passwords.
The users belonging to same business unit can be clubbed and Groups can be created for them. It’s not always necessary to create users in the RPD but its necessary to create the groups in the RPD. Infact, creating several users in the RPD can be a cumbersome job and it will also increase the size of the RPD, so, according to the best practice create the users and groups on the DB(or add in AD/LDAP) and associate them with the RPD groups by creating groups of the same name on the RPD as in DB.
Authentication & Authorization
Authentication means validating the user while logging in the OBIEE application. When a user logs in the OBIEE application a request is sent to the BI Server asking that whether this user is a valid user or not. When BI Server validates the user,then only the user is able to login in the application.
Authorization means a user is authorized to view what all objects. Example, User A might be authorized to view only particular set of reports and dashboards based on the security applied.
Now we can understand these terms in detail.
Types of Security in OBIEE
Security in Oracle BI can be classified broadly into the following three types.
1. Object Level security (Authorization) Read More
2. Data Level security (Authorization) Read More
3. User Level Security (Authentication) Read More