Security
Security is very important topic in OBIEE.
Benefits of Security
- Data needs to be protected so that only authorized employees can access sensitive information.
- Employees can automatically see the information that is relevant to their roles.
- Security provides the ability to authenticate users through log on.
- Secure access controls on object and data level.
User’s Account can be defined explicitly in
- An Oracle BI server Repository
- An External Source ( Such as a database table or an LDAP Server)
How to Add User to the Repository
Go to Admin tool > Manage > Security > User > Right Click in right pane > New User
or
We can go to Admin tool > Manage > Security > Action > New > User
Now Double click on User and Window ” User” will appear.
Setting User Permissions and Logons
To set User a permissions click on Permissions button I have marked with red Square.
and one window will appear like this ,
Here from the screen shot we can allow & denied the permission.
To Specify specific database logon IDs for one or more databases. Enter the appropriate logon ID and password for the user in the logon Tab of the USER Dialog Box.
See the below 2 screen shot for logon tab.
Once you click on Logon , Another window will appear like this,
Administrator Account is a permanent user account in every Oracle BI Server Repository.
It can not be deleted or modified. We can just change the password or logging level.
Group
A group is a set of security attributes . We can use security manager to create groups and then grand membership in them to users or other groups.
Administrator is a predefined group with authority to access and modify any object in repository.Also in Administrator group, there is always a administrator member by default.
We can unlimited number of groups in repository. And Each group can contain explicitly granted privileges, Implicitly granted privileges through membership in another group.
Same as adding a User we can add Group. See below 2 screen shots.
Now from the below screen shot we can get idea about how to create group.
Authentication
Authentication is the process by which a system verifies, using a User ID and Password, that a user has a necessary permissions to logon and access the data.
Oracle BI Server authenticates each connection request that it receives.
Oracle BI Server authenticates following authentication types.
- Operating System
- External table
- LDAP
- Database
- Internal
Setting Query Limits
We can use Query limit tab for several reasons
- we can control number of rows receiver by user
- we can control maximum query run time
- we can enable or disable populate privileges
- we can enable or disable Direct Database requests.
From below scree shot you will get the exact idea what I am talking about.
Setting Time Period Restrictions
Now To set timing Restrictions click on Expression builder under Restrict column. See in below screen shot I have highlighted it. with Blue color.
From below screen shot we can get the idea how we can restrict access to a database during particular time periods.
To select a time period, click the start time and drag to the end time.
According to access click on allow and disallow.
Setting filters
Limit queries by setting up filters on objects for a user or group. From Expression Builder we can set filter.