Bookshelf v10.1.3.2: Security Section Parameters in the Configuration File

The security parameters specify default values for the Oracle Business Intelligence Server security features. For more information about security, see the chapter on security in Oracle Business Intelligence Server Administration Guide and sections (such as the section on setting up LDAP authentication) in the Oracle Business Intelligence Server Administration Guide.

DEFAULT_PRIVILEGES

Specifies the values users and groups are assigned when they are initially created.

PROJECT_INACCESSIBLE_COLUMN_AS_NULL

The default value for PROJECT_INACCESSIBLE_COLUMN_AS_NULL changes based on the type of install. If you are running the Oracle BI platform only, the value is NO.

The flag PROJECT_INACCESSIBLE_COLUMN_AS_NULL must be set to TRUE to enable the SQL command CHOOSE.

selects the first valid expression from a list of expressions. A valid expression here is an expression in which all referenced columns are accessible by the current query user.

MINIMUM_PASSWORD_LENGTH

A security measure used to enforce strong passwords. The minimum length is enforced when a user logs in. For example, if MINIMUM_PASSWORD_LENGTH is set to 8, then any user's password is rejected unless it has at least 8 characters.

The default value is zero if you install using the Basic install type, and 8 if you install using the Advanced type.

SSL

The following parameters are for enabling Secure Socket Layer (SSL) communication with the Oracle BI Cluster (NQClusterConfig) and Oracle BI Server (NQSConfig). If you plan to enable SSL communication with these components, the SSL parameter are uncommented and set to YES and the SSL_CERTIFICATION_FILE is set to the path of the certification file. For more information on SSL and certification files, see the Oracle Business Intelligence Enterprise Edition Deployment Guide.

SSL_CERTIFICATE_FILE

SSL_PRIVATE_KEY_FILE

SSL_PK_PASSPHRASE_FILE

SSL_PK_PASSPHRASE_PROGRAM

SSL_VERIFY_PEER

SSL_CA_CERTIFICATE_DIR

SSL_CA_CERTIFICATE_FILE

SSL_TRUSTED_PEER_DNS

SSL_CERT_VERIFICATION_DEPTH

SSL_CIPHER_LIST

AUTHENTICATION_TYPE

Specifies the type of authentication the Oracle Business Intelligence Server uses to authenticate the Oracle Business Intelligence Server users.

Valid values are NQS, DATABASE, and BYPASS_NQS. The default authentication mechanism is NQS.

Table 23. Oracle Business Intelligence Server Authentication Types
Type	Description
NQS	Authentication is done by the Oracle Business Intelligence Server. NOTE: For Oracle BI applications, the Oracle Business Intelligence Server in turn can be set up to authenticate using Microsoft ADSI, an LDAP server, or a database. See the Oracle Business Intelligence Enterprise Edition Deployment Guide.
NQS
DATABASE	Specify the database name in the Physical Layer of the repository to be used for database authentication. The first connection pool for this database is used for authentication. When the user logs into the Oracle Business Intelligence Server, the submitted logon name and password is used to connect to the database. If this connection succeeds, the user is considered to be successfully authenticated.
DATABASE
BYPASS_NQS	Authentication is against the database to which user queries are sent, using the submitted user name and password. For example, if a user runs a query tool against the Oracle Business Intelligence Server with the user name of "Test" and a password of "Test," this user name and password are used to connect to the underlying database server. If this represents a valid user to the underlying database server, the user is considered authenticated. The user's privileges are enforced by the underlying database server based upon the user name used to log in, as appropriate.
BYPASS_NQS