Skip Headers
Oracle® Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition
11g Release 1 (11.1.1)

Part Number E10543-04
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
View PDF

Index

A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  R  S  T  U  V  W 

A

privileges
access rights, 2.4.3
controlling, 2.4.2.2
accessing
Fusion Middleware Control, 2.4.1.1
obi stripe, 2.4.1.1
Oracle WebLogic Server Administration Console, 2.3.2
Active Directory
configuring as authentication provider, 3.2.3.2
Add Permission dialog, 2.4.3
add-in for Microsoft Office, D.2.3.3.2
Administration Console
Provider Specific tab, 4.4.1
Provider Specific tab settings, 3.2.3.1, 3.2.3.2
to launch, 2.3.2
Administration Console, accessing, 2.3.2
Administration Page in Oracle BI Presentation Catalog
tools, 1.6.4
Administration pages, D.2.1
Administration Server, B.2
Administrator user, creation during upgrade, B.6.1.1
Administrators group,upgrade, B.6.1.1
application policies
creating, 2.4.3
Application Policies page, 2.4.1.1, 2.4.1.1, 2.4.3, 2.4.3
Application Policy
how to create, 2.4.3
how to modify, 2.4.4.1
application policy, 2.4.3
about, B.3
changing permission grants, 2.4.4.1
copying, 2.4.3
creating by copying, 2.4.3
application policy,definition, B.3
Application Role
how to create, 2.4.2.2
how to map to a Group, 2.4.2.3
how to modify, 2.4.4.2
application role, 2.4.4
add or remove members, 2.4.4.2
changing membership, 2.4.4.2
copying, 2.4.2.2
creating, 2.4.2.2, 2.4.2.2, 2.4.2.3
creating by copying, 2.4.2.2
in repository, 2.4.2.1
localising display name, B.3
mapping privileges, 2.6.3
mapping privileges programmatically, 2.6.3
mapping,definition, B.3
placeholder, 2.4.2.1
valid members, 2.4.2.2
application role, localising display name, B.3
application role,definition, B.3
Application Roles
benefits, 2.4.2.1
creating, 2.4.2.1
default, 2.4.1.2, 2.4.2.2, 2.4.2.3
example, 1.4.1, 2.2
how to map privileges to, 2.6.3
minimum required to run Oracle Business Intelligence, B.4.1.2, B.4.1.2
user membership, 2.6.1
working with default, 2.1
application roles
inheritance, D.3
permissions and privileges, D.1.3
Application Roles page, 2.4.1.1, 2.4.1.1
authenticated role, A.2.1, B.4.1.2
authentication error, 3.2.4.1, 3.2.5, 3.2.7
authentication options
authentication, about, A.1
authentication, order of, A.1.4
external table authentication, about, A.1.2
external table authentication, setting up, A.1.2
LDAP authentication, about, A.1.1, A.1.1
LDAP authentication, setting up, A.1.1.2
See also security
USER session system variable, defining for LDAP authentication, A.1.1.2
authentication provider
about, B.3
configuring Active Directory, 3.2.3.2
configuring Oracle Internet Directory, 3.2.3.1
authentication providers
configuring, 3.2.3
configuring one or more alternatives, 3.2
authenticator
about, A.1.5
custom authentication, about, A.1.5
definition, A.1.5

B

best practice
creating application roles, 2.4.2.1
HTTP and HTTPS listeners, 5.3
managing Presentation Services Catalog privileges, 2.6.1
mapping groups, 2.4.4.2
policy store, 2.4
SSL certificates, 5.4.2, 5.4.2
SSO authentication, 4
update GUID attribute value, 3.2.5
update user GUIDs, 3.2.4.1, 3.2.7
BI Presentation Server
catalog privileges, 2.6.1
BI Server
role in SSO, 4.2.2
BIAdministrator role, B.4.1.2
BIAdministrators
example, 1.4.1
BIAuthor role, B.4.1.2
BIAuthors
example, 1.4.1
BIConsumer role, B.4.1.2
BIConsumers
example Group, 1.4.1
BIDomain MBeans, 5.4.1
bifoundation_domain, 2.4.1.1, 2.4.1.3, B.2
BISystem role, B.4.1.2
BISystemUser
configuring, 3.2.6

C

cache
clearing, D.2.4
case sensitive,key, B.4.3.1
catalog
permissions, B
Catalog groups, D.2.2, D.2.2
adding to an existing group, D.2.2.3
creating, D.2.2.1
inheritance, D.3
catalog groups
upgraded systems, 2.6.1
catalog groups,deleting, 2.6.3
catalog groups,precedence, B.4.4.2
caution
application roles, 2.4.4
BISystem application role, 2.4.4.2
SSL pre-requisites, 5.4
caution, system-jazn-data.xml file, 2.4
certificate keys
creating, 5.2.2
certification information, Preface
changing, 2.4.4
application role, 2.4.4
configuring
Web server for SSL, 5.3
Control Flag settings, 4.4.1
controlling permission grants, 2.4.2.2
copy
application policy, 2.4.3
copying
application policy, 2.4.3
application role, 2.4.2.2, 2.4.2.2
coreapplication, 2.4.1.1, 2.4.1.2
create
application policy, 2.4.3
application policy by copying, 2.4.3
Create Application Grant Like dialog, 2.4.3
create application role by copying, 2.4.2.2
Create Application Role page, 2.4.2.2
Create Like button, 2.4.3
creating
application policies, 2.4.3
application role, 2.4.2.2, 2.4.2.2, 2.4.2.3
Application Roles, 2.4.2.1
certificate keys for SSL, 5.2.2
credential map
oracle.bi.enterprise, 5.2.3
trusted user, 3.2.6
credential store
migrating, 3.3
credential store provider
about, 1.10
configuring LDAP-based, 3.3
custom sso environments
configuring, 4.5
cwallet.sso file, B.4

D

dashboards
saved customizations, D.5
databases,supported, Preface
default
Application Roles, 2.4.1.2, 2.4.2.2, 2.4.2.3
location of policy store, 2.4
policy store, 3.3
Presentation Catalog privileges, 2.6.2
default directory server
add user to group, 2.3.5
change password, 2.3.6
creating a user, 2.3.3
default security configuration
default security provider configuration, B.4
implementing, B.4
default security providers, B.4
default Users, Groups, Application Roles, 2.1
default Users,Groups,Application Roles
diagram of, 2.1
default,credentials, B.4.3.1
DefaultAuthenticator, B.4
defaut directory server
creating Groups, 2.3.4
deleting
Catalog groups, D.2.2.2
deleting,catalog groups, 2.6.3
domain
about, B.2.2
relationship with Oracle WebLogic Server, B.2
downloading
Oracle BI Add-in for Microsoft Office, D.2.3.3.2
Smart View, D.2.3.3.2
dynamically loadable authenticator framework
definition, A.1.5

E

enabling users to act for others, D.6
Everyone Presentation Services Catalog group, A.2.1
example
Add Group dialog, 2.4.4.2
Application Roles page, 2.4.4.2
BIAdministrators, 1.4.1
BIAuthors Group, 1.4.1
BIConsumers Group, 1.4.1
configuring demonstration SSL certificate, 5.3
Edit Application Role page, 2.4.4.2
incorrect trust store error message, 5.3
installed Users, Groups, Application Roles, 1.7
new application role, 2.4.3
new application role by copying, 2.4.2.2
SSL report output, 5.4.6
example Users, Groups, Application Roles, 1.4.1, 2.2
external table authentication
about, A.1.2
setting up, A.1.2

F

Fusion Middleware Control
accessing, 2.4.1.1
System MBean Browser, 5.4

G

Grantee, 2.4.3
Groups
creating, 2.3.4
definition, 1.10
example, 1.4.1, 2.2
how to map to an Application Role, 2.4.2.3
inheritance, 2.6.1
working with default, 2.1
groups
adding to existing, D.2.2.3
Catalog groups, D.2.2
Groups, working with
See also authentication options
GUID attribute value
authentication errors, 3.2.5
updating, 3.2.5
GUIDs
authentication errors, 3.2.4.1, 3.2.7
updating user, 3.2.4.1, 3.2.7

H

high availability of embedded WLS LDAP identity store
by configuring the virtualize attribute value, 2.7
how to setup security
detailed steps, 1.8

I

IBM LDAP based authentication
troubleshooting, C.6
identity asserter, 4.2.1, 4.4.2
Identity Manager, 2.5.1
overview to using, 2.5.1
identity store
about, 1.10
new authenticator, 4.4.1
installed Users,Groups,Application Roles
diagram of, 2.1

J

Java security model, B.2
javax.net.sll.trustStorePassword, 5.3
javax.net.ssl.trustStore, 5.3
Job Manager
configuring, 5.5.2

K

key,case sensitive, B.4.3.1

L

launching
Administration Console, 2.3.2
LDAP
See Lightweight Directory Access Protocol (LDAP)
LDAP credential store, 3.3
Lightweight Directory Access Protocol (LDAP)
authentication, about, A.1.1, A.1.1
authentication, setting up, A.1.1.2
USER session system variable, defining for LDAP authentication, A.1.1.2
list of security terms, 1.10

M

managing
application roles, 2.4.4
catalog privileges, 2.6.1
mapping,definition, B.3
members
changing in application role, 2.4.4.2
memory requirements, Preface
metadata repository
overview to managing security in, 2.5.1
migrate
users and groups from default embedded WLS LDAP to alternative authentication provider, 2
migrating
credential store, 3.3
policy store, 3.3
minimum disk space, Preface
modifying
application role, 2.4.4
multiple authentication providers
configuring the virtualize custom property, 3.2.3.3
multiple authenticators
configuring for SSL, 5.5.6
mutual SSL authentication, 5.2.1

N

new
application policy, 2.4.3

O

obi stripe, 2.4.3
pre-selected, 2.4.1.1, 2.4.1.1
obi stripe pre-selected, 2.4.1.2
ODBC DSN, 5.5.5
offline repository development, 2.4.2.1
operating systems, supported, Preface
OPTIONAL flag, 4.4.1
Oracle BI
configuring Job Manager, 5.5.2
Oracle BI Administration Tool
overview to using, 2.5.1
tools, 1.6.3
Oracle BI Presentation Server
role in SSO, 4.2.2
Oracle Fusion Middleware Control
tools, 1.6.2
Oracle Fusion Middleware security model
about, B.2
Oracle Internet Directory
configuring as authentication provider, 3.2.3.1
Oracle Platform Security Services, B.2.1
Oracle WebLogic Server
configuring a new asserter, 4.4.2
configuring a new authenticator, 4.4.1
configuring for SSL, 5.3
configuring new authenticator, 4.4.1
domain, B.2
Oracle Weblogic Server
deploying security with, 2
Oracle WebLogic Server Administration Console
summary, 1.6.1
oracle.bi.enterprise credential map, 5.2.3
overview
setup steps, 1.8

P

password
change user, 2.3.6
permission grants
changing, 2.4.4
changing in application policy, 2.4.4.1
permissions, 2.4.3
adding, 2.4.3
inheritance, D.3
inheritance rules, D.3.1
non-Oracle Business Intelligence, 2.4.3
saved customizations, D.5.2.2
users, D.1.3
placeholder for application role, 2.4.2.1
platforms, supported, Preface
policy store
about, 3.3
default, 3.3
managing, 2.4
migrating, 3.3
policy store provider
about, 1.10
precedence
Presentation Catalog privileges, 2.6.2
precedence,catalog groups, B.4.4.2
Presentation Catalog privileges
about, 2.6.2
Presentation Services
Administration pages, D.2.1
Catalog groups, D.2.2
managing sessions, D.2.4
security, D.1
privileges
changing, D.2.3.2
default assignments, D.2.3.3
defined, D.2.3.1
inheritance, D.3
inheritance rules, D.3.1
managing, D.2.3
managing Presentation Catalog, 2.6.1
saved customizations, D.5.2.1
setting, D.2.3.2
users, D.1.3
Provider Specific tab, 3.2.3.1, 3.2.3.2, 4.4.1
proxy
impersonated user can display delegate users in Analytics, D.6.2
proxy levels for users, D.6.2
public and private keys, 5.2.1

R

repositories
new user, adding to, 2.5.2
REQUIRED flag, 4.4.1
requirements, system, Preface
REQUISITE flag, 4.4.1
reset password for default RPD file, 1.8
Roadmap for security setup, 1.1
role
authenticated, B.4.1.2
BIAdministrator, B.4.1.2
BIAuthor, B.4.1.2
BIConsumer, B.4.1.2
BISystem, B.4.1.2
RPD
reset password, 1.8

S

SASchInvoke, 5.5.1
saved customizations, D.5
administration, D.5.2
folder structure, D.5.2.2.3
permissions, D.5.2.2
privileges, D.5.2.1
security
Catalog groups, D.2.2
configuration tools summary, 1.6, 1.6
detailed setup steps, 1.8
goals, D.1.2
overview, 1.8
Presentation Services, D.1
repository, adding new user to, 2.5.2
See also authentication options
settings location, D.1.1
terminology, 1.10
security framework
about, B.2
Oracle Platform Security Services, B.2.1
Security menu, 2.4.1.1
accessing, 2.4.1.2, 2.4.1.2, 2.4.1.3
security provider
about, 1.10
security realm
about, 1.10
security setup Roadmap, 1.1
Session Manager
See also query environment, administering
active query, killing, A.1.7.1
disconnecting a user from a session, A.1.7.1
Session Window fields (table), A.1.7.1
session, viewing, A.1.7.1
update speed, controlling, A.1.7.1
using, about, A.1.7.1
session variables
for proxy functionality, D.6.3.2
sessions
managing, D.2.4
SiteMinder
SSO configuration, 4.5
Smart View download, D.2.3.3.2
SMTP server, configuring for SSL, 5.4.7
SSL
about, 5.2
Administration Tool, 5.5.4
Catalog Manager, 5.5.3
certificate files, 5.4.4
certificate keys, 5.2.2
cipher suite options, 5.6
commit configuration, 5.4.3
configuring multiple authenticators for, 5.5.6
configuring SMTP server, 5.4.7
configuring the Web server, 5.3
confirming status, 5.4.6
credentials in oracle.bi.enterprise map, 5.4.4
default security level, 5.2.1
enabling the configuration for Oracle Business Intelligence, 5.4.5
expired certificates, 5.4.8
generating certificates, 5.4.2
in Oracle Business Intelligence, 5.2.1
locking the configuration, 5.4.1
manual configuration, 5.2.1
mutual authentication, 5.2.1
Oracle BI components involved, 5.2.1
pre-requisites, 5.3
running status report, 5.4.6
sample report output, 5.4.6
troubleshooting tip, 5.4.3.1
using System MBean Browser, 5.4
verifying certificates, 5.4.4
SSL credential storage, 5.2.3
SSL Everywhere central configuration, 5.2.1
SSL, upgrading, B.6.1
SSL,troubleshooting, 5.4.6
SSO
about, 4.2
configuring a new authenticator, 4.4.1
configuring for custom environments, 4.5
configuring with Active Directory and Windows Native Authentication, 4.5
configuring with Oracle Access Manager, 4.4
configuring with SiteMinder, 4.5
considerations, 4.3
enabling for Oracle Business Intelligence, 4.6
identity asserter, 4.2.1
Oracle BI Presentation Services, 4.2.2
permission required for Administration Tool, 4.2
Provider Specific tab, 4.4.1
requirements, 4.2
Webgates, 4.2.1
startManagedWebLogic.sh, 5.3
SUFFICIENT flag, 4.4.1
supported installation types, Preface
system
session variables, about and LDAP authentication, A.1.1
variables, about and external table authentication, A.1.2
system requirements, Preface
system-jazn-data.xml file, 2.4, B.4

T

task map
configuring authorization, 3.1
configuring SSL, 5.1
configuring SSL between Oracle BI components, 5.4
configuring SSO authentication, 4.1
terminology, 1.10
tools
Administration Page in Oracle BI Presentation Catalog, 1.6.4
Oracle BI Administration Tool, 1.6.3
Oracle Fusion Middleware Control, 1.6.2
Oracle Weblogic Server, 2
Oracle WebLogic Server Administration Console, 1.6.1
summary of configuration tools for security, 1.6, 1.6
troubleshooting IBM LDAP based authentication, C.6
troubleshooting SSO
configuring for custom environments for example WNA and AD, SiteMinder, C.5
troubleshooting,SSL, 5.4.6
trusted user
changing for BIP JMS modules, 3.2.6
configuring, 3.2.6
create new user, 3.2.6

U

upgrade,Administrators group, B.6.1.1
upgraded systems
catalog groups, 2.6.1
URL
Administration Console, 2.3.2
Fusion Middleware Control, 2.4.1.1
usage tracking, administering
See also Session Manager
user
add to group, 2.3.5
change password, 2.3.6
create, 2.3.3
USER system variable
must delete or disable any RPD init blocks containing it, if using default authentication, 1.8
user, definition, 1.10
Users
example, 1.4.1, 2.2
working with default, 2.1
users
enabling to act for others, D.6
new user, adding to repository, 2.5.2
proxy levels, D.6.2
users and groups
migrate from default embedded WLS LDAP to alternative authentication provider, 2

V

variables, using
system session variables, about and LDAP authentication, A.1.1
system variables, about and external table authentication, A.1.2
virtualization functionality
configuring with SSL, 5.5.6
virtualize attribute value
configuring for HA of the embedded LDAP WLS identity store, 2.7
virtualize custom property
for configuring multpile authentication providers, 3.2.3.3

W

Web server, configuring for SSL, 5.3
Windows Native Authentication
configuring sso with Active Directory, 4.5