To configure security in Oracle Business Intelligence use the following tools:
See An Example Security Setup of Users, Groups, and Application Roles.
The diagram summarizes the tools used to configure security in an example installation of Oracle Business Intelligence that uses the embedded WebLogic LDAP Server.
See Managing Security Using a Default Security Configuration.
You use Oracle WebLogic Server Administration Console to manage the WebLogic LDAP Server that enables you to authenticate users and groups.
Oracle WebLogic Server is automatically installed and serves as the default administration server. The Oracle WebLogic Server Administration Console is browser-based and is used, among other things, to manage the embedded directory server.
When you configure Oracle Business Intelligence, the initial security configuration uses the embedded Weblogic LDAP directory, the default authenticator, as the Identity Store. In 11g, the BI installation seeded some specific users and groups into the LDAP directory. In 12c, the installation does not seed default BI groups into the LDAP directory. If your application expects LDAP groups such as BIConsumers, BIContentAuthors and BIServiceAdministrators to exist in the Identity Store, you need to add these groups manually or configure the domain to use a different Identity Store where these groups are already provisioned after the initial BI configuration has finished.
You launch the Oracle WebLogic Server Administration Console by entering its URL into a web browser. The default URL takes the following form: http://hostname:port_number/console
. The port number is the same port number as used for the Administration server. The default port number is 9500. See Oracle WebLogic Server Administration Console Online Help.
The user name and password were supplied during the installation of Oracle Business Intelligence. If these values have since been changed, then use the current administrative user name and password combination.
If you use an alternative authentication provider, such as Oracle Internet Directory instead of the default the WebLogic LDAP Server, then you must use the alternative authentication provider administration application, for example, an administration console to manage users and groups.
Fusion Middleware Control is a web browser-based graphical user interface that enables you to administer a collection of components.
The components consist of Oracle WebLogic Server domains, one Administration Server, one or more Managed Servers, clusters, and the Fusion Middleware Control components that are installed, configured, and running in the domain. During configuration of Oracle Business Intelligence an Oracle WebLogic Server domain is created and Oracle Business Intelligence is configured into that domain. The domain is named bi in Enterprise installations, and is found under the WebLogic Domain folder in the Fusion Middleware Control navigation pane.
You use Oracle Fusion Middleware Control to manage Oracle Business Intelligence security as follows:
To log in to Fusion Middleware Control, open a web browser and enter the Fusion Middleware Control URL, in the following format:
http://hostname.domain:port/em
The port number is the number of the Administration Server, and the default port number is 9500.
See Administering Oracle Fusion Middleware.
This system-wide administration user name and password was specified during the installation process, and you can use it to log in toOracle WebLogic Server Administration Console, Fusion Middleware Control, and Oracle Business Intelligence.
Alternatively, enter any other user name and password that has been granted the WebLogic Global Admin role.
You use the Oracle BI Administration Tool to configure permissions for users and application roles against objects in the metadata repository.