JPS-OID Authorization with Single-Sign-On Authentication for Reports Servlet
|
|
This scenario involves the following:
|
To use this combination of authentication and authorization, complete the following steps:
-
Enable Single Sign-On. For more information, see Enabling and Disabling Single Sign-On.
-
Enable JPS-based security. On the Reports Server Advanced Configuration page in Enterprise Manager, select the Enable Security check box, and then select the Oracle Platform Security for Java option.
-
Ensure that all users that are present in the Oracle Internet Directory used by Single Sign-On are in the ID store used by JPS. Alternatively, configure JPS to point to the ID store used by Single Sign-On.
-
Add the following property in the jps-config-jse.xml file:
<property name="oracle.security.jps.enterprise.user.class" value="weblogic.security.principal.WLSUserImpl"/>
-
Configure JPS Oracle Internet Directory as a policy store. For more information, see Configuring an External Oracle Internet Directory as Policy Store When Using JPS-Based Security.
-
Create security policies. Refer to Section 6.8.2, "Defining Security Policies for Reports" to use Oracle Enterprise Manager to update the report security policies defined in Oracle Internet Directory.
-
Map users to application roles. For more information about mapping users to application roles, see Mapping Users to Application Roles.
|
JPS-OID Authorization with JPS-OID as ID Store for Other Reports Clients
|
|
This scenario involves the following:
|
To use this combination of authentication and authorization, complete the following steps:
-
Enable JPS-based security. On the Reports Server Advanced Configuration page in Enterprise Manager, select the Enable Security check box, and then select the Oracle Platform Security for Java option.
-
Add the following property in the jps-config-jse.xml file:
<property name="oracle.security.jps.enterprise.user.class" value="weblogic.security.principal.WLSUserImpl"/>
-
Configure JPS-OID as an ID store. For more information, see Configuring External Oracle Internet Directory as ID Store When Using JPS-Based Security.
-
Configure JPS-OID as a policy store. For more information, see Configuring an External Oracle Internet Directory as Policy Store When Using JPS-Based Security.
-
Create security policies. Refer to Section 6.8.2, "Defining Security Policies for Reports" to use Oracle Enterprise Manager to update the report security policies defined in Oracle Internet Directory.
-
Map users to application roles. For more information about mapping users to application roles, see Mapping Users to Application Roles.
|
JAZN-XML Authorization with Single Sign-On Authentication for Reports Servlet
|
|
This scenario involves the following:
|
To use this combination of authentication and authorization, complete the following steps:
-
Enable Single Sign-On. For more information, see Enabling and Disabling Single Sign-On.
-
Enable JPS-based security. On the Reports Server Advanced Configuration page in Enterprise Manager, select the Enable Security check box, and then select the Oracle Platform Security for Java option.
-
Ensure that all users that are present in the Oracle Internet Directory used by Single Sign-On are in the ID store used by JPS. Alternatively, configure JPS to point to the ID store used by Single Sign-On.
-
Add the following property in the jps-config-jse.xml file:
<property name="oracle.security.jps.enterprise.user.class" value="weblogic.security.principal.WLSUserImpl"/>
-
Create security policies. Refer to Section 6.8.2, "Defining Security Policies for Reports".
-
Map users to application roles. For more information about mapping users to application roles, see Mapping Users to Application Roles.
-
If the system-jazn-data.xml file is used as the policy store, search for the "reports" application in the system-jazn-data.xml file. To use JPS to authorize users in Oracle Internet Directory, add the corresponding users in the member section of the system-jazn-data.xml file. For more information, see Section 14.4.2, "Additional Step When Using JPS for Authorization".
|
JAZN-XML Authorization with JPS-OID Authentication for Other Reports Clients
|
|
This scenario involves the following:
|
To use this combination of authentication and authorization, complete the following steps:
-
Enable JPS-based security. On the Reports Server Advanced Configuration page in Enterprise Manager, select the Enable Security check box, and then select the Oracle Platform Security for Java option.
-
Add the following property in the jps-config-jse.xml file:
<property name="oracle.security.jps.enterprise.user.class" value="weblogic.security.principal.WLSUserImpl"/>
-
Configure JPS-OID as an ID store. For more information, see Configuring External Oracle Internet Directory as ID Store When Using JPS-Based Security.
-
Create security policies. Refer to Section 6.8.2, "Defining Security Policies for Reports" to update the report security policies defined in Oracle Internet Directory.
-
Map users to application roles. For more information about mapping users to application roles, see Mapping Users to Application Roles.
-
If the system-jazn-data.xml file is used as the policy store, search for the "reports" application in the system-jazn-data.xml file. To use JPS to authorize users in Oracle Internet Directory, add the corresponding users in the member section of the system-jazn-data.xml . For more information, see Section 14.4.2, "Additional Step When Using JPS for Authorization".
|