| Oracle® Health Sciences Cohort Explorer Secure Installation and Configuration Guide Release 1.0 E24988-02 |
|
|
PDF · Mobi · ePub |
| Oracle® Health Sciences Cohort Explorer Secure Installation and Configuration Guide Release 1.0 E24988-02 |
|
|
PDF · Mobi · ePub |
This chapter presents an overview of the Oracle Health Sciences Cohort Explorer (OHSCE) reports installation process. It also describes the OHSCE reports related installation tasks that you must complete. This chapter includes the following topics:
Note:
The rest of the instructions in Installing Oracle Health Sciences Cohort Explorer Reports assume that OBIEE is installed on Windows in the c:\Oracle\MiddleWare\instances\instance1\bifoundation and on UNIX in the /Oracle/MiddleWare/instances/instance1/bifoundation folders.While installing and configuring the OBIEE Server, you should follow guidelines in the document Oracle® Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition 11g Release 1 (11.1.1).
Oracle Health Sciences Cohort Explorer Report Objects consist of Cohorts RPD and Webcat, which is deployed in the OBIEE server.
RPD and Webcat contain only the metadata for analytical reports which is used in the context of the OBIEE Server. Therefore, follow the security guidelines applicable for OBIEE server while deploying these objects.
It is possible to add customized links to web applications that are deployed in a web server. Through this mechanism, any information that can be made available through a URL can be made accessible to OHSCE users. In addition, your customized links may support passing session parameters, such as the log-in user ID, and currently selected Product, Program, Study and Site to a URL. By passing these session parameters, you can access Web pages specific to you current selections on these attributes. However, you should be aware that in links that access external Web sites, passing account data and session information may pose a security risk.
Keep only the minimum number of ports open. You should close all ports not in use.
Oracle Health Sciences Cohort Explorer does not use the Telnet service.
Telnet listens on port 23 by default.
If the Telnet service is available on any computer, Oracle recommends that you disable Telnet in favor of Secure Shell (SSH). Telnet, which sends clear-text passwords and user names through a log-in, is a security risk to your servers. Disabling Telnet tightens and protects your system security.
In addition to not using Telnet, the Oracle Health Sciences Cohort Explorer does not use the following services or information for any functionality:
Simple Mail Transfer Protocol (SMTP). This protocol is an Internet standard for E-mail transmission across Internet Protocol (IP) networks.
Identification Protocol (identd). This protocol is generally used to identify the owner of a TCP connection on UNIX.
Simple Network Management Protocol (SNMP). This protocol is a method for managing and reporting information about different systems.
Restricting these services or information does not affect the use of Oracle Health Sciences Cohort Explorer. If you are not using these services for other applications, Oracle recommends that you disable these services to minimize your security exposure. If you need SMTP, identd, or SNMP for other applications, be sure to upgrade to the latest version of the protocol to provide the most up-to-date security for your system.
When designing a secure deployment, design multiple layers of protection. If a hacker should gain access to one layer, such as the application server, that should not automatically give them easy access to other layers, such as the database server.
Providing multiple layers of protection may include:
Enable only those ports required for communication between different tiers, for example, only allowing communication to the database tier on the port used for SQL*NET communications (1521 by default).
Place firewalls between servers so that only expected traffic can move between servers.
OHSCE reports installation consists of the following two components:
Perform the following steps to migrate the policy in Oracle WebLogic:
Create a folder for PolicyStore Migration
Windows—<DRIVE>:\> PolicyStoreMigration
UNIX—/PolicyStoreMigration
Create sub-folders for Cohort Explorer and current production instances.
Windows —<DRIVE>:\> PolicyStoreMigration\Cohort
<DRIVE>:\> PolicyStoreMigration\Prod
UNIX—/PolicyStoreMigration/Cohort
UNIX—/PolicyStoreMigration/Prod
Copy system-jazn-data.xml supplied with OHSCE to the Cohort folder.
Copy the system-jazn-data.xml from the
Windows—{Middleware_Home}/ user_projects/domains/bifoundation_domain/config/fmwconfig folder to the Prod folder.
UNIX—/{Middleware_Home}\ user_projects\domains\bifoundation_domain\config\fmwconfig folder to the Prod folder.
Note:
Oracle recommends that you take a backup of all the files before merging the policies.Copy the jps-config-policy.xml supplied with OHSCE to the PolicyStoreMigration folder.
Open the jps-config-policy.xml file. Edit the location attribute value in the <serviceInstance> tag for source and target to reflect the actual paths in your environment. The following changes must be reflected in jps-config-policy.xml
<serviceInstance name="srcpolicystore.xml" provider="policystore.xml.provider" location="C:\PolicyStoreMigration \Cohort ">
<serviceInstance name="policystore.xml" provider="policystore.xml.provider" location="C:\PolicyStoreMigration \Prod ">
Open a command prompt. Run the Oracle WebLogic Scripting Tool (WLST).
Windows—{Middleware_Home}/Oracle_BI1/common/bin/wlst.cmd
Unix—{Middleware_Home}/Oracle_BI1\common\bin\wlst.sh
Run the following command in offline interactive mode,
migrateSecurityStore(type="appPolicies", srcApp="obi", configFile="C:/PolicyStoreMigration/jps-config-policy.xml", src="sourceFileStore", dst="targetFileStore", overWrite="false")
The merged PolicyStore file is now available in the Prod folder. The PolicyStore should contain the following roles in addition to others:
CE-Administrator
CE-Physician
CE-Researcher
CE-LimitedAccess
CE-Developer
Stop Oracle WebLogic Server.
Copy the merged system-jazn-data.xml from Prod folder to
Windows—"{Middleware_Home}/user_projects/domains/bifoundation_domain/config/fmwconfig
Unix—"{Middleware_Home}\user_projects\domains\bifoundation_domain\config\fmwconfig
Start Oracle WebLogic Server.
Perform the following steps to install the OHSCE reports on Windows and Unix:
Place the OracleHeathSciencesCohortExplorer.rpd in the following folder:
Windows—<DRIVE>:\> Oracle\MiddleWare\instances\instance1\bifoundation\OracleBIServerComponent\coreapplication_obis1\repository
UNIX—Oracle/MiddleWare/instances/instance1/bifoundation/OracleBIServerComponent/coreapplication_obis1/repository
Unzip OracleHealthSciencesCohortExplorer.zip in the following folder:
Windows—<DRIVE>:\>\Oracle\MiddleWare\instances\instance1\bifoundation\OracleBIPresentationServicesComponent\coreapplication_obips1\catalog
UNIX—Oracle/MiddleWare/instances/instance1/bifoundation/OracleBIPresentationServicesComponent\coreapplication_obips1/catalog
Unzip help.zip in:
Windows—<DRIVE>:\Oracle\MiddleWare\Oracle_BI1\bifoundation\web\app\res\s_blafp\help
UNIX—Oracle/MiddleWare/Oracle_BI1/bifoundation/web/app/res/s_blafp/help
Unzip help.zip in:
Windows—<Drive>:\Oracle\MiddleWare\user_projects\domains\bifoundation_domain\servers\bi_server1\tmp\_WL_user\analytics_11.1.1\7dezjl\war\res\s_blafp\help
UNIX—Oracle/MiddleWare/user_projects/domains/bifoundation_domain/servers/bi_server1/tmp/_WL_user/analytics_11.1.1/7dezjl/war/res/s_blafp/help
In the Oracle BI Administration Tool, open the newly installed Oracle BI repository (OracleHealthSciencesCohortExplorer.rpd) in the offline mode to configure static variables and connections.
Note:
The OBIEE BI Administration Tool is supported only on Windows. If OHSCE is installed on Unix, copy OracleHealthSciencesCohortExplorer.rpd to a Windows system to perform modifications described in the following sections. Once the modifications are complete, copy the OracleHealthSciencesCohortExplorer.rpd back to the Unix system.In the Oracle BI Administration Tool, select File, then Open, and then Offline.
Navigate to the OracleHealthSciencesCohortExplorer.rpd, and then click Open.
In the Open Offline dialog box, enter the of repository password to log into the OracleHealthSciencesCohortExplorer.rpd file. The default password is 'cohort'. You can change the password by clicking File, then Change Password. Enter the old password and then the new password. Confirm the new password.
Click OK.
In the Oracle BI Administration Tool, select Manage and then Variables.
In the Variable Manager dialog box, expand the Repository and then Variable in the left pane. Then click Static.
Double-click and modify the following static variables:
| Variable Name | Instruction |
|---|---|
|
OLAP_DSN |
Enter the value of the database name |
|
OLAP_USER |
Enter the value of the database schema |
|
ConsentTypeCode |
Enter the value of the type code for Consent |
|
ConsetStatusCode |
Enter the value of the type code for Consent Status |
|
MinEventDate |
Enter the approximate date when the first patient event was noted. This is used as the reference date in the Patient Event Timelines Chart in Patient Timelines Tab in the Cohort Explorer dashboard. |
Click OK after each modification.
Close the Variable Manager.
Modify the connection pools in the RPD as following:
In the physical layer, expand the OracleHealthScienceCohortExplorer node and double-click the connection pool.
Change the password to the password of the schema user.
Click OK.
In the physical layer, double -click the OracleHealthScienceCohortExplorer node.
Click the Features tab. Navigate to the SORT_ORDER_LOCALE feature. If both the value and the default are the same, change the value to english-uk.
From the File menu, select Save to save the rpd.
Navigate to \Oracle\Middleware\instances\instance1\config\OracleBIPresentationServicesComponent\coreapplication_obips1
Open instanceconfig.xml in an editor and make the following changes:
Locate the Cube section, in which you must modify the following elements:
CubeMaxRecords: Set this value to the number of specimen instances (number of rows in W_EHA_SPECIMEN_PATIENT_H) in the facility, if the specimen instances are greater than the number of patients in the facility. If not, set this value to the number of patients in the facility.
CubeMaxPopulatedCells: Set this value to the number of specimen instances (number of rows in W_EHA_SPECIMEN_PATIENT_H) in the facility, if the specimen instances are greater than the number of patients in the facility. If not, set this value to the number of patients in the facility.
Locate the Table section in which you must modify MaxVisibleRows. Set this value to an approximate of the number of patients in the facility * Number of event types per patient
Locate the Pivot Table section, in which you must modify MaxVisibleRows. Set this value to the number of specimen instances (number of rows in W_EHA_SPECIMEN_PATIENT_H) in the facility, if the specimen instances are greater than the number of patients in the facility. If not, set this value to the number of patients in the facility.
Save and close instanceconfig.xml.
Log in to Fusion Middleware Control (https://<host>:7001/em).
Expand the Business Intelligence folder and select the coreapplication node.
Navigate to the Repository tab of the Deployment page.
Click on Lock and Edit Configuration.
In the Upload BI Server Repository section, click the Browse button to select the OracleHeathSciencesCohortExplorer.rpd.
Enter the repository password (cohort) in Repository Password and Confirm Password fields. The default password is 'cohort'. If you have changed the password in step 5c, enter the new password.
Enter the location of the OracleHealthSciencesCohortExplorer catalog in the BI Presentation Catalog section.
Click Apply and then click Activate Changes.
Select the Capacity Management tab and then Performance. In the section Maximum Number of Rows Processed When Rendering a Table View, increase the number of rows to an approximate of the number of patients in the facility * Number of event types per patient.
Click Apply, and then Activate Changes.
Select the Overview tab and click the Restart button, then click Yes.
Open your browser and sign in to OBIEE.
Select Cohort Explorer from the Dashboards drop-down list.
Click Edit Dashboard under the Summary tab.
Select Edit Analysis for report biospecimen_samples_r.
Select the Criteria tab, then click on Show/Hide Selection Steps Pane.
Under the section Specimen - Anatomical Site, edit the first step Start with... to include the Anatomical Sites you want to see in report.
Save the report.
Click Apply.
Return to the Business Intelligence Overview page and click Restart.
Click Yes.
Your security privileges determine what reports you can see and what you can do in OHSCE. To log in to OHSCE, you must have a browser on your computer and a URL, username, and password provided by your company.
Open your browser and enter the URL provided by your company.
Figure 2-1 displays the OHSCE login page.
Figure 4-1 Oracle Health Sciences Cohort Explorer Login Page
Enter the following user ID and password.
Username: Administrator
Password: Enter the password.
Click Login.
After your login credentials are authenticated, your default dashboard page is displayed.
|
 Copyright © 2011, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|
