Skip Headers
Oracle® Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition
11g Release 1 (11.1.1)

Part Number E10543-04
Go to Documentation Home
Go to Book List
Book List
Go to Table of Contents
Go to Feedback page
Contact Us

Go to previous page
PDF · Mobi · ePub


A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  R  S  T  U  V  W 


access rights, 2.4.3
Fusion Middleware Control,
obi stripe,
Oracle WebLogic Server Administration Console, 2.3.2
Active Directory
configuring as authentication provider,
Add Permission dialog, 2.4.3
add-in for Microsoft Office, D.
Administration Console
Provider Specific tab, 4.4.1
Provider Specific tab settings,,
to launch, 2.3.2
Administration Console, accessing, 2.3.2
Administration Page in Oracle BI Presentation Catalog
tools, 1.6.4
Administration pages, D.2.1
Administration Server, B.2
Administrator user, creation during upgrade, B.6.1.1
Administrators group,upgrade, B.6.1.1
application policies
creating, 2.4.3
Application Policies page,,, 2.4.3, 2.4.3
Application Policy
how to create, 2.4.3
how to modify,
application policy, 2.4.3
about, B.3
changing permission grants,
copying, 2.4.3
creating by copying, 2.4.3
application policy,definition, B.3
Application Role
how to create,
how to map to a Group,
how to modify,
application role, 2.4.4
add or remove members,
changing membership,
creating by copying,
in repository,
localising display name, B.3
mapping privileges, 2.6.3
mapping privileges programmatically, 2.6.3
mapping,definition, B.3
valid members,
application role, localising display name, B.3
application role,definition, B.3
Application Roles
example, 1.4.1, 2.2
how to map privileges to, 2.6.3
minimum required to run Oracle Business Intelligence, B.4.1.2, B.4.1.2
user membership, 2.6.1
working with default, 2.1
application roles
inheritance, D.3
permissions and privileges, D.1.3
Application Roles page,,
authenticated role, A.2.1, B.4.1.2
authentication error,, 3.2.5, 3.2.7
authentication options
authentication, about, A.1
authentication, order of, A.1.4
external table authentication, about, A.1.2
external table authentication, setting up, A.1.2
LDAP authentication, about, A.1.1, A.1.1
LDAP authentication, setting up, A.1.1.2
See also security
USER session system variable, defining for LDAP authentication, A.1.1.2
authentication provider
about, B.3
configuring Active Directory,
configuring Oracle Internet Directory,
authentication providers
configuring, 3.2.3
configuring one or more alternatives, 3.2
about, A.1.5
custom authentication, about, A.1.5
definition, A.1.5


best practice
creating application roles,
HTTP and HTTPS listeners, 5.3
managing Presentation Services Catalog privileges, 2.6.1
mapping groups,
policy store, 2.4
SSL certificates, 5.4.2, 5.4.2
SSO authentication, 4
update GUID attribute value, 3.2.5
update user GUIDs,, 3.2.7
BI Presentation Server
catalog privileges, 2.6.1
BI Server
role in SSO, 4.2.2
BIAdministrator role, B.4.1.2
example, 1.4.1
BIAuthor role, B.4.1.2
example, 1.4.1
BIConsumer role, B.4.1.2
example Group, 1.4.1
BIDomain MBeans, 5.4.1
bifoundation_domain,,, B.2
BISystem role, B.4.1.2
configuring, 3.2.6


clearing, D.2.4
case sensitive,key, B.4.3.1
permissions, B
Catalog groups, D.2.2, D.2.2
adding to an existing group, D.2.2.3
creating, D.2.2.1
inheritance, D.3
catalog groups
upgraded systems, 2.6.1
catalog groups,deleting, 2.6.3
catalog groups,precedence, B.4.4.2
application roles, 2.4.4
BISystem application role,
SSL pre-requisites, 5.4
caution, system-jazn-data.xml file, 2.4
certificate keys
creating, 5.2.2
certification information, Preface
changing, 2.4.4
application role, 2.4.4
Web server for SSL, 5.3
Control Flag settings, 4.4.1
controlling permission grants,
application policy, 2.4.3
application policy, 2.4.3
application role,,
application policy, 2.4.3
application policy by copying, 2.4.3
Create Application Grant Like dialog, 2.4.3
create application role by copying,
Create Application Role page,
Create Like button, 2.4.3
application policies, 2.4.3
application role,,,
Application Roles,
certificate keys for SSL, 5.2.2
credential map, 5.2.3
trusted user, 3.2.6
credential store
migrating, 3.3
credential store provider
about, 1.10
configuring LDAP-based, 3.3
custom sso environments
configuring, 4.5
cwallet.sso file, B.4


saved customizations, D.5
databases,supported, Preface
Application Roles,,,
location of policy store, 2.4
policy store, 3.3
Presentation Catalog privileges, 2.6.2
default directory server
add user to group, 2.3.5
change password, 2.3.6
creating a user, 2.3.3
default security configuration
default security provider configuration, B.4
implementing, B.4
default security providers, B.4
default Users, Groups, Application Roles, 2.1
default Users,Groups,Application Roles
diagram of, 2.1
default,credentials, B.4.3.1
DefaultAuthenticator, B.4
defaut directory server
creating Groups, 2.3.4
Catalog groups, D.2.2.2
deleting,catalog groups, 2.6.3
about, B.2.2
relationship with Oracle WebLogic Server, B.2
Oracle BI Add-in for Microsoft Office, D.
Smart View, D.
dynamically loadable authenticator framework
definition, A.1.5


enabling users to act for others, D.6
Everyone Presentation Services Catalog group, A.2.1
Add Group dialog,
Application Roles page,
BIAdministrators, 1.4.1
BIAuthors Group, 1.4.1
BIConsumers Group, 1.4.1
configuring demonstration SSL certificate, 5.3
Edit Application Role page,
incorrect trust store error message, 5.3
installed Users, Groups, Application Roles, 1.7
new application role, 2.4.3
new application role by copying,
SSL report output, 5.4.6
example Users, Groups, Application Roles, 1.4.1, 2.2
external table authentication
about, A.1.2
setting up, A.1.2


Fusion Middleware Control
System MBean Browser, 5.4


Grantee, 2.4.3
creating, 2.3.4
definition, 1.10
example, 1.4.1, 2.2
how to map to an Application Role,
inheritance, 2.6.1
working with default, 2.1
adding to existing, D.2.2.3
Catalog groups, D.2.2
Groups, working with
See also authentication options
GUID attribute value
authentication errors, 3.2.5
updating, 3.2.5
authentication errors,, 3.2.7
updating user,, 3.2.7


high availability of embedded WLS LDAP identity store
by configuring the virtualize attribute value, 2.7
how to setup security
detailed steps, 1.8


IBM LDAP based authentication
troubleshooting, C.6
identity asserter, 4.2.1, 4.4.2
Identity Manager, 2.5.1
overview to using, 2.5.1
identity store
about, 1.10
new authenticator, 4.4.1
installed Users,Groups,Application Roles
diagram of, 2.1


Java security model, B.2, 5.3, 5.3
Job Manager
configuring, 5.5.2


key,case sensitive, B.4.3.1


Administration Console, 2.3.2
See Lightweight Directory Access Protocol (LDAP)
LDAP credential store, 3.3
Lightweight Directory Access Protocol (LDAP)
authentication, about, A.1.1, A.1.1
authentication, setting up, A.1.1.2
USER session system variable, defining for LDAP authentication, A.1.1.2
list of security terms, 1.10


application roles, 2.4.4
catalog privileges, 2.6.1
mapping,definition, B.3
changing in application role,
memory requirements, Preface
metadata repository
overview to managing security in, 2.5.1
users and groups from default embedded WLS LDAP to alternative authentication provider, 2
credential store, 3.3
policy store, 3.3
minimum disk space, Preface
application role, 2.4.4
multiple authentication providers
configuring the virtualize custom property,
multiple authenticators
configuring for SSL, 5.5.6
mutual SSL authentication, 5.2.1


application policy, 2.4.3


obi stripe, 2.4.3
obi stripe pre-selected,
ODBC DSN, 5.5.5
offline repository development,
operating systems, supported, Preface
OPTIONAL flag, 4.4.1
Oracle BI
configuring Job Manager, 5.5.2
Oracle BI Administration Tool
overview to using, 2.5.1
tools, 1.6.3
Oracle BI Presentation Server
role in SSO, 4.2.2
Oracle Fusion Middleware Control
tools, 1.6.2
Oracle Fusion Middleware security model
about, B.2
Oracle Internet Directory
configuring as authentication provider,
Oracle Platform Security Services, B.2.1
Oracle WebLogic Server
configuring a new asserter, 4.4.2
configuring a new authenticator, 4.4.1
configuring for SSL, 5.3
configuring new authenticator, 4.4.1
domain, B.2
Oracle Weblogic Server
deploying security with, 2
Oracle WebLogic Server Administration Console
summary, 1.6.1 credential map, 5.2.3
setup steps, 1.8


change user, 2.3.6
permission grants
changing, 2.4.4
changing in application policy,
permissions, 2.4.3
adding, 2.4.3
inheritance, D.3
inheritance rules, D.3.1
non-Oracle Business Intelligence, 2.4.3
saved customizations, D.5.2.2
users, D.1.3
placeholder for application role,
platforms, supported, Preface
policy store
about, 3.3
default, 3.3
managing, 2.4
migrating, 3.3
policy store provider
about, 1.10
Presentation Catalog privileges, 2.6.2
precedence,catalog groups, B.4.4.2
Presentation Catalog privileges
about, 2.6.2
Presentation Services
Administration pages, D.2.1
Catalog groups, D.2.2
managing sessions, D.2.4
security, D.1
changing, D.2.3.2
default assignments, D.2.3.3
defined, D.2.3.1
inheritance, D.3
inheritance rules, D.3.1
managing, D.2.3
managing Presentation Catalog, 2.6.1
saved customizations, D.5.2.1
setting, D.2.3.2
users, D.1.3
Provider Specific tab,,, 4.4.1
impersonated user can display delegate users in Analytics, D.6.2
proxy levels for users, D.6.2
public and private keys, 5.2.1


new user, adding to, 2.5.2
REQUIRED flag, 4.4.1
requirements, system, Preface
REQUISITE flag, 4.4.1
reset password for default RPD file, 1.8
Roadmap for security setup, 1.1
authenticated, B.4.1.2
BIAdministrator, B.4.1.2
BIAuthor, B.4.1.2
BIConsumer, B.4.1.2
BISystem, B.4.1.2
reset password, 1.8


SASchInvoke, 5.5.1
saved customizations, D.5
administration, D.5.2
folder structure, D.
permissions, D.5.2.2
privileges, D.5.2.1
Catalog groups, D.2.2
configuration tools summary, 1.6, 1.6
detailed setup steps, 1.8
goals, D.1.2
overview, 1.8
Presentation Services, D.1
repository, adding new user to, 2.5.2
See also authentication options
settings location, D.1.1
terminology, 1.10
security framework
about, B.2
Oracle Platform Security Services, B.2.1
Security menu,
security provider
about, 1.10
security realm
about, 1.10
security setup Roadmap, 1.1
Session Manager
See also query environment, administering
active query, killing, A.1.7.1
disconnecting a user from a session, A.1.7.1
Session Window fields (table), A.1.7.1
session, viewing, A.1.7.1
update speed, controlling, A.1.7.1
using, about, A.1.7.1
session variables
for proxy functionality, D.6.3.2
managing, D.2.4
SSO configuration, 4.5
Smart View download, D.
SMTP server, configuring for SSL, 5.4.7
about, 5.2
Administration Tool, 5.5.4
Catalog Manager, 5.5.3
certificate files, 5.4.4
certificate keys, 5.2.2
cipher suite options, 5.6
commit configuration, 5.4.3
configuring multiple authenticators for, 5.5.6
configuring SMTP server, 5.4.7
configuring the Web server, 5.3
confirming status, 5.4.6
credentials in map, 5.4.4
default security level, 5.2.1
enabling the configuration for Oracle Business Intelligence, 5.4.5
expired certificates, 5.4.8
generating certificates, 5.4.2
in Oracle Business Intelligence, 5.2.1
locking the configuration, 5.4.1
manual configuration, 5.2.1
mutual authentication, 5.2.1
Oracle BI components involved, 5.2.1
pre-requisites, 5.3
running status report, 5.4.6
sample report output, 5.4.6
troubleshooting tip,
using System MBean Browser, 5.4
verifying certificates, 5.4.4
SSL credential storage, 5.2.3
SSL Everywhere central configuration, 5.2.1
SSL, upgrading, B.6.1
SSL,troubleshooting, 5.4.6
about, 4.2
configuring a new authenticator, 4.4.1
configuring for custom environments, 4.5
configuring with Active Directory and Windows Native Authentication, 4.5
configuring with Oracle Access Manager, 4.4
configuring with SiteMinder, 4.5
considerations, 4.3
enabling for Oracle Business Intelligence, 4.6
identity asserter, 4.2.1
Oracle BI Presentation Services, 4.2.2
permission required for Administration Tool, 4.2
Provider Specific tab, 4.4.1
requirements, 4.2
Webgates, 4.2.1, 5.3
SUFFICIENT flag, 4.4.1
supported installation types, Preface
session variables, about and LDAP authentication, A.1.1
variables, about and external table authentication, A.1.2
system requirements, Preface
system-jazn-data.xml file, 2.4, B.4


task map
configuring authorization, 3.1
configuring SSL, 5.1
configuring SSL between Oracle BI components, 5.4
configuring SSO authentication, 4.1
terminology, 1.10
Administration Page in Oracle BI Presentation Catalog, 1.6.4
Oracle BI Administration Tool, 1.6.3
Oracle Fusion Middleware Control, 1.6.2
Oracle Weblogic Server, 2
Oracle WebLogic Server Administration Console, 1.6.1
summary of configuration tools for security, 1.6, 1.6
troubleshooting IBM LDAP based authentication, C.6
troubleshooting SSO
configuring for custom environments for example WNA and AD, SiteMinder, C.5
troubleshooting,SSL, 5.4.6
trusted user
changing for BIP JMS modules, 3.2.6
configuring, 3.2.6
create new user, 3.2.6


upgrade,Administrators group, B.6.1.1
upgraded systems
catalog groups, 2.6.1
Administration Console, 2.3.2
Fusion Middleware Control,
usage tracking, administering
See also Session Manager
add to group, 2.3.5
change password, 2.3.6
create, 2.3.3
USER system variable
must delete or disable any RPD init blocks containing it, if using default authentication, 1.8
user, definition, 1.10
example, 1.4.1, 2.2
working with default, 2.1
enabling to act for others, D.6
new user, adding to repository, 2.5.2
proxy levels, D.6.2
users and groups
migrate from default embedded WLS LDAP to alternative authentication provider, 2


variables, using
system session variables, about and LDAP authentication, A.1.1
system variables, about and external table authentication, A.1.2
virtualization functionality
configuring with SSL, 5.5.6
virtualize attribute value
configuring for HA of the embedded LDAP WLS identity store, 2.7
virtualize custom property
for configuring multpile authentication providers,


Web server, configuring for SSL, 5.3
Windows Native Authentication
configuring sso with Active Directory, 4.5