Oracle® Fusion Middleware User's Guide for Oracle Business Intelligence Data Warehouse Administration Console 11g Release 1 (11.1.1) Part Number E14849-06 |
|
|
PDF · Mobi · ePub |
This chapter provides information about the DAC security model, including an explanation about authentication and the recommended DAC security setup.
This chapter contains the following topics:
Oracle Business Intelligence Data Warehouse Administration Console (DAC) comprises the following components:
DAC Repository. Resides on a database and stores the metadata (semantics of the Oracle Business Analytics Warehouse) that represents the data warehouse processes.
DAC Client. A thick client (Swing GUI).
DAC Server. Can be deployed as an enterprise application on the Web Logic Server (referred to as Web mode) or as a standalone Java application (referred to as standalone mode).
Non-interactive automation tools
Non-interactive command line tools
When DAC runs in Fusion Middleware mode, users are defined in the WebLogic Server identity store (LDAP) and authenticated against a BI domain. The Fusion Middleware tier authenticates the users for access to the DAC repository. The LDAP credentials indicate: 1) whether the user is valid, and 2) the user's role. The DAC Client also accesses database credentials stored in an encrypted cwallet.sso file in the file system to access the DAC repository database. The database credentials are used to manipulate objects in the repository through direct JDBC access.
When DAC runs in DAC standalone authentication mode, the DAC Client authenticates users and gets user permissions against user credentials stored in the DAC repository.
For production environments, in both Fusion Middleware and DAC standalone authentication deployment modes, the DAC Client has access to highly sensitive password information that allows connectivity to the DAC repository, to all of the data sources accessed by the BI Server (including the transactional data source), and to the data warehouse.
Therefore, for production environments, in both Fusion Middleware and DAC standalone authentication deployment modes, you must install the DAC Client according to the following requirements:
The DAC Client must be physically located in the server tier with the other middle-tier components.
The DAC Client should be accessed only by trusted users.
The DAC Client should be accessible only through remote log in tools if it is accessed outside of the server tier.
The DAC Client should not be installed on the administrator's desktop.
Figure 1-1 illustrates the process of securing DAC when the DAC Server is running as a service on WebLogic Server.
This process is as follows:
DAC Client logs in using FMW authentication:
Gets user name and password from user (can be optionally saved on the file system).
Reads the database connection information from the encrypted cwallet.sso file stored on the file system.
Logs into the DAC repository.
Reads the DAC Server URL from the DAC repository.
Authenticates and gets permissions through the DAC Server in the BI domain using the BI domain URL.
DAC Server reads the database connection information from the file system and connects to the DAC repository upon startup.
Automation utilities read the database connection information from the file system and connect to the DAC repository.
Note: The automation utilities are not interactive
DAC Server command line utilities read the DAC Server information from the file system and send it as a Web service request, which is authenticated with proper user credentials.
Figure 1-2 illustrates the process of securing DAC when the DAC Server is running as a standalone JVM process.
This process is as follows:
DAC Client logs in using DAC authentication:
Gets user name and password from user (can be optionally saved on the file system).
Reads the database connection information from the encrypted cwallet.sso file stored on the file system.
Logs into the DAC repository.
Authenticates and gets permissions against user credentials stored in the DAC repository.
DAC Server reads the database connection information from the file system and connects to the DAC repository upon startup.
Automation utilities read the database connection information from the file system and connect to the DAC repository. Note: The automation utilities are not interactive.
DAC Server command line utilities read the DAC Server information from the file system and send it as a Web service request, which is authenticated with proper user credentials.
The recommended DAC security setup includes the following points:
DAC is used for orchestrating ETL processes, and, therefore, should be accessed by a limited number of administrators with the appropriate privileges. The schema level operations that require administrator privileges include but are not limited to the following:
Truncating tables
Managing indexes
Collecting statistics on tables after the data is populated
Querying system catalog tables
Creating the data warehouse schema
Because of the sensitive nature of schema level operations, DAC should also be secured by the operating system level security.
The DAC repository should be stored in a different database from the data warehouse and transactional applications databases. This allows for restriction of DAC users, if necessary.