1. Reports Guide
  2. About Security and Authentication for Siebel Reports

About Security and Authentication for Siebel Reports

There are several options to choose from for configuring security and authentication for Siebel Reports: Siebel Security Model, LDAP, Web single sign-on, and Oracle Publisher Security (BIP/OAP). This topic provides a high-level description of each option and provides links to the instructions for implementing each option.

Siebel Security Model

When Oracle Publisher Server receives a request from a Siebel user to perform report functionality on the server, it queries the Siebel application to retrieve the user privileges associated with that particular user. This retrieval is accomplished by invoking a Web service that is exposed by the Siebel application.

The Siebel Security model retrieves authentication information through the Siebel EAI Object Manager (EAIObjMgr) and authenticates logins for report users against the Siebel Database one time only, then a session token is provided for Oracle Publisher Server authentication. Because every user executing reports has their own credentials and roles, users have private visibility on Oracle Publisher Server when scheduling reports.

The reporting responsibilities in the Siebel application correspond to roles and permissions on Oracle Publisher Server. The names of these responsibilities must exactly match the corresponding set of roles on Oracle Publisher Server.

Note: It is recommended that you use this model because it was designed specifically for use with Siebel Reports.

LDAP

In an implementation using LDAP authentication, an LDAP security adapter provided with Siebel CRM authenticates users against an LDAP-compliant directory. The directory stores information that is required to allow users to connect to the database and Oracle Publisher Server and this information is retrieved by the security adapter when users try to run a report. When users log into a Siebel application that uses LDAP authentication, they are already authenticated for the current session.

Web Single Sign-On Authentication

This model allows you to use a nonstandard security model, such as Siteminder or some other type of custom single sign-on.

Oracle Publisher Security

When implementing Oracle Publisher Security authentication for Siebel user access to Oracle Publisher Server, all connections between the Siebel application and Oracle Publisher Server are made using the same generic user account. This generic user account is useful for certain security topologies where multiple applications and authentication directories are used with a single shared Oracle Publisher Server instance.

Note: The Oracle Publisher Security model does not enable private scheduled reports. All scheduled reports are considered public.

For more information about Oracle Publisher Security, see Fusion Middleware Administrator's Guide for Oracle Business Intelligence Publisher and Oracle Business Intelligence Publisher Administrator's and Developer's Guide available at http://docs.oracle.com/cd/E10415_01/doc/bi.1013/e12188/T421739T475591.htm, or Administering Oracle Analytics Publisher in Oracle Analytics Server available at https://docs-uat.us.oracle.com/en/middleware/bi/analytics-server/administer-publisher-oas/index.html.