1. Installation Guide
  2. Configure Other Products
  3. Configure the Oracle Business Intelligence Enterprise Edition Environment for Oracle Argus Insight
  4. Create Users and Groups in Oracle Business Intelligence Enterprise Edition
  5. Create Roles and Policies with Oracle Fusion Middleware Control

Create Roles and Policies with Oracle Fusion Middleware Control

Note:

This section is applicable only when you manually upload the RPD file and Catalog. For more details, refer to Configure Oracle Business Intelligence Enterprise Edition Repository and Web Catalog Manually..

To create new application roles:
  1. Login to Oracle Fusion Middleware Control Enterprise Manager.

  2. Go to WebLogic Domain > Security > Application Roles.

    The Application Roles dialog box appears.

  3. From the Application Stripe drop-down list, select OBI, and click Search OFM Search Icon.

    The default role available in clean slate installation appears.

  4. Click Create.

    The Create Application Role dialog box appears.

  5. In the Role Name field, enter AIAdminRole.

  6. From the Members section, click +Add.

    The Add Principal dialog box appears.

  7. From the Type drop-down list, select Group, and click Search.

    A list of principals appears.

  8. From the list of Searched Principals, select AIAdminGroup, and click OK.

  9. From the Members section, click +Add.

    The Add Principal dialog box appears.

  10. From the Type drop-down list, select Application Role, and click Search.

    A list of principals appears.

  11. From the list of Searched Principals, select BIServiceAdministrator , and click OK.

    The Membership for AIAdminRole appears.

  12. Repeat from Step 4 to Step 11 to create other Roles and add Member to these roles as listed in the table below.
    Role Application Roles

    AI Admin Role

    AI Admin Group

    --

    Weblogic

    AI Author Role

    AI Author Group

    --

    AI Admin Group

    AI Consumer Role

    AI Consumer Group

    --

    AI Author Group

    --

    AI Admin Group

Note:

For more details, refer Section 2.8.3.1 Creating Application Roles Using Fusion Middleware Control in https://docs.oracle.com/middleware/1221/bip/BIPAD.pdf

To create new application policy:
  1. Login to Oracle Fusion Middleware Control Enterprise Manager.

  2. Go to WebLogic Domain > Security > Application Policies.

    The Application Policies screen appears.

  3. To create a new application policy, click Create.

    The Create Application Grant dialog box appears.

  4. From the Grantee section, click +Add

    The Add Principal dialog box appears.

  5. From the Type drop-down list, select Application Role, and click Search.OBI Search Icon
  6. From the Type drop-down list, select Application Role, and click Search.
  7. From the list of Searched Principals, select AIAdminRole, and click OK.

  8. From the Permissions section, click +Add

    The Add Permission dialog box appears.

  9. Select the Resource Types radio button.
  10. From the Resource Type drop-down list, select oracle.bi.publisher.permission, and click Search.

  11. From the Search Results, select oracle.bi.publisher.permission (Oracle Business Intelligence Publisher Administer Server), and click Continue.

    The Add Permission dialog box appears.

  12. For Permission Actions, select All (_all_), and click Select.
  13. Repeat from Step 4 to Step 11, to add the following:
    Policy Name/Principal Resource Type Resource Name Permission Actions

    AI Admin Role

    oracle.bi.catalog

    *

    manage

    --

    oracle.bi.server.permission

    oracle.bi.server.manageRepositories

    _all_

    --

    oracle.bi.presentation.catalogmanager.permission

    oracle.bi.presentation.catalogmanger.manageCatalog

    _all_

    --

    oracle.bi.delivers.job

    oracle.bi.delivers.job

    manage

    --

    oracle.bi.publisher.permission

    oracle.bi.publisher.administerServer

    _all_

    --

    oracle.bi.repository

    oracle.bi.repository

    manage

    --

    oracle.bi.scheduler.permission

    oracle.bi.scheduler.manageJobs

    _all_

    --

    oracle.bi.publisher.permission

    oracle.bi.publisher.developReport

    _all_

    --

    oracle.bi.publisher.permission

    oracle.bi.publisher.developDataModel

    _all_

    AI Author Role

    oracle.bi.publisher.permission

    oracle.bi.publisher.developReport

    _all_

    --

    oracle.bi.publisher.permission

    oracle.bi.publisher.developDataModel

    _all_

    --

    oracle.bi.tech.visualanalyzer.permission

    oracle.bi.tech.visualanalyzer.generalAccess

    *

    --

    oracle.bi.delivers.job

    *

    schedule

    AI Consumer Role

    oracle.bi.publisher.permission

    oracle.bi.publisher.scheduleReport

    _all_

    --

    oracle.bi.publisher.permission

    oracle.bi.publisher.runReportOnline

    _all_

    --

    oracle.bi.publisher.permission

    oracle.bi.publisher.accessReportOutput

    _all_

    --

    oracle.bi.publisher.permission

    oracle.bi.publisher.accessOnlineReportAnalyzer

    _all_

    --

    ESSMetadataPermission

    oracle.bip.ess.JobDefinition.EssBipJob

    READ,EXECUTE

    --

    oracle.bi.publisher.permission

    oracle.bi.publisher.accessExcelReportAnalyzer

    _all_

Note:

For more details, refer to Section 2.8.3.2 Creating Application Policies Using Fusion Middleware Control from https://docs.oracle.com/middleware/1221/bip/BIPAD.pdf.

For a list of privileges for BIApplication Role specified above, refer to Oracle Business Intelligence Enterprise Edition Default Application Roles.

Parent topic: Create Users and Groups in Oracle Business Intelligence Enterprise Edition