Typical Workflow to Set Up Security
Use this workflow to understand how to set up security in a new Oracle Analytics Server instance.
| Task | Description | More Information |
|---|---|---|
|
Decide if you want to use the default embedded WebLogic LDAP Server for authentication to create users and groups |
Oracle doesn't recommend using WebLogic LDAP Server in an environment with more than 1,000 users. If you need a production environment with high-availability and scalability, then use a directory service such as Oracle Internet Directory or a third-party directory service. Use the WebLogic Server Administration Console to create users and groups and assign users to groups. You can't use the Oracle Analytics Server Console to create and manage users and groups. |
Create a New User in the Embedded WebLogic LDAP Server Create a New Group in the Embedded WebLogic LDAP Server Assign a User to a Group in the Embedded WebLogic LDAP Server |
|
Decide if you want to use an alternative authentication provider such as Oracle Internet Directory to create users and groups |
Configure Oracle Internet Directory as the authentication provider. Use your authentication provider tools to create users and groups and assign users to groups. You can't use the Oracle Analytics Server Console to create and manage users and groups. |
High-Level Steps for Configuring an Alternative Authentication Provider |
|
Set up application roles |
Review the application roles provided with the installation and decide if you need to create additional roles. Use the Oracle Analytics Server Console to add application roles. |
|
|
Customize the permission sets assigned to the application roles |
Add or remove permissions as needed. Use the grant or revoke permissions script to add or remove application role permissions. |
|
|
Assign application roles to users and groups |
Add application roles to users and groups as needed. Use the Oracle Analytics Server Console to assign application roles to users and groups. |
|
|
Fine-tune privileges in the semantic model and Presentation Services |
Add and remove the privileges that users and groups have in the Oracle Analytics Server semantic model and in the Classic Home Page. Use Model Administration Tool and the Oracle Analytics Server Classic Administration Page to add and remove these privileges. |
Use Model Administration Tool to Manage Metadata Repository Privileges Use Application Roles to Manag Presentation Services Privileges |
|
Decide if you want to deploy single sign-on (SSO) authentication |
Configure SSO authentication. |
|
|
Decide if you want to deploy secure socket layer (SSL) |
Configure Oracle Analytics Server components to communicate over SSL. |