To configure security in Oracle Business Intelligence, you use the following tools:
Note:
To see an example of using the Oracle Business Intelligence tools to configure the installed users, groups, and application roles, see An Example Security Setup of Users, Groups, and Application Roles.
The diagram summarizes the tools that you use to configure security in an example installation of Oracle Business Intelligence that uses the embedded WebLogic LDAP Server.
For more information about managing security, see Managing Security Using a Default Security Configuration).
You use Oracle WebLogic Server Administration Console to manage the WebLogic LDAP Server that enables you to authenticate users and groups.
Oracle WebLogic Server is automatically installed and serves as the default administration server. The Oracle WebLogic Server Administration Console is browser-based and is used, among other things, to manage the embedded directory server.
Note that when you configure Oracle Business Intelligence the initial security configuration uses the embedded Weblogic LDAP directory - the default authenticator - as the Identity Store. However, whereas in 11g the BI installation seeded some specific users and groups into this LDAP directory, in 12c we no longer seed default BI groups into this directory. Consequently, if your application expects LDAP groups such as BIConsumers, BIContentAuthors and BIServiceAdministrators to exist in the Identity Store, you will need to add these groups manually or configure the domain to use a different Identity Store where these groups are already provisioned after the initial BI configuration has finished.
You launch the Oracle WebLogic Server Administration Console by entering its URL into a web browser. The default URL takes the following form: http://hostname:port_number/console. The port number is the same as used for the Administration server; 9500 is the default port. For more information about using theOracle WebLogic Server Administration Console, see Oracle WebLogic Server Administration Console Online Help.
To log in to the Oracle WebLogic Server Administration Console:
Note:
If you use an alternative authentication provider, such as Oracle Internet Directory instead of the default the WebLogic LDAP Server, then you must use the alternative authentication provider administration application (for example an administration console) to manage users and groups.
Fusion Middleware Control is a web browser-based graphical user interface that enables you to administer a collection of components.
The components consist of Oracle WebLogic Server domains, one Administration Server, one or more Managed Servers, clusters, and the Fusion Middleware Control components that are installed, configured, and running in the domain. During configuration of Oracle Business Intelligence an Oracle WebLogic Server domain is created and Oracle Business Intelligence is configured into that domain. The domain is named bi (in Enterprise installations), and is found under the WebLogic Domain folder in the Fusion Middleware Control navigation pane.
You use Oracle Fusion Middleware Control to manage Oracle Business Intelligence security as follows:
To log in to Fusion Middleware Control, open a web browser and enter the Fusion Middleware Control URL, in the following format:
http://hostname.domain:port/em
The port number is the number of the Administration Server, and the default port number is 9500.
For more information about using Fusion Middleware Control, see Administering Oracle Fusion Middleware.
To use Fusion Middleware Control:
You use the Oracle BI Administration Tool to configure permissions for users and application roles against objects in the metadata repository.
To use the Administration Tool: