The Oracle Fusion Middleware security model is built upon the Oracle Fusion Middleware platform, which incorporates the Java security model.
The Java model is a role-based, declarative model that employs container-managed security where resources are protected by roles that are assigned to users. However, extensive knowledge of the Java-based architecture is unnecessary when using theOracle Fusion Middleware Security model. By being based upon this security model, Oracle Business Intelligence can furnish uniform security and identity management across the enterprise.
Oracle Business Intelligence is installed into an Oracle WebLogic Server domain during installation, which is a logically related group of resources that are managed as a unit. During installation, an Oracle WebLogic Server domain named bi is created and Oracle Business Intelligence is installed into this domain. This name might vary depending upon the installation type performed. One instance of Oracle WebLogic Server in each domain is configured as an Administration Server. The Administration Server provides a central point for managing an Oracle WebLogic Server domain. The Administration Server hosts the Administration Console, which is a web application accessible from any supported web browser with network access to the Administration Server. Oracle Business Intelligence uses the active security realm configured for the Oracle WebLogic Server domain into which it is installed. See Oracle WebLogic Server.
See Introduction to Oracle Platform Security Services in Securing Applications with Oracle Platform Security Services. See Understanding Security for Oracle WebLogic Server and Administering Security for Oracle WebLogic Server 12c (12.2.1) to learn about Oracle WebLogic Server domain and security realm.
Oracle Platform Security Services (OPSS) is the underlying platform on which the Oracle Fusion Middleware security framework is built.
Oracle Platform Security Services is standards-based and complies with role-based-access-control (RBAC), Java Enterprise Edition (Java EE), and Oracle Application Server Java Authentication and Authorization Service (JAAS) Provider. Oracle Platform Security Services enables the shared security framework to furnish uniform security and identity management across the enterprise.
See Introduction to Oracle Platform Security Services in Securing Applications with Oracle Platform Security Services.
An Oracle WebLogic Server administration domain is a logically related group of Java components.
A domain includes a special WebLogic Server instance called the Administration Server, which is the central point from which you configure and manage all resources in the domain. You typically configure a domain to include additional WebLogic Server instances called Managed Servers. You deploy Java components, such as web applications, EJBs, and web services, and other resources to the Managed Servers and use the Administration Server for configuration and management purposes only.
Oracle WebLogic Server Administration Console and Fusion Middleware Control run in the Administration Server. Oracle WebLogic Server Administration Console is the Web-based administration console used to manage the resources in an Oracle WebLogic Server domain, including the Administration Server and Managed Servers. Fusion Middleware Control is a Web-based administration console used to manage Oracle Fusion Middleware, including the components that comprise Oracle Business Intelligence. See Oracle Business Intelligence Components in System Administrator's Guide for Oracle Business Intelligence Enterprise Edition.
Oracle Business Intelligence authentication is handled by the Oracle WebLogic Server authentication providers. An authentication provider performs the following functions:
Establishes the identity of users and system processes
Transmits identity information
Upon installation Oracle Business Intelligence is configured to use the directory server embedded in Oracle WebLogic Server as both the default authentication provider and the repository for users and groups. Alternative authentication providers can be used if desired, and managed in the Oracle WebLogic Server Administration Console. See System Requirements and Certification.