JPS-OID Authorization with Single-Sign-On Authentication for Reports Servlet
|
|
This scenario involves the following:
|
To use this combination of authentication and authorization, complete the following steps:
-
Enable Single Sign-On. See Enabling and Disabling Single Sign-On.
-
Enable JPS-based security by editing reports server config file.
-
Ensure that all users that are present in the Oracle Internet Directory used by Single Sign-On are in the ID store used by JPS. Alternatively, configure JPS to point to the ID store used by Single Sign-On.
-
Add the following property in the jps-config-jse.xml file:
<property name="oracle.security.jps.enterprise.user.class" value="weblogic.security.principal.WLSUserImpl"/>
-
Configure JPS Oracle Internet Directory as a policy store. Alternatively you can use the database as policy store which is the default policy store. See Configuring an External Oracle Internet Directory as Policy Store When Using JPS-Based Security.
-
Create security policies. Refer to Section 6.3.2, "Defining Security Policies for Reports" to use Oracle Enterprise Manager to update the report security policies defined in Oracle Internet Directory.
-
Map users to application roles. For more information about mapping users to application roles, see Mapping Users to Application Roles.
|
JPS-OID Authorization with JPS-OID as ID Store for Other Reports Clients
|
|
This scenario involves the following:
|
To use this combination of authentication and authorization, complete the following steps:
-
Enable JPS-based security by editing reports server config file.
-
Add the following property in the jps-config-jse.xml file:
<property name="oracle.security.jps.enterprise.user.class" value="weblogic.security.principal.WLSUserImpl"/>
-
Configure JPS-OID as an ID store. See Configuring External Oracle Internet Directory as ID Store When Using JPS-Based Security.
-
Configure JPS-OID as a policy store. Alternatively you can use the database as policy store which is the default policy store. See Configuring an External Oracle Internet Directory as Policy Store When Using JPS-Based Security.
-
Create security policies. Refer to Section 6.3.2, "Defining Security Policies for Reports" to use Oracle Enterprise Manager to update the report security policies defined in Oracle Internet Directory.
-
Map users to application roles. For more information about mapping users to application roles, see Mapping Users to Application Roles.
|
JAZN-XML Authorization with Single Sign-On Authentication for Reports Servlet
|
|
This scenario involves the following:
|
To use this combination of authentication and authorization, complete the following steps:
-
Enable Single Sign-On. See Enabling and Disabling Single Sign-On.
-
Enable JPS-based security. by editing reports server config file.
-
Ensure that all users that are present in the Oracle Internet Directory used by Single Sign-On are in the ID store used by JPS. Alternatively, configure JPS to point to the ID store used by Single Sign-On.
-
Add the following property in the jps-config-jse.xml file:
<property name="oracle.security.jps.enterprise.user.class" value="weblogic.security.principal.WLSUserImpl"/>
-
Create security policies. Refer to Section 6.3.2, "Defining Security Policies for Reports".
-
Map users to application roles. For more information about mapping users to application roles, see Mapping Users to Application Roles.
-
If the system-jazn-data.xml file is used as the policy store, search for the "reports" application in the system-jazn-data.xml file. Database is used as default policy store. It is not recommended to change this to file based policy store (system-jazn-data.xml ). To use JPS to authorize users in Oracle Internet Directory, add the corresponding users in the member section of the system-jazn-data.xml file. See Section 15.4.2, "Additional Step When Using JPS for Authorization".
|
JAZN-XML Authorization with JPS-OID Authentication for Other Reports Clients
|
|
This scenario involves the following:
|
To use this combination of authentication and authorization, complete the following steps:
-
Enable JPS-based security by editing reports server config file.
-
Add the following property in the jps-config-jse.xml file:
<property name="oracle.security.jps.enterprise.user.class" value="weblogic.security.principal.WLSUserImpl"/>
-
Configure JPS-OID as an ID store. See Configuring External Oracle Internet Directory as ID Store When Using JPS-Based Security.
-
Create security policies. Refer to Section 6.3.2, "Defining Security Policies for Reports" to update the report security policies defined in Oracle Internet Directory.
-
Map users to application roles. For more information about mapping users to application roles, see Mapping Users to Application Roles.
-
If the system-jazn-data.xml file is used as the policy store, search for the "reports" application in the system-jazn-data.xml file. Database is used as default policy store. It is not recommended to change this to file based policy store (system-jazn-data.xml ). To use JPS to authorize users in Oracle Internet Directory, add the corresponding users in the member section of the system-jazn-data.xml . See Section 15.4.2, "Additional Step When Using JPS for Authorization".
|