How to configure BI Publisher Security model
Once we installed the Oracle BI Publisher, the common question arise is where am I going to save my credentials, which is usernames and passwords in BI Publisher. First, we need to check who are all the user going to access BI Publisher and where their information is used. In an enterprise level organization, the username and passwords are stored in an LDAP Server, Oracle database or an external application. In a smaller company, they directly add the credential information inside the application. Whatever case, Oracle BI Publisher both feature. The below table outlines the supported BI Publisher Security Model, that is where we can store credentials.
As you seen in the above table, we can save the BI login information either in an external application like LDAP or directly inside the application. In this section, we explain how to setup the default BI Publisher Security Model. The BI version I am using her is 12C.
1. Setup BI Publisher Security Configuration
1.1) Login into XMLPSERVER as BI Administrator (WebLogic), Click Administration on the top right corner and Click Security Configuration under Security Center
1.2) Make sure to Enable Local Superuser and input a username and password. This is a BI admin account and helpful in case if we do anything wrong.
1.3) If you want to setup SSO, enable it here on the same page
1.4) Scroll to the bottom of the page and select the Security Model. Default Fusion Middleware is selected. You can change theBI Publisher Security model you want. BI must be restarted for the changes takes effect
Oracle Fusion Middleware => Input the usernames and passwords in WebLogic Security Realm and associate the BI roles in Fusion Middleware (/em)
Bi Publisher => Add the usernames and passwords directly inside XMLPSERVER. (After Restart, Login into BI, Administration, Security Configuration, User, and Roles )
BI Server => Add the username and password inside Analytics
LDAP => Input the LDAP server configuration where the credentials are stored
Oracle Database => Input the Oracle database connection where your credentials are stored
Oracle E-Business Suite => BI Publisher will use credentials from E-Business Suite
Siebel Security => BI Publisher will Siebel credentials
2. Security Model – Oracle Fusion Middleware
As you see in the above image, Fusion Middleware is the default security model in BI Publisher, so the question is where being I am going to add the username and passwords.
2.1) Login to the WebLogic console where the bi is running (URL: http://host:port/console, default username: WebLogic),
2.2) Click New to add a new user
2.3) Once the user added, Go to the enterprise manager (URL: http://host:port/em , User: WebLogic ), click on the WebLogic Domain, Security, and Security Configuration
On BI 11G: Expand the Weblogic domain on the left-hand side, Right click on the domain, Security and Application Roles
2.3) Search for obi in Application Stripe, Select BI Consumer or BI Service Administrator, Click Edit and add the add the user. Now the added user can login into BI Publisher
BI Consumer => User having access to run reports in BI Publisher
BI Service Administrator => User can run & do administer BI Publisher
That’s it. Please leave a comment below if you have any questions.
The views expressed on this blog are my personal views and do not necessarily reflect the views of my employer.
Please feeling free to reach me on any comments and feedbacks you have. Would be more than glad to listen and reply 🙂