Oracle Business Intelligence uses a role-based access control model. Security is defined in terms of Application Roles that are mapped to directory server groups and users.
To define a complete security model, you have then to define:
The simplest way to set up security is to create Users and map them to the default Groups (that is, BIConsumers, BIAuthors, and BIAdministrators) that are installed out-of-the-box.
A security provider is a security repository that you can call in order to get security information.
Any Oracle Business Intelligence installation makes use of the following types of security providers:
In Oracle Business Intelligence release 11g, the security policy definition is split across the following components:
This defines:
that the Users with specific Application Roles can access.
.
Presentation Services does not have its own authentication system; it relies on the authentication system that it inherits from the Oracle BI Server. All users who sign in to Presentation Services are granted the AuthenticatedUser role and any other roles that they were assigned in Fusion Middleware Control.
When you assign permissions and privileges in Presentation Services, you can assign them in one of the following ways:
This defines which Application Roles and users have access to which items of metadata within the repository. The Oracle BI Administration Tool through the security manager is used to define this security policy.
Administration Tool enables you to perform the following tasks:
The policy store through the application policies defines which Oracle BI Server, BI Publisher, and Real Time Decisions functionality can be accessed by given users or users with given Application Roles.