OBIEE - Authorization

Obi Edition


Authorization process in an OBIEE context.

The object authorization are specified with the help of :

  • Permissions in the BI Server
  • and Privileges in the BI Presentation Service

This process is first restrictive Ie, you can do anything and a user is granted some permissions/privileges with the help of a group.


The Oracle BI Server allows you to create groups and then grant membership in them to users or other groups.

Group Inheritance: Privileges granted explicitly to a user have precedence over privileges granted through groups, and privileges granted explicitly to the group take precedence over any privileges granted through other groups.

You can think of a group as a set of security attributes.

The Oracle BI Server groups are similar to:

  • groups in Windows NT and Windows 2000,
  • and to groups or roles in database management systems (DBMS).

Like Windows NT and Windows 2000, and database groups or roles, Oracle BI Server groups can allow access to objects. Additionally, Oracle BI Server groups can explicitly deny particular security attributes to its members.

Groups can simplify administration of large numbers of users. You can grant or deny sets of privileges to a group and then assign membership in that group to individual users. Any subsequent modifications to that group will affect all users who belong to it.


In 10G, GROUP need to be manually created in OBIEE repository. However, if the users are externally defined (LDAP servers ,…) , the group membership information must be obtained from a database table and set up in the GROUP session variable.

Discover More
Bi Server Architecture With Client
OBI Server - User

User is a system session variable that: represent an account holds the value the user enters as his or her logon name. It is involved: in the authentication security process to set it up and...
Obi Edition
OBIEE - Security

To determines who has the ability to view data and objects, you can combine several parameters configuration on different security levels: Object Security: business logic security (repository) and catalog...

Share this page:
Follow us:
Task Runner