Pages

Wednesday 19 September 2012

Lack of Data Security Filters


Area of Impact is Data Integrity and Performance

Data Security Filter Consequence

A lack of data visibility filters will enable all users who have access to specific subject areas to have access to all records, regardless of any visibility restrictions which may be implemented within the source applications. It can potentially impact the overall performance of such queries, as the user may return a larger dataset than what they are permitted in seeing.

What should be done :
The following provides a high level summary of the functionality provided by data security filters:

When a user logs in, the following two processes should take place:
Authentication
Verifies the user has the right to log in to the system
Authorization
The process of defining which “Application Roles” should be assigned to the user once they have successfully authenticated

Once the above two processes have taken place, there are three OBIEE components that apply “security policies” based up the user’s Application Roles:
Presentation Catalogue > Dashboard/report access and front-end privileges
BI Repository > RPD metadata access and data-visibility
FMW Policy Store > Access to BI Server (e.g. impersonation) and BI Publisher features

The default Roles has the following privileges in Oracle BI EE 11g:
BIAdministrator

  • Manage BI Repository (RPD)
  • Administer BI Publisher

BIAuthor

  • Privileges defined in BI Presentation Catalog
  • BI Publisher Develop / Design / Schedule Reports

BIConsumer

  • Privileges defined in BI Presentation Catalog
  • BI Publisher Excel / On-line Report Analyzer


Data filters can then be set within the OBIEE RPD via the Application Roles and Users through the “Manage > Identity” menu option.

The development team should use the above details provided and check whether similar security can be defined for the existing sources which are loaded into the data warehouse.

Further details on this topic can also be found in the following sections:
Oracle® Fusion Middleware > Security Guide for Oracle Business Intelligence Enterprise Edition > 11g Release 1 (11.1.1)

Posted by at No comments:
Labels: , , , ,

Wednesday 12 September 2012

Set a Dashboard Landing Page for all Users

If you want all your default and new users to go to a specific page when they login, and they have not set a specific page or their 'home' page is set to default then they can be directed via the PORTALPATH setting.

PORTALPATH

The PORTALPATH setting will only work if the user has not set a new default home page in their account settings.

You will need to make a few changes in the repository to enable this setting.

Open the repository and go to manage --> variables

Navigate the tree displayed and open up Session and then Variables and then System
You will create a new Session Variable here

Right click on the right hand side and select the new PORTALPATH or create a new variable PORTALPATH if no option is presented.

In the Default Initialiser - give the path to the required dashboard. eg /shared/samplesales/_portal/landingpage

Close the repository and those users without a default page in their account setting will instead land on the new landing page.
Posted by at No comments:
Labels: , , , , ,

Monday 3 September 2012

Patching support for OBIEE 10.1.3.4.1 ends on 30th September


Patching support for OBIEE 10.1.3.4.1 ends on 30th September 2012.


After September, there will be no more one-off patches available for OBIEE 10.1.3.4.1 or lower versions. If you wish to continue receiving one-off patches, should the situation arise, please apply the OBIEE 10.1.3.4.2 patch set.
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)