Scribd Logo
Importer

Bienvenue sur Scribd !

  • External Table Authentication-Obiee11g

    Transféré par

    Naresh Ch
    459 vues14 pages
    This Document helps to you better understand on how to use external Table for Authentication.

    Titre original

    External Table Authentication-obiee11g

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formats disponibles

    DOCX, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    This Document helps to you better understand on how to use external Table for Authentication.

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    459 vues14 pages

    External Table Authentication-Obiee11g

    Transféré par

    Naresh Ch
    This Document helps to you better understand on how to use external Table for Authentication.

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 14

    OBIEE 11g6: Authentication first with LDAP then with External Database Table

    Here I am going to demonstrate where on set of users present in the LDAP server as well as another set of users and passwords present in an External Oracle Database Table (here SECURITYTABLE) can login into the http://localhost:9704/analytics, the Oracle Analytics. 1. Create the oracle database table for external authentication as shown below: CREATE TABLE SECURITYTABLE ( ID NUMBER, GRP VARCHAR2(20), PWD VARCHAR2(20), SALESREP VARCHAR2(20), USERNAME VARCHAR2(20) ) ;Insert into SECURITYTABLE (ID,GRP,PWD,SALESREP,USERNAME) values (1,SalesAdmin,'az,'ALAN ZIFF,'AZIFF); Insert into SECURITYTABLE (ID,GRP,PWD,SALESREP,USERNAME) values (2,SalesAdmin,'at,'ANDREW TAYLOR,'ATAYLOR); Insert into SECURITYTABLE (ID,GRP,PWD,SALESREP,USERNAME) values (3,SalesRep,'aj,'ANN JOHNSON,'AJOHNSON); Insert into SECURITYTABLE (ID,GRP,PWD,SALESREP,USERNAME) values (4,SalesRep,'bj,'ANNE WILLIAMS,'AWILLIAMS); Insert into SECURITYTABLE (ID,GRP,PWD,SALESREP,USERNAME) values (5,SalesRep,'bn,'BETTY NEWER,'BNEWER); Insert into SECURITYTABLE (ID,GRP,PWD,SALESREP,USERNAME) values (6,SalesRep,'cd,'CHRIS DREW,'CDREW); Insert into SECURITYTABLE (ID,GRP,PWD,SALESREP,USERNAME) values (7,SalesRep,'cm,'CHRIS MUIR,'CMUIR); Insert into SECURITYTABLE (ID,GRP,PWD,SALESREP,USERNAME) values (8,SalesRep,'da,'DALE AREND,'DAREND); Insert into SECURITYTABLE (ID,GRP,PWD,SALESREP,USERNAME) values (9,SalesRep,'df,'DALE FAIRWEATHER,'DFAIRWEATHER); Insert into SECURITYTABLE

    (ID,GRP,PWD,SALESREP,USERNAME) values (10,SalesRep,'ds,'DICK SCHMIDT,'DSCHMIDT); 2. Open the Oracle BI Administration Tool and Open Online the file e.g: C:OracleFMWinstancesinstance1bifoundationOracleBIServerComponentcoreapplication _obis1repositorySampleAppLite.rpd

    3. Right click the ORCL connection in the Physical layer pane and select New Object -> Connection Pool 4. Enter SECURITY for the Name: field. 5. Select OCI 10g/11g for the Call interface: 6. Select ORCL for the Data source name: 7. Enter BISAMPLE, BISAMPLE for the User name: and Password: fields respectively. 8. Then click the OK button.

    9. Enter BISAMPLE in the Confirm Password window and click the OK button.

    10. Right Click the SECURITY connection pool in the Physical layer pane and select Import Metadata

    11. Select the ORCL entry and enter the BISAMPLE for both the User Name: and Password: fields, then click the Next button.

    12. Click Next button with below checkboxes select as show in screenshot.

    13. Select the SECURITYTABLE and click on the single > button to update the Repository View: as shown below, then click Finish button.

    14. Now you should be able to see SECURITYTABLE in the Physical layer pane as shown below:

    15. Right Click on the SECURITYTABLE and select View Data. 16. On the Select Connection Pool you want to use for database ORCL window, select SECURITY then click on Select button.

    17. You should now able to view the data table show below: 18. Click on the Close button.

    19. On the Administration Tool Menu select Manage -> Variables 20. In the Variable Manager window, right click on the right pane and select New Initialization Block

    21. On the Session Variable Initialization Block window click the Edit Data Source button. 22. In the Session Variable Initialization Block Data Source window select Database for the Data Source Type: field 23. Select the Default initialization string button and enter the below SQL:
    SELECT GRP, SALESREP, USERNAME, 2 FROM SECURITYTABLE WHERE USERNAME = ':USER' AND PWD = ':PASSWORD'

    24. Click the Browse button and in the Select Connection Pool window select SECURITY the click the Select button as show below:

    25. Then click OK button to close the Session Variable Initialization Block Data Source window. 26. In the Variable Target section click on the Edit Data Target 27. In the Session Variable Initialization Block Variable Target window click on New button. 28. In the Session Variable window enter GROUP for Name: field and click on the OK button

    29. Click Yes on the Warning pop-up window.

    30. Similarly create all 4 Session Variables: GROUP, DISPLAYNAME, USER and LOGLEVEL as show below. 31. Click on the OK button to close the window.

    32. Finally on the Session Variable Initialization Block window enter Security for the Name: field. 33. Make sure Required for authentication check box is NOT Selected. 34. Verify entries as in below screenshot and Click OK button.

    35. On the Variable Manager select Action -> Close. 36. On the Administration Tool window menu select Save. 37. Select Yes to the Do you wish to check global consistency? and make sure no Warnings or Errors are shown. 38. Now go to the URL: http://locahost:7001/em and login with the admin user weblogic . 39. Goto Administration on the top menu and under Security section select Manage Catalog Groups

    40. Click the + icon with Create a new catalog group tooltip.

    41. On the Add Group window enter SalesAdmin for the Catalog Group Name * and click on the OK button. 42. Create another catalog group with the same procedure above: SalesRep.

    43. Now goto the URL: http://localhost:7001/em to deploy the latest SampleAppLite.rpd that we modified above. 44. Goto the Farm_bifoundation_domain -> Business Intelligence -> coreapplication on the left pane. 45. On the right pane select Deployment -> Repository tabs. 46. The click on the Lock and Edit Configuration link above the Deployment tab. 47. Click the Close button once the pop-up window appears.

    48. Select the Browse button and goto the location of the SampleAppLite.rpd file and click on Open. 49. Enter the Repository Password and Confirm Password entries as Admin123. 50. Then click the Apply button on the top right. 51. Then click on the Activate Changes link. 52. Click Close button one Activate Changes Completed Successfully show up. 53. Then click on the Restart to apply recent changes link. 54. After the Overview screen show up click on the blue Restart button. 55. Click the Yes button when Are you sure you want to restart all BI components? shows up 56. Click on the Close button one the Restarted Successfully shows up. 57. Now we are ready to test the LDAP and External Table authentication. 58. Goto the URL: http://localhost:9704/analytics and login as adminstrator user weblogic 59. Select New -> Analysis -> Sample Sales in the Home section. 60. Select two columns from the Subject Areas section as show below: i.e Per Name Year and Revenue columns.

    61. Click on the Save Analysis icon and browse to Shared Folders -> 11g Shared (if not there you can create one 62. Enter Revenue Sales for the Name Field and click the OK button. 63. Now goto the Catalog tab and select More -> Permissions for the Revenue Sales . 64. On the Permission window select the BI Consumer Role and click the X icon to delete that permission. 65. Click on the + icon to add a new permission. 66. On the Add Application Roles, Catalog Groups and Users window select Catalog Groups for the List field and click the Search button. 67. Select the SalesRep on the left side and click the blue > icon to move it to Selected Members on the right side as show below:

    68. Click the OK button.

    69. Verify the below entries are as shown below and click OK button on the Permission

    window. 70. Now Sign Out as the weblogic user and login giving User ID and Password as AJOHNSON and aj respectively. 71. Click the Catalog tab browse to Shared Folders -> 11g Shared folder. 72. On the Right click Open on the Revenue Sales.

    73. You able to see this since AJOHNSON user is under the SalesRep Group. 74. Now try a user under the SalesAdmin Group and see if you can open the same Revenue Sales

    75. Now Sign Out as AJOHNSON and login as ATAYLOR and password as at. 76. Click the Catalog tab browse to Shared Folders -> 11g Shared folder. 77. Here since your not in the BI Administrator Role or SalesRep group, the Revenue Sales report itself is invisible to you. Note: In order to override the LDAP authentication and use only External Database Table authentication, check the below check box in one of the previous steps.

    Summary: You would have observed we were able to login with both the administrator user weblogic whom is a part of the LDAP system and AJOHNSON whom exists in the external SECURITYTABLE oracle database table. Playing around with the authentication section on the weblogics console you can configure a variety of authentication combinations.

    Vous aimerez peut-être aussi