Professional Documents
Culture Documents
OBIEE and WebLogic as well as introducing security concepts including the use of
security groups and application roles to control data access.
Before you start
Before proceeding with this tutorial, you will need:
Once you have each of these in place, you are ready to proceed.
Viewing your own user permissions
Log into the OBIEE WebLogic console using your admin credentials and proceed
to the "welcome" screen.
1. Click on your user name in the top right-hand corner of the screen and
select My Account from the drop-down menu:
2. In the My Account pop-up box, select the Roles and Catalog Groups
tab:
This will then show a list of the groups to which your account belongs:
2. The main console pane will now refresh. Click on the relevant realm from
the list displayed. In our example it is called myrealm (which also
happens to be the default realm created when first installing OBIEE).
3. With the details of myrealm loaded, select the Users and Groups tab:
4. You will now be presented with a table containing the registered OBIEE
users:
Bear in mind that the system displays only ten accounts at a time by
default. You can change this by clicking the Customize this table link
and making adjustments as you see fit.
Creating a new WebLogic user
Creating a new WebLogic user account is relatively straightforward too.
1. From within the Users and Groups tab of the myrealm security realm
click the New button:
2. Complete the Create a New User form ensuring that you supply a Name
and a Password at the very least:
Click OK to continue.
3. You are now returned to the list of users where you will see a message
confirming successful creation of the new user account:
You should be able to test the new account by trying to log into the WebLogic
interface with the user name and password you just created. Rememeber that
this new account will have relatively restricted access to WebLogic functions
based on the default new user account settings.
Checking Application Role permissions
Users can also be assigned permissions via Application Roles. Application
Roles apple security group permissions to user accounts, adding an additional
layer of security. Application Roles can be modified by logging into
the Enterprise Manager Fusion Control interface with an admin-level
account.
4. Click the Configure and Manage Application Roles link at the bottom
of the page:
5. When the screen reloads you will be able to see a list of the available
application roles. By selecting one, in this case BIConsumer, you will then
see a list of users who are members of that role:
Check for the group that you want to add your new user to - for our
example we will be working with the group that has already been defined
as BIAuthors.
As before the system displays just ten groups by default. You can change
the number of records displayed by clicking the Customize this
table link and making the necessary alterations.
2. Click the Users sub-tab above the tableand then select the new user's
name from the table displayed.
3. When the Settings screen reloads, click the Groups tab:
4. Select the desired Parent Group from the list on the left, then click the
blue arrow to add it to the Chosen column: