Authentication Options:
Oracle BI Server supports the following authentication types:
Operating system
When operating system authentication is enabled, users connecting to Oracle BI Server should not type a user ID or password at the logon prompt.If a user enters a user ID and (optionally) a password at the logon prompt, that user ID and password overrides the operating system authentication and Oracle BI Server performs the authentication.
To configure operating system authentication:
1. Enable operating system authentication in the NQSConfig.ini file.
2. Create a user in your repository named identically to the user ID in the trusted Windows domain.
3. Assign the group membership and rights that you want the user to have.
External table
• Instead of storing IDs and passwords in a repository, maintain lists of users and passwords in an external database table.
• Use Oracle BI session variables to get values.
LDAP
Database
Authenticates users through database logons
• To set up database authentication:
– Store user IDs (without passwords) in a repository.
– Import database to the repository.
– Specify authentication database in NQSConfig.ini.
Internal
Maintain lists of users and passwords in the repository using the Administration Tool.
• Oracle BI Server authenticates against this list unless:
– Another authentication method has already succeeded
– Database authentication is specified in NQSConfig.ini
Order of Authentication
1. Operating system (OS):
– No logon name
– Turned on in NQSConfig.ini
2. LDAP or external database table
– Populates session variables
3. Internal or database
Bypassing Oracle BI Security
It is possible to bypass Oracle BI Server security and rely on the security that is provided by issuing user-specific database logons and passwords.
No comments:
Post a Comment