Categories
- All Categories
- 15 Oracle Analytics Sharing Center
- 15 Oracle Analytics Lounge
- 208 Oracle Analytics News
- 41 Oracle Analytics Videos
- 15.7K Oracle Analytics Forums
- 6.1K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 76 Oracle Analytics Trainings
- 14 Oracle Analytics Data Visualizations Challenge
- Find Partners
- For Partners
limit the running of specific reports based on a user's role
Summary
limit the running of specific reports based on a user's role
Content
Hi,
I am using Oracle® Business Intelligence Publisher 11g Release 1 (11.1.1) in my application.
In our application,we have a requirement that users with a specific role should only access specific reports.
For example 'user1' with role 'role1' should be to access only 'report1' & 'user2' with role 'role2' should be to access only 'report2'.
'user1' should NOT be allowed to access 'report2' & viceversa.
To test this
1)I have created users (user1,user2) & roles(BIP_Group, BIP_Group2) in Weblogic console of BIP(In weblogic's default LDAP)
2)Created 2 application roles( BIP_Group, BIP_Group2) through Weblogic em console & mapped to the above roles
3)Login into BIP instance as Administrator & give different permissions to roles BIP_Group, BIP_Group2.
However it is observed that every user that is logged into BIP(user1,user2 etc) is having 'BIConsumers' role by default.
As per the documentation,The BIConsumers group represents all users that have been authenticated by BI Publisher. By default, every authenticated user is automatically added to this group.
As a BIP administrator,there is no option to uncheck/remove privilege for 'Run Report Online','Schedule Report','View Report Output' for any of the default default user groups BIAdministrators,BIAuthors,BIConsumers.(Attached screen shot of the same)
So please help me understand if the requirement of "limiting the running of specific reports based on a user's role" can be achieved & if possible please help me on how to achieve it.
Thanks,
Praveen
Answers
-
Hi,
Any help on implementing the above
0 -
Hi,
I believe your Default Authenticator is on top with "Control Flag: SUFFICIENT"
Authentication providers are called in the order in which they were configured in the security realm. Therefore, use caution when configuring Authentication providers. You can use the WebLogic Administration Console to re-order the configured Authentication providers, thus changing the order in which they are called. See Changing the Order of Authentication Providers.
Source:https://docs.oracle.com/cloud/latest/as111170/SECMG/atn.htm#SECMG171
Try re-ordering your providers and leave "weblogic's default LDAP" on TOP.
Regards,
Youssef
0