How to integrate EBS security with OAS (without SSO)

Shailesh Pandey-Oracle

Hi Experts,

We have a requirement to authenticate EBS users into the newly upgraded OAS application. In the last version, i.e., OBIEE 12c, it was working with the session variable with init-block, but now in OAS, this approach is not working because this feature is deprecated. Now we are trying to use SQL Authenticator as one of the providers in WebLogic, but we are not able to read passwords directly from the FND_USER table. Kindly assist. Do we have any other approach that helps integrate EBS security with OAS, The Oracle document (Doc ID 2825669.1) explains this process with some customization and applying patches, but it seems this is a half-cooked solution as we need to disable lightweight SSO as one of the steps and we cannot login to DV and analytics together in one session.

TetyanaH-Oracle

Greetings,

Init Block authentication mechanism including the EBS ICX integration is a depreciated feature in OAS (see Doc ID 2622528.1), it will likely be fully de-supported in coming OAS releases. This approach is heavy on performance, so in OAS, the recommended alternative authentication method for E-Business Suite integration is to use a common, certified SSO solution over both E-Business Suite and OAS, backed by an Oracle Analytics-certified identity store. Though, action links back to E-Business Suite, and data security based on a user’s current EBS Responsibility will not work in this case. However, all the functionality that could not be used due to use of the Init Block authentication will be available so there is a massive functional gain my making the change.

For example, you can configure OAS with OAM. OID and BISQLGroupProvider for authentication and authorization.

For OID and BISQLGroupProvider, configuring LDAP as the Authentication Provider ,and Storing Groups in a Database refer to this doc link: https://docs.oracle.com/en/middleware/bi/analytics-server/security-oas/configue-oracle-analytics-server-use-alternative-authentication-providers.html#GUID-4A9708C8-306A-4689-BE48-43ECA144A631

For SSO, https://docs.oracle.com/en/middleware/bi/analytics-server/security-oas/configure-sso-oracle-access-manager-environment.html#GUID-885C518B-BE3D-4F3E-8970-D6B9D4F42DDE

The following document is for an older version, but you can refer to it, if you have any questions from the above doc link:

OBIEE 12c: How To Configure OBIEE 12c with Oracle Access Manager (OAM) SSO using OHS 12c WebGates for OAM (IAM) 11g and OID 11g (IDM) (Doc ID 2097038.1)

Other comments are welcome!