Hi i have the same scenario what you have done. I have created Custom Identity asserter Provider and generated token and logged in to th OBIEE analytics like http://192.168.56.102:7001/analytics/saw.dll?bieehome&startPage=1&NQUser=user1&NQPassword=token
the user is authenticated in OBIEE but am getting only authenticated roles. But when i login through OBIEE with password am getting all the roles assigned for the user. Can you say what am missing.