Authentication in OBIEE

Authentication is the process of validating the user's credentials logging in.  Three types of authentication that can be performed in OBIEE are

a)      RPD Authentication (Default)

b)      External Database Authentication

c)      LDAP (Light Weight Directory Access Protocol)

a) RPD Authentication

This authentication is the default authentication which can be set up in RPD in offline mode.This is simple and straight forward authentication where users are created in RPD with respective passwords.

à Open RPD in offline à go to Manage -> Security -> Create users/groups

Keep logging level – 2 for the users so that log can be seen in Answers where we can check the resulting SQL query.

b) External DB Authentication

Create a table in database with userid’s and passwords as columns. This table can be used for authentication for userid’s and passwords.

à Open RPD in offline mode > Manage> Variables> Action> new> session> initialization block.

Name- Anything(DB Authentication) then go to EDIT DATA SOURCE and write a SQL Query to authenticate the user logged in.

 

Give connection pool details, test the query and go to EDIT DATA TARGET

New Variable > name >UserId and check required for authentication.

more detailed explanation is given by Kumar here

d)     LDAP

This is a real time technique for authentication. Before doing Authentication create all the groups that are needed in RPD.

Goto manage> Variables> action>new>session>Init Block, name – LDAP Authentication, datasource type – LDAP

New and give respective details which are usually provided by LDAP Admin. In advanced, domain identifier.

SSL – Secured Socket Layer, if checked ask admin for .kdb(key database files)

Copy them and paste in c:\OBI\Server\Config.

Sometimes certificates are converted to kdb files using Ikey manager.