tailieunhanh - Applied Oracle Security: Developing Secure Database and Middleware Environments- P62

Applied Oracle Security: Developing Secure Database and Middleware Environments- P62:Computer security is a field of study that continues to undergo significant changes at an extremely fast pace. As a result of research combined with increases in computing capacity, computer security has reached what many consider to be “early adulthood.” From advances in encryption and encryption devices to identity management and enterprise auditing, the computer security field is as vast and complex as it is sophisticated and powerful | 584 Part IV Applied Security for Oracle APEX and Oracle Business Intelligence bipublisheradmin The credentials for BI Publisher impersonation The credentials for the impersonator user used in single sign-on SSO configurations You should run cryptotools three times to set up each of these three credentials. Also the passphrase used to encrypt the password should be the same for each set of credentials failure to do this actually results in a presentation server that will not start. BI Publisher Superuser Before making any changes to BI security settings I highly recommend that you set up a BI Publisher superuser. As mentioned if you do not do this it will be easy to lock yourself out of BI Publisher completely. I also recommend using a username that is unique to BI Publisher that is a username that does not exist in your Oracle BI identity store . After setting up a superuser and password you need to restart BI Publisher. Test this new user and make sure you can login as that user. The superuser is a back door into BI Publisher that will work no matter what security scheme BI Publisher is configured to use. Other BI Publisher Configuration Steps You should also make a few more changes to BI Publisher after Oracle BI authentication is set up and working. First edit the BI EE JDBC data source to use the internal administrator account Administrator. Make sure that you leave the Use Proxy Authentication option checked as shown in Figure A-1. This should always be used for BI server data sources. When this is checked queries against the BI server will use a shared connection pool but will execute under the permissions of the actual user logged into BI Publisher. This Proxy Authentication feature is also used when executing BI Publisher reports in a VPD-enabled Oracle Database. I like setting up the JDBC connection first because I can test the connection there. Next you should perform the security configuration. Specify that you will use the BI server for your BI .