Oracle BI Practice: OBIEE 11g Act as Functionality (Proxy User)

The act as functionality is a proxy authentication functionality which authorize a user to act as another user when navigating in Presentation Service.

When a user (called the proxy user) acts as another (called the target user), the proxy user can access the objects in the catalog for which the target user has permission.

Enabling a user to act for another is useful, for example:

1. when a manager wants to delegate some of his work to one of his direct reports

2. When IT support staff wants to troubleshoot problems with another user’s objects.

Brief Steps:

1. Defining the Association Between Proxy Users and Target Users

2. Creating Session Variables for Proxy Functionality

3. Creating a Custom Message Template for Proxy Functionality

4. Modifying the instanceconfig.xml File for Proxy Functionality

5. Assigning the privilege and restarting the BI Presentation Service

Step 1. Defining the Association between Proxy users and Target users

Create table in database

CREATE
TABLE OBEE11G_PROXY
(
PROXY_USER_ID VARCHAR2(30 BYTE) NOT NULL ,
PROXY_TARGET_ID VARCHAR2(30 BYTE) NOT NULL ,
PROXY_LEVEL VARCHAR2(10 BYTE) NOT NULL ,
CONSTRAINT OBEE11G_PROXY_PK PRIMARY KEY ( PROXY_USER_ID , PROXY_TARGET_ID )
ENABLE
) ;

PROXY_USER_ID: ID of the proxy user
PROXY_TARGET_ID: ID of the target user
PROXY_LEVEL: Proxy level (either full or restricted). A Restricted level gives you only a read access.

The table should be as follows-

PROXY_USER_ID	PROXY_TARGET_ID	PROXY_LEVEL
Ronald	Edward	full
Timothy	Tracy	restricted
Jeanne	Natalie	full
William	Kelly	restricted
Gail	Michael	restricted

Step 2. Create Session variables

· Import the physical table in the Repository

· Create a session variable PROXY

· Create a session variable PROXYLEVEL

Step 3. Creating a Custom Message Template for Proxy Functionality

In this step create “LogonParamSQLTemplate.xml” file and place it under “<Middleware Home>\Oracle_BI1\bifoundation\web\msgdb\customMessages”-

My Location- C:\Oracle\Oracle_BI1\bifoundation\web\msgdb\customMessages

Note : If you dont find the folder ‘customMessages’ , then create create folder with the name ‘customMessages’ and place the ‘LogonParamSQLTemplate.xml’ file.

The content for LogonParamSQLTemplate.xml file is as follows-

<?xml version="1.0" encoding="utf-8" ?>

<XML>

<getValues>EXECUTE PHYSICAL CONNECTION POOL "VARIABLE" select PROXY_TARGET_ID from OBIEE_PROXY where PROXY_USER_ID='@{USERID}'

</getValues>

<verifyValue> EXECUTE PHYSICAL CONNECTION POOL "VARIABLE" select PROXY_TARGET_ID from OBIEE_PROXY where PROXY_USER_ID='@{USERID}' and PROXY_TARGET_ID='@{VALUE}'

</verifyValue>

<getDelegateUsers>EXECUTE PHYSICAL CONNECTION POOL "VARIABLE" select PROXY_TARGET_ID, PROXY_LEVEL from OBIEE_PROXY where PROXY_TARGET_ID='@{USERID}'

</getDelegateUsers>

</logonParam>

</XML>

</WebMessage>

</WebMessageTable>

</WebMessageTables>

Step 4- Modifying the instanceconfig.xml File for Proxy Functionality

Between the <ServerInstance> node, you can insert:

<LogonParam>
<TemplateMessageName>LogonParamSQLTemplate</TemplateMessageName>
<MaxValues>100</MaxValues>
</LogonParam>

The name that you specify in the <TemplateMessageName> element must match the name that you specify in the <WebMessage> element in the custom message file.