The hundreds of BI Security notes on Oracle Support, the countless blogs dedicated to OBIEE 11g security configuration, the myriad of configuration scenarios, test conditions, and troubleshooting steps documented in Oracle's Fusion Middleware Guide for Oracle Business Intelligence - what does all of this mean? The configuration of security within the OBIEE 11g platform is easier said than done.
With the release of OBIEE 11g, Oracle has made efforts to mitigate (or at least rule out) the potential risks associated with security configuration in their new weblogic-centric model. This is achieved through a little known helper utility called the 'Oracle BI Security Diagnostics' tool. This tool gives developers the ability to:
![]()
![]()
And finally a success message "Added code grants to bidiagnostics" which really just means the EAR file is ready for deployment in AdminServer.
![]()
![]()
![]()
With the release of OBIEE 11g, Oracle has made efforts to mitigate (or at least rule out) the potential risks associated with security configuration in their new weblogic-centric model. This is achieved through a little known helper utility called the 'Oracle BI Security Diagnostics' tool. This tool gives developers the ability to:
- Diagnose security configuration issues within OBIEE
- Test BISystemUser configuration settings
- Test authentication of users
Step 1: Install the Oracle BI Security Diagnostics helper via WLST
In your unix terminal, execute the following command:e.g.
MW_HOME/ORACLE_HOME/common/bin/wlst.sh addDiagnosticsCodeGrant.py t3://<WebLogic_host_name>:<WebLogic_port_number>
mw_home/Oracle_BI1/common/bin/wlst.sh addDiagnosticsCodeGrant.py t3://localhost:7001You're going to be taken through a series of terminal interactions starting with the initalization of WLST:
Followed by log-in credentials to connect to WLST:
Step 2: Deploy bidiagnostics.ear to AdminServer
In Admin Console (default 7001/console), navigate to Deployments -> Control tab and look for a deployment called 'bidiagnostics (11.1.1)' . Check the corresponding box and click 'Install':
The deployment is a straight forward process, and after the installation is complete just make sure you set the bidiagnostic application to 'Active'.
Step 3: Access the BI Diagnostic Helper
Once the installation is complete, you can navigate to the application by accessing the following url:
http://mycomputer:7001/bidiagnostics/security/diagnostics.jspYou'll be taken to a very simple UI that will give you the opportunity to perform basic security diagnostics and (hopefully) resolve any OBIEE 11g security issues you may encounter!
