search

Oracle Business Intelligence Enterprise Edition (OBIEE)

hashtag
Overview

This document provides detailed instructions for configuring SSO for OBIEE through OAM using HES. The described configuration assumes the following scenario:

  • An end user connects to Oracle WebGate by a web browser which works as a connection proxy for OBIEE

  • WebGate checks if the user is authenticated and if not then redirects the HTTP request to OAM

  • OAM works as SAML 2.0 Service Provider and redirects the request to HES which works as SAML 2.0 Identity Provider

  • HES authenticates the user by any available and configured for the user method and returns a SAML 2.0 response to OAM

  • OAM maps the authenticated user to the Oracle Internet Directory user account by email

  • OAM redirects the response to WebGate with authenticated token in cookie

  • WebGate creates an OBIEE session and authorizes the user in OBIEE

hashtag
Prerequisites

The document doesn’t provide any instructions for installation and standard configuration of all solution components and assumes that all required installation and configuration steps should be completed according to their installation guides. The document assumes the following components:

  1. HES is deployed in the cloud and is accessible by URL: https://oracle.hideez.com

circle-info

Important: HES should be configured to sign both response and assertion

  1. All Oracle components are deployed on a single VM in the Oracle cloud and are accessible by URL: http://test.public.myvcn.oraclevcn.com The VM contains the following Oracle products:

  • Oracle Database 19.3

  • Oracle Business Intelligence Enterprise Edition 12.2.1.4 (WebLogic domain is bi)

  • Oracle HTTP Server with WebGate 12.2.1.4 (WebLogic domain is ohs). Oracle HTTP Server installed as a Standalone HTTP Server

  • Oracle Internet Directory 12.2.1.4 (WebLogic domain is oid)

  • Oracle Access Manager 12.2.1.4 (WebLogic domain is oam)

hashtag
Main Configuration Stages

Please review the main configuration steps below before proceeding with the detailed instructions. Each step links to a dedicated section.

hashtag
1. Configure the Identity Provider — Hideez Enterprise Server (HES)

hashtag
2. Configure the Service Provider — Oracle Access Manager (OAM)

hashtag
3. Register Oracle Access Manager (OAM) in Hideez Enterprise Server (HES)

hashtag
4. Configure Directory Services and Web Infrastructure

hashtag
5. Configure Oracle Business Intelligence Enterprise Edition (OBIEE) for Single Sign-On (SSO)

PreviousOktaNextStep 1: Configure the Identity Provider — Hideez Enterprise Server (HES)

Last updated