Step 5: Configure Oracle Business Intelligence Enterprise Edition (OBIEE) for Single Sign-On (SSO)

1. Enable WebLogic Plug-In Support

1.1 Access the WebLogic Admin Console

• Go to: http://test.public.myvcn.oraclevcn.com:9500/console

• Log in with WebLogic administrator credentials.

1.2 Enable WebLogic Plug-In

• Navigate to: Domain Structure > Clusters > bi_cluster

• Click "Lock & Edit"

• Scroll to the Advanced section and enable "WebLogic Plug-In"

• Click Save, then Activate Changes

2. Configure Authentication Providers in WebLogic

2.1 Navigate to Security Realms

• Go to: Domain Structure > Security Realms > myrealm > Providers

• Click "Lock & Edit"

2.2 Add Authentication Providers

• Add:

  • OIDAuthenticator

  • SAMLAuthenticator

• Reorder them accordingly.

• Click "Activate Changes"

3. Configure OBIEE in Enterprise Manager

3.1 Access OBIEE Enterprise Manager

• Go to: http://test.public.myvcn.oraclevcn.com:9500/em

3.2 Enable Identity Store Virtualization

• Navigate to: WebLogic Domain > Security > Security Provider Configuration > Identity Store Provider

• Click Configure

• Add property:

  Copy

  virtualize = true

4. Configure SSO Logoff URL

4.1 Open the Security Tab

• Navigate to: Business Intelligence > coreapplication > Security

• Click "Lock & Edit"

4.2 Add Logoff URL

• Enter:

  Copy

  https://<your-environment>.savantage.net:14101/oam/server/logout

• Click Apply, then Activate Changes

5. Configure SSO in BI Publisher

5.1 Access BI Publisher

• Go to: http://test.public.myvcn.oraclevcn.com:9502/xmlpserver

5.2 Enable Single Sign-On

• Navigate to: Administration > Authentication

• Enable:

  • Use Single Sign-On

  • Oracle Access Manager as SSO Type

• Set logoff URL:

  Copy

  https://test.public.myvcn.oraclevcn.com:14101/oam/server/logout

• Save changes

6. Restart OBIEE

• Restart the OBIEE domain to apply configuration changes.

• Confirm that all services restart successfully.

7. Map OID Groups to OBIEE Application Roles

7.1 Access Role Mapping

• Go to: Enterprise Manager > Business Intelligence > coreapplication > Security > Application Roles

7.2 Assign Groups

• Map groups from Oracle Internet Directory (OID) to roles:

  • OIDBIConsumers → BIConsumer

  • OIDBIContentAuthors → BIAuthor

  • OIDBIServiceAdministrator → BIAdministrator

  

8. Test the SSO Integration

• Access: http://test.public.myvcn.oraclevcn.com:7777/analytics

• You should be redirected to the OAM login page.

• After successful login, OBIEE should open with the appropriate access.