To set up the Siebel Security Model for Siebel Reports, the address field on the service port of the Siebel Server must reflect the name of the computer hosting the Oracle BI Publisher Server. You must also make sure certain responsibilities are assigned users and associated to the correct views. If this is a first-time Siebel Reports installation, you must also enable the Siebel Security Model.
NOTE: It is recommended that you use this security model. It is designed specifically for use with Siebel Reports.
This task is a step in “Configuring Security and Authentication for Siebel Reports” on page 53.
To set up and enable the Siebel Security Model for Siebel Reports
1 (First-time install only) Create the inbound Web service for the Siebel application by doing the following:
a Navigate to the Administration - Web Services screen, then the Inbound Web Services view. b Import the BIPSiebelSecurityWS.XML file from the SIEBEL_TOOLS_ROOT\REPPATCH directory
(where Siebel Tools is installed) to create a new inbound Web service. c In the Name field, query for BIPSiebelSecurityWS.
d Change the host and port number of the server port’s address to that of the Siebel Server. For example, you might replace the existing address with:
http:/computer.domain.com/eai_enu/
e Clear the cache and restart the Siebel Server.
2 (Upgrade only) Change view names in the Siebel application to reflect repository changes: a Navigate to the Administration - Application screen, then the Views view.
b In the View Name field, query for the following views and rename them:
c Clear the cache, log out of the Siebel application, and then log back in.
3 (First-time installation only) Create four new responsibilities and add appropriate users to each by doing the following:
a Navigate to the Administration - Application screen, then the Responsibilities view to create the responsibilities described in the following table.
NOTE: The reporting responsibilities in the Siebel application correspond to roles and permissions on the Oracle BI Publisher Server. The names of these responsibilities must exactly match the corresponding set of roles on the Oracle BI Publisher Server.
b Add appropriate users to each of the new responsibilities.
4 (Upgrade only) Verify the following responsibilities exist and confirm each are assigned the appropriate users:
■ XMLP_ADMIN ■ XMLP_DEVELOPER ■ XMLP_SCHEDULER ■ XMLP_SIEBEL_GUEST
Existing View Name New View Name All Template View All Template Report View
Manager’s Template View Manager’s Report Template View
Responsibility Description
XMLP_ADMIN Administrator role for the Oracle BI Publisher Server with no access limitations.
XMLP_DEVELOPER Assign this responsibility to allow for uploading reports from the Oracle BI Publisher Server to the Siebel application.
XMLP_SCHEDULER Assign this responsibility to allow for scheduling of reports. XMLP_SIEBEL_GUEST Assign this responsibility to limit access to reports. This
responsibility only allows for generation, viewing, and deletion of user’s own reports.
5 Make sure the scheduling views are associated with the appropriate responsibilities and users by doing the following:
a Associate the XMLP_ADMIN responsibility to all scheduling views, then assign that responsibility to just administrators.
b Associate the XMLP_SCHEDULER responsibility to the Report Job List View, and then assign that responsibility only to those users who run scheduled reports.
c Assign the XMLP_DEVELOPER responsibility to the following views, and then assign that responsibility only to users who register report templates (typically, report developers): ❏ My Template View
❏ All Template Report View
❏ Manager’s Report Template View
❏ Report Standard Template Registration Admin View
d Assign responsibility XMLP_GUEST responsibility to the following views, and then assign that responsibility to any user running reports:
❏ All Report Output List View
❏ Manager’s Report Output List View
The following table shows a matrix for which views to associate with each responsibility.
6 If changes are necessary, clear the cache, log out of the Siebel application, and then log back in. 7 (First-time installation only) Verify your configurations by doing the following:
a From the Reports drop-down list, select My BI Publisher Reports.
Responsibility View XMLP_ ADMIN XMLP_ SCHEDULER XMLP_ DEVELOPER XMLP_ SIEBEL_GUEST
Report Job List View Yes Yes No Yes
All Report Output List View Yes No No Yes
My Template View Yes No Yes No
All Template Report View Yes No Yes No
Manager’s Report Output List View Yes No No No
Manager’s Report Template View Yes No Yes No
Report Standard Template Registration Admin View
Yes No Yes No
All Report Template Across Organization View
b Confirm a new Scheduled Reports link was added to the My BI Publisher Reports screen. The Scheduled Reports link in the Siebel application is an embedded user interface to the Oracle BI Publisher Server that allows users to view their scheduled reports. Before you can use this link, you must perform further configuration to embed the Scheduled Reports view in the Siebel application.
c Confirm the views were added to the appropriate screens as shown in the following table.
8 (First-time installation only) Enable the Siebel Security Model by doing the following: a Log in to the Oracle BI Publisher Enterprise application with administrator privilege. b Click the Admin tab, and then select Security Configuration (under Security Center). c In the Security Model section, perform the following, and then click Apply:
❏ Set the model to Siebel Security
❏ Enter the host name and port as the Web Service Endpoint
View Screen
All Report Output List View Reports Server
All Template Report View Report Administration
Manager's Report Output List View Reports-Custom Templates
Manager's Template View Report Administration
My Template View Report Administration
Report Standard Template Registration Admin View Reports-Standard Templates All Report Template Across Organization View Reports-Standard Templates
❏ Enter the Siebel administrator credentials
NOTE: The address of the Web Service Endpoint parameter in the Oracle BI Publisher Server is the same address as the inbound Web service used by the Siebel Server.
The following table provides sample parameter values for a Siebel Security model configuration.
NOTE: Siebel administrator credentials are necessary for the Oracle BI Publisher application to log into the Siebel EAI object manager. These credentials are case sensitive and must match the Siebel database specifications.
9 Restart the Oracle BI Publisher Server.
For information about restarting the Oracle BI Publisher Server, see “Restarting OC4J and Oracle BI Publisher” on page 49.
10 (First-time installation only) Verify that the Siebel Security Model has been implemented by doing the following:
a Start the Oracle BI Publisher Enterprise application (from the Start Menu, choose Start BI Publisher).
b Log in to the Oracle BI Publisher Enterprise application using the Siebel administrator credentials.
The Siebel Security Model was successfully implemented if you are able to login using the Siebel credentials.
11 Add an explicit classpath and add a new wlfullclient.jar file to the XMLPJvmSubsys profile for the Oracle BI Publisher Server.
For instructions, see “Adding an Explicit Reference to JAR Files for the Oracle BI Publisher Server” on page 58.
Parameter Value
Security Model Siebel Security Siebel Web Service
Endpoint http:/host.domain.com/eai_enu/ start.swe?SWEExtSource=WebService&SWEExtCmd=Execute Administrator Username username Administrator Password password
NOTE: The password for an account cannot be the same as the user name for that account.