OBIEE 11g - Error: "Unauthorized Access : please Contact Administrator." When You Open BI Publisher report from OBIEE Catalog

(Doc ID 2151418.1)

Last updated on DECEMBER 12, 2017

Applies to:

Business Intelligence Suite Enterprise Edition - Version 11.1.1.7.140415 to 11.1.1.7.150120 [Release 11g]
Information in this document applies to any platform.

Symptoms

Once you set up External Table Authentication from Initialization Block following Fusion Middleware Security Guide for Oracle Business Intelligence Enterprise Edition - A.1.2 Setting Up External Table Authentication , and Configure BI Publisher to use Oracle BI Server for authentication based on the Fusion Middleware Administrator's Guide for Oracle Business Intelligence Publisher - 5.3.1 Configuring BI Publisher for Oracle BI Server Security , if BI Publisher report is not accessed for a long time, then opening BI Publisher report from OBIEE catalog returns error: "Unauthorized Access : please Contact Administrator." 

Detail steps about setting up External Table Authentication:

1. Create DB user t1 and grant user t1 with DBA privilege.

2. Create table under user t1

create table nq_security

(username varchar2(20)
,pwd varchar2(20)
,display_name varchar2(20)
,log_level number
,grp_name varchar2(200)
,web_group_name varchar2(200)
);

3. Insert data into the table.

insert into nq_security values ('bi','bi','bi',0,'AuthenticatedUser;BIAdministrator;BIConsumer;BIAuthor','Users');
commit;

4. Import the created table to repository physical layer.

5.Create initialization Block like next.

6. Confirm bi/bi external table user can login OBIEE.

 

Detail steps about configuring BI Publisher for Oracle BI Server Security:

1. Login BIP and click Administration > Security Configuration.

2. On the Security Configuration tab, under the Local Superuser region, select Enable Local Superuser.

3. Enter a name and password for your super user(Note this is not a user named 'super' and the Super User of OBIP is usually admin).

4. In the Authorization region of the page, select Oracle BI Server from Security Model list. Provide the following connection information for the Oracle BI Server:

      - JDBC Connection String — Example: jdbc:oraclebi://host:port/
      - Database Driver Class — Example: oracle.bi.jdbc.AnaJdbcDriver

5. Backup existing xmlpserver.ear file on your staging directory like:

     <mw_home>/Oracle_BI1/bifoundation/jee/

6. Extract xmlpserver.war from xmlpserver.ear, and then extract WEB-INF/web.xml from xmlpserver.war

7. Update web.xml in the war file as follows:

   Find SAW_AUTH_INIT_BLOCK_ONLY and change the value from "true" to "false"

8. Re-pack xmlpserver.war with modifed WEB-INF/web.xml and then re-pack xmlpserver.ear with modified xmlpserver.war.

9. From WLS console, find deployment from bipublisher and update the deployment with the updated .ear file.

10. Restart managed server from WLS console

11. Confirm bi/bi external table user can login BIP

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms