由于运维的需求, 需要在不知道用户密码的情况下使用该用户登录, impersonate还是需要的,访问方式类似如下:
http://server:port/analytics/saw.dll?Dashboard&NQUser=user name&NQPassword=password&impersonate= impersonated_user
不过obiee12c中 把11g的oracle.bi.server.impersonateUser权限去掉了。
需要2个步骤
step1. disable Light Weight SSO
1. Stop the BI system.
./stop.sh
2.execute WLST offline
[ORACLE_HOME]/oracle_common/common/bin/wlst.sh
For example:
wls:/offline> disableBISingleSignOn('/u01/config/domains/bi')
3.start the BI system
./start.sh
step2. 配置impersonate权限给具体用户或role
具体见https://docs.oracle.com/middleware/12213/biee/BIERN/toc.htm#GUID-B9A5D743-8F12-46AC-8C63-3CB6FEAC2A09
步骤:
- Connect to Fusion Middleware Control for your Oracle BI EE instance using an administration account.
- From the Weblogic Domain menu, select Security.
- Click Application Policies.
- Click Create to display the Create Application Grant page.
- In the Permissions section, click Add (+).
- Select Resource Types.
- Select oracle.bi.user from the Resource Type list.
- Click Continue to display the Add Permission dialog.
- Enter an asterisk (*) in the Resource Name field.
- Select impersonate in the Permission Actions section.
- Click Select.You now add a new grantee.
- In the Grantee section click Add (+) to display the Add Principal dialog.
- Select User from the drop down list.
- Select Includes from the Principal Name list, and enter an asterisk (*) into the field.
- Click the search arrow icon (>) to display a list of users.
- Select the user you want to give the permission to and click OK.This example uses
weblogic
.
- Click OK on the Create Application Grant page.This gives the impersonate permission to the user.