Groups and Application Roles Difference
An Example Security Setup Using the Installed Groups andApplication Roles
This example uses a small set of Users, Groups, and Application Roles to illustrate
how you set up a security policy using the default Groups and Application Roles that
are installed and pre-configured out-of-the-box. In this example, you want to
implement the following:
■ Three users named User1, User2, and User3, who need to view business
■ Two users named User4 and User5, who need to create business intelligence
■ Two users named User6 and User7, who administer Oracle Business Intelligence.
The figure below shows the Users, Groups, and Application Roles that you would
deploy to implement this security model.
Figure 2–2 Example Groups, Application Roles, and Users
The example above shows the following:
■ The Group named 'BIConsumers' contains User1, User2, and User3. Users in the
Group 'BIConsumers' are assigned the Application Role named 'BIConsumer',
which enables the users to view reports.
■ The Group named 'BIAuthors' contains User4 and User5. Users in the Group
'BIAuthors' are assigned the Application Role named 'BIAuthors', which enables
the users to create reports.
■ The Group named 'BIAdministrators' contains User6 and User7. Users in the
Group 'BIAdministrators' are assigned the Application Role named
'BIAdministrator', which enables the users to manage responsibilities.
How to map a Group to an Application Role:-
Managing Security Using the Default Security Configuration2-23
named BIMarketingGroup might require an Application Role called
BIConsumerMarketing, in which case you map the Group named BIMarketingGroup
to the Application Role named BIConsumerMarketing.
To map a Group to an Application Role:
1.Log in to Fusion Middleware Control, navigate to Security, then select
Policies are displayed depends upon the method used to navigate to the
2.list. Click the search icon next to If necessary, select Select Application Stripe to Search, then select obi from theRole Name.
Select an Application Role in the list and click Edit to display an edit dialog, and
complete the fields as follows:
You map a Group to an Application Role to provide Users in that Group with
appropriate security privileges. For example, a Group for marketing report consumers
want to map to the
For example, if a Group for marketing report consumers named
BIMarketingGroup require an Application Role called BIConsumerMarketing,
then add the Group named BIMarketingGroup to
5. Click OK to return to the Application Roles page.
Satya Ranki Reddy
Managing Application Roles and Application Policies Using Fusion Middleware Control