OBIEE 11G New Features (Security)

1. USERS and GROUPS are created in Weblogic. 2. Groups no longer exist and are replaced by Application roles. Data level security is implemented by using Application roles to which users belong to. 3. In Presentaion Catalog, AuthenticatedUser role is used instead of Everyone group. 4. Application roles are managed in an external policy store. Application role objects exist in the repository, but these objects are pointers (references) to the externally managed roles. 5. Users are managed in an external authentication provider and are no longer managed in the repository. User objects exist in the repository, but these objects are pointers (references) to the externally managed users. 6. In 11g any named user can be granted administrative permissions if desired. This compares to 10g where there was a single user with administrative permissions who was named Administrator. 7. Security Policies are now mapped to Application roles not to Groups. 8. No more Administrator User. -Any number of users have admin privileges.