The Oracle BI Application Blogs provides the latest and tips and tricks on Oracle BI Applications Product (OBIA)

How to Implement Object Security in Project Analytics in OBIA

Guest Author

Author: Vijay Rajgopal



This blog details the steps needed to implement object security for any custom objects which the Customer has created in the Project Analytics Module in OBIA onwards.


Object-level security controls the visibility to logical objects based on a user's duty/application roles. The access to following objects can be restricted using
object level security: Presentation tables, Presentation table columns, Subject Areas, Reports, Dashboards, and Project Specific shared folders.


To apply object security over subject area, individual tables or individual column the default access for authenticated user
application role must be set to No Access.


We need to explicitly grant read access to duty roles (which are based on adaptor as explained above) which can access/view the particular subject area or
individual table or individual column.


Supported OBIA release: onwards


  1. Project Analytics Application Roles used for enforcing object security –


In Enterprise Manager select WebLogic -> Domain -> bifoundation_domain -> Security -> Application Roles, Select obi application stripe and search for role name which starts with OBIA and you will see the list of all application roles that start with OBIA.



Following is the list of OOTB duty roles by adaptor


EBS Adaptor Duty Roles –






PSFT Adaptor Duty Roles –






Fusion Adaptor Duty Roles –






  1. Project Analytics object security implementation -


2.1 Subject Area:


Eg: Project - Cost GL Reconciliation is a newly added area for EBS and PSFT adaptors. We want to ensure that this subject area is not seen by Fusion Adaptor customers.


Bring down the OBIEE Server, backup the existing rpd and open the rpd in the Admin tool.


Double click Project - Cost GL Reconciliation -> Permissions



As you can see read access has been granted explicitly to duty roles associated with EBS and PSFT adaptors. All other duty roles would inherit the default access from Authenticated User application role which is set to No Access. This ensures that this subject area is not visible for Fusion adaptor users


2.2 Presentation Table:


Eg: Dim – Analysis Type is supported only for PSFT adaptor. We hide this presentation table from EBS and Fusion Adaptor customers.


Under Project - BillingAnalysis Type Permissions



As it can be seen above only users associated to PSFT duty roles would be able to view Analysis Type table. For EBS and Fusion adaptor users this table would be


2.3 Individual Columns:


Eg: Interproject Billing Amount metric in Project-Billing subject area is supported only for EBS and Fusion adaptors. We hide this individual column from PSFT


Under Project - Billing Fact – Project Billing Interproject Invoice Amount -> Permissions



As it can be seen above this metric would be viewed by EBS and Fusion adaptor users and hidden from PSFT adaptor users.


Save the rpd, do a consistency check and deploy the updated rpd in the OBIEE server.


  1. Additional Information –


General Details about OBIA can be found here


Join the discussion

Comments ( 1 )
  • James Friday, February 28, 2014


Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.