5-4 Developers Guide for Oracle Business Intelligence Publisher

5.7 getObjectSecurityXML Method

This method extracts the report-level permissions from security.xml for a BIEE integrated catalog. Signature byte[] getObjectSecurityXMLString adminUsername, String adminPassword, String objectAbsolutePath, boolean isRecursive;

5.8 getSecurityModel Method

This method returns BI Publishers security model in place. Signature String getSecurityModelvoid;

5.9 hasObjectAccess Method

This method verifies if the specified user has access to the report object referenced by reportAbsolutePath. This method first authenticates user with the specified credentials. Upon successful authentication, it verifies the users privileges to access the report object. Signature boolean hasObjectAccessString reportAbsolutePath, String roleName, String userID, String password;

5.10 hasObjectAccessInSession Method

This method verifies if a pre-authenticated bipSession has the privilege to access the report object relative to reportAbsolutePath. Table 5–6 Parameters for getObjectSecurityXML Method Parameter Description String adminUsername The user name for a BI Publisher user with administrator privileges. String adminPassword The password associated with the adminUserName. String objectAbsolutePath The absolute path to security.xml. boolean isRecursive Whether or not objectAbsolutePath is recursive. Table 5–7 Parameters for hasObjectAccess Method Parameter Description String reportAbsolutePath The path to the report object for which you want to verify the user’s access privileges. For example: HR ManagerEmployee ReportsEmployee Listing.xdo String roleName For future use. Ignore this parameter as it is not yet functional. String userID Specifies the BI Publisher user name. String password Specifies the password for the user name. SecurityService 5-5 For more information about in-session methods, see Section 1.2, About In-Session Methods. Signature boolean hasObjectAccessInSessionstring reportAbsolutePath, string roleName, string bipSessionToken;

5.11 impersonate Method

This method enables an admin account to act on the behalf of a user account. This is very useful if the user doesnt have a known password to be authenticated by BI Publisher server. This method logs in using admin account privilege, then switches the owner of the BI Publisher server session to the passed-in username. Therefore, bipSession token later will be verified by passed-in username. All further BI Publisher operations are performed through give n username. Signature String impersonateString adminUsername, String adminPassword,String username;

5.12 isUserExists Method

Use isUserExists method to test if a user name exists in the BI Publisher security model. This method returns the result as a boolean value. Signature boolean isUserExistsString userName, String adminUser, String adminPassword; Table 5–8 Parameters for hasObjectAccessInSession Method Parameter Description String reportAbsolutePath The absolute path to the report object. String roleName The role associated with the given user. String bipSessionToken The proprietary token string generated for the user by the BI Publisher server. With the bipSessionToken string, the user no longer needs to provide user credentials. The BI Publisher server can validate this token string and restore the BI Publisher server session to perform needed operation. Table 5–9 Parameters for impersonate Method Parameter Description String adminUserName Specifies a BI Publisher user name for a user with administration privileges String adminPassword Specifies the password for the administration user name. String username The username of the user account that will be granted administrator privileges. Table 5–10 Parameters for isUserExists Method Parameter Description String userName The user name to test.