Select Page

Art of BI: Proxy Act As Cannot Cross Identity Providers

Christian Screen | | February 27, 2012

The proxy act as capability of Oracle BI is still well and alive in 11g.

I came across this error recently when configuring this functionality, “Actual user’s GUID is not empty but Acting as user’s GUID is empty.”

The GUIDs have a lot to do with the way the proxy user is able to log into Presentation Services as the target user.  Refreshing GUIDs can also play a role in affect the correct configuration with Proxy As.

This error however, is due to the fact that the implementation was using two different Identity Providers which apparently breaks the functionality of the Proxy As feature.

For example, I want to log into OBI Dashboards as the ‘weblogic‘ user which is housed under the default Identity Provider of the WLS LDAP system.  I want to set up my proxy as table so that the ‘weblogic’ user can proxy as a target user that resides in an MS Active Directory LDAP Identity Provider that I’ve configured in WLS or that I am using via the backwards compatible 10g security method stemming from the RPD (I tested this using only the latter method).  So, I’d set up my proxy table to show the combination of weblogic user to MSAD user with full privileges.  The outcome of this is that when I log in with the ‘weblogic’ user, I am able to see my MSAD user in the Act As dropdown list.  That is accurate because that is just a database retrieve.  However, if I select the MSAD user from the list to act as that user, I will be sent to the login screen of Presentation Services and the proxy as login will fail.  The error message above will be logged and can then be seed from the Diagnostics tab within the Fusion Control console.

So, ultimately you can only proxy Act As with a users stemming from the same Identity Provider.

In my opinion that is how is should work anyway.  Just know that the limitation exists.

Let me know if you’ve figured out a work around or if I missed something.

Enhanced by Zemanta

Subscribe to Our Blog

Never miss a post! Stay up to date with the latest database, application and analytics tips and news. Delivered in a handy bi-weekly update straight to your inbox. You can unsubscribe at any time.

ORA-12154: TNS:could not resolve the connect identifier specified

Most people will encounter this error when their application tries to connect to an Oracle database service, but it can also be raised by one database instance trying to connect to another database service via a database link.

Jeremiah Wilton | March 4, 2009

12c Upgrade Bug with SQL Tuning Advisor

Learn the steps to take on your Oracle upgrade 11.2 to 12.1 if you’re having performance problems. Oracle offers a patch and work around to BUG 20540751.

Megan Elphingstone | March 22, 2017

Oracle EPM Cloud Vs. On-Premises: What’s the Difference?

EPM applications help measure the business performance. This post will help you choose the best EPM solutions for your organization’s needs and objectives.

Bobby Ellis | April 10, 2018

Work with Us

Let’s have a conversation about what you need to succeed and how we can help get you there.


Work for Us

Where do you want to take your career? Explore exciting opportunities to join our team.