The security protocol inO3 Performance Suiteis based on the definition of roles to which access and permissions are granted. In addition, users are defined within each role, thus acquiring access and the required permissions. This security protocol lets us define access and permissions only once at the level of roles, which simplifies its administration.
O3 Performance Suite offers two authentication mechanisms: Its own security mechanism based on a security repository included in the default set up, or the possibility to join a LDAP protocol (Lightweight Directory Access Protocol).
In the case of its own security mechanism, security information resides in a repository located in a database, allowing different components of O3 Performance Suite to share the same security protocol. For instance, security definitions that control access to Cubes are also used to control access to Scorecards and Reports. In this case in order to administrate security, O3 Server Administrator is used to define the protocol in an integrated way.
In the case of LDAP, security definitions reside in an LDAP server. Users and roles definitions are made from an LDAP client and O3 Server Administrator is used to configure the access parameters to the LDAP server and to define access and permissions on the components of O3 Performance Suite.
It is important to take into consideration that in order to use a shared security protocol, it is necessary for all the components of O3 Performance Suite to be published in an O3 Server.