3 Replies Latest reply: Aug 22, 2013 11:34 AM by Sariel-SW RSS

    Data Access Security is not applied on my report... Why??

    Sariel-SW

      Dear All,

       

      I have a data filter setting issue on my new OBI projects.

       

      The way is applicable on OBIEE 11.1.1.6 BP1 but failed on 11.1.1.7.

       

      Let me simply to share the case and what I have done.

       

      Scenario: A new rpd is created for a new project. As the case, I need to add a filter to customer list so that the list of viewables depends on the login.

       

      The design on RPD as

       

      CUSTOMER (cust_no) <--> CUST_SECURITY (user_id, cust_no)

      SQL: where customer.cust_no = cust_security.cust_no and cust_security.user_id = NQ_SESSION("USER")

       

      Then, I add the filter on Manage --> Identity --> BI Repository --> Application Role --> (select a role) --> Permission --> Data Filter

       

      Result

      The report has not applied any filter.

       

      I checked the nqquery.log and cannot find any error msg or filter codes is in the SQL it generated.

       

      My RPD is copied from another project (which is running in FMW, i.e. XXXXX_BI0046.rpd), is it related?

       

      Alternatively, when I use another statement to do, for example, CUST_SECURITY.USER_ID='abc1', the filter is not applied...

      Do any one have idea to the case?

        • 1. Re: Data Access Security is not applied on my report... Why??
          SaichandVaranasi

          1) Create some dummy user and login again (hard code the value security.user_id = 'Dummy_User'

           

          2) Open RPD in Online mode goto--> Manage Session --> should see the user you logged in currently to Analytics and which group you belongs

          • 2. Re: Data Access Security is not applied on my report... Why??
            user10615659

            did you set the content filter in the customer logical table.

            In order to force the filter in a query, the content filter needs to be set based on your variable which gets populated when the user logs in.

             

            in this case , create a session variable "cust_no", which is dependent on the user session variable to get the cust_security.cust_no

            using init block . sql( select cust_security.cust_no from cust_security.cust_no where cust_security.user_id=USER: )

             

            go to the logical table for customer and set content filter for

            customer.cust_no = nqsession(cust_no)

             

            deploy and test. you should be able to see the filter. if not, check where its failing (init blocks?)

             

            "Then, I add the filter on Manage --> Identity --> BI Repository --> Application Role --> (select a role) --> Permission --> Data Filter" this actually grants access to the object not to the data. Data level security should be done at the data level.

            • 3. Re: Data Access Security is not applied on my report... Why??
              Sariel-SW

              Dear All,

               

              Thanks for help. Checked and found BISystem is set for such users...