did you set the content filter in the customer logical table.
In order to force the filter in a query, the content filter needs to be set based on your variable which gets populated when the user logs in.
in this case , create a session variable "cust_no", which is dependent on the user session variable to get the cust_security.cust_no
using init block . sql( select cust_security.cust_no from cust_security.cust_no where cust_security.user_id=USER: )
go to the logical table for customer and set content filter for
customer.cust_no = nqsession(cust_no)
deploy and test. you should be able to see the filter. if not, check where its failing (init blocks?)
"Then, I add the filter on Manage --> Identity --> BI Repository --> Application Role --> (select a role) --> Permission --> Data Filter" this actually grants access to the object not to the data. Data level security should be done at the data level.