This content has been marked as final. Show 16 replies
Please follow the follow steps to restrict users on the project dimension.
1) Create an init block to populate the list of project a user belongs to. You have to do this row - wise initialized as a user can belong to multiple projects.
Select 'PROJECT_NUMBER', project_number from w_project_d where UPPER(user_name)=UPPER(':USER');
2) Now as you have all the project numbers for a particular user in a variable, you can use that to filter on the dimension table.
3) In the rpd, go to the group/role - Permissions - Select the dimension table project - and put the following filter.
"Core"."Dim - Project.Project Number" = VALUEOF(NQ_SESSION.PROJECT_NUMBER)
That's it. Your security is now in place for projects.
Please assign points and mark answer as correct.
Thanks for your reply ill follow all your steps of implementing my logic behind.
But one more thing Amith. I have never worked with the security in obiee so far and entirely it appears new thing to me. Is there any other step by step link which is explaining about what are all the security features available in obiee 11g, so that i can also able to learn the several ways.
Before that how i worked in obiee means, for each and every rpd ill be login as a Administrator in Bi answers and ill be viewing the reports, but as a user i never logged into the BI answers, and according to the users the reports will be restricted and all stuff.
Thanks for your support, ill try your way for my logic and will implement it asap.
Once again Thanks for your timely help.
All izz Well
The PDF in the below link shows the basic security setup within obiee 10g and 11g. All setup steps with screen shots.
Based on setting up a user and attaching them to a group so that data can be filtered.
OBIEE 10g Setup
OBIEE 11g Setup
Setup Users / Groups - Weblogic
Setup Roles / OEM
Setup Data Filters based on Roles
Also refer to these two great articles on the security in OBIEE 11g:
Here is a nice article from Mark Rittman on the overview of security in OBIEE 11g:
You can also refer to the security guide from Oracle documentation:
Study the above links and you should get a clear idea on the security.
Thanks for those useful links. It gave me an idea of how to implement security in obiee11g. And also for my logic behind the security i have followed all the steps given by you. But it didnt worked i think i was missing something in it.
These are the steps i have followed
<li> Firstly i have created a table User_Access with Username and Project Number column. In that i have 8 users and i have 8 project number corresponding to that user(In that there is also different users with the same project number too, (i.e) three members with a same project number). After that i imported that table to the RPD, and have given necessary physical joins with the Fact table that i have.
<li> Secondly what i did is, since im working in obiee 11g. i have created Users and assigned Users to the respective Groups in weblogic, and also i have created a Role in EM and attached the group to each Role.
<li> Thirdly, what i did is i created a session Initialization Variables and given the query given as you said
Select 'PROJECT_NUMBER', project_number from xxbi_user_access where UPPER(user_name)=UPPER(':USER');Soon after given that "Test" Button is diabled and i couldnt able to test the results of that query, and after that i pressed the button '*Edit Data Target*' and checked the Row Initialization as you said.
<li> Finally what i did is Totally i have three Application Roles
*) Industrial Maintainence Role---Belonged User(RS, SH)
*) Oil & Gas Role---Belonged User(XX, ZZ)
*) Shipyard Role---Belonged User(YY)
I have double clicked the each and every role and applied the data filters for each role as said by giving the following query
"BISAMPLE"."W_PROJECT_D.Project Number" = VALUEOF(NQ_SESSION.PROJECT_NUMBER)i have setted the above filter for all the three Roles.
After that i logged into analytics page with the Username: RH. Soon after logged in it has to show only the Industrial Maintainence Projects Report, but Amith for me it didnt showed anything inside the BI answers.
I dont know what i missed over here. I need your support for it Amith
Kindly help me with this.
Was just going thru your post. Till now you have setup Data Level Security. You also need to set Oject Level Security as per your prjt requirements. If you are not able to see any Subject Area in answers then assign the privileges to users/grps.
Good if you can refer to OBIEE 11g Admin Guide.