Corporate vs. Consumer Level Security

Hello,
I am considering purchasing a Blackberry, but have a question based on an article in today's G&M:
http://www.theglobeandmail.com/globe-investor/indonesia-also-mulls-blackberry-ban/article1661586/
In part, the article states, "...but says its technology does not allow it, or any third party, to read encrypted e-mails sent by corporate BlackBerry users. (The consumer version has a lower level of security.)"
Could someone highlight the differences in the different levels of security? Is this a factor of your wireless provider and the fact that at least some of your data would be going over their network, the device you are using, or both? Any information would be greatly appreciated!

Shmoo7 wrote:
Could someone highlight the differences in the different levels of security? Is this a factor of your wireless provider and the fact that at least some of your data would be going over their network, the device you are using, or both? Any information would be greatly appreciated!
BIS:
Email messages sent between the BlackBerry Internet Service and the BlackBerry Internet Service subscriber’s BlackBerry smartphone are not encrypted. When transmitted over the wireless network, the email messages are subject to the existing or available network security model(s).
When you log in to the BlackBerry Internet Service, the data is transmitted over a Secure Sockets Layer (SSL) connection.
BES:
Email messages sent between the BlackBerry smartphone and the BlackBerry Enterprise Server are encrypted using Triple Data Encryption Standard (Triple DES), Advanced Encryption Standard (AES), or both.
1. If any post helps you please click the below the post(s) that helped you.
2. Please resolve your thread by marking the post "Solution?" which solved it for you!
3. Install free BlackBerry Protect today for backups of contacts and data.
4. Guide to Unlocking your BlackBerry & Unlock Codes
Join our BBM Channels (Beta)
BlackBerry Support Forums Channel
PIN: C0001B7B4 Display/Scan Bar Code
Knowledge Base Updates
PIN: C0005A9AA Display/Scan Bar Code

Similar Messages

Message Level security : PI 7.1

Hello All,
We are currently evaluating the message level security options in PI in order to communicate with native ABAP systems like CRM , HR, BW etc. Does it need us to set up a PCK (Decentralized adapter engine) in order to use it ?
http://help.sap.com/saphelp_nwpi71/helpdata/en/a8/882a40ce93185de10000000a1550b0/content.htm
The scenarios are
SOAP - XI - Proxy
SOAP - XI - WS Adapter
Thanks.
Kiran

Thanks Marcus & Caio !! The settings listed in the link
http://help.sap.com/saphelp_nwpi71/helpdata/EN/ea/c91141e109ef6fe10000000a1550b0/frameset.htm
Do they have to be done on our ECC box and how do I do it for both Consumer and Provide Proxy ?
Is ther a link to the blog available for the same with comm channel documents.
Thanks.
Kiran

Row level Security for BI Author Role

Hi All,
We are using OBIEE 11.1.1.5 in our project. We have a requirement where we need to configure row level security on certain column.
We are currently using external table and session variable approach to configure this. This security works fine for the users with BI Consumer
roles. But we are facing issue with configuring row level security for BI Author role.
BI Author can create any analysis in BI Answers and suppose he/she creates a report which does not contain the column on which row level
security is applied than he can see all the data. For eg.
We have one dimension Products having two levels Product Division and Brand. I want to configure security based on Product Division column.
But if BI Author create a report with only Brand and Measures than row level security is not working.
Does anyone has face this issue before.
Please let me know if you want any other information from my side.
Regards,
Vikas

If you are using a multidimensional cube you can use the "permit" command to control access to dimension members or provide cell level security within the cube. The OLAP database documentation provides on how to use the PERMIT command.
If you are using relational tables and/or views with additional CWM metadata mapped using OEM then you need to refer to the database documentation relating to Virtual Private Databases and Label Security
Business Intelligence Beans Product Management Team
Oracle Corporation

Row Level Security (VPD)

We are enhancing our corporate security model using VPD fine grain access to allow more flexible policies. This will provide different levels of row level access on each set of mart fact tables (Health Board level access on Mart A, GP Practice level on Mart B etc). We also want different column level security (masking) on common dimensions depending on which mart is being queried, e.g. a user might be allowed to see confidential patient columns when querying Mart A, but not on Mart B.
OID groups hold user attributes, and we can retrieve these via logon trigger and policy functions and then set user contexts accordingly.
When a query is submitted to the database (via Business Objects), it triggers the policy function on a particular mart fact table(s), which applies the particular row level constraint based upon the users context. So far so good. Problem is, when any dimension policy functions are being triggered (at the same time), they need to know which particular Mart is being queried, so that they can retrieve the correct user context to apply either confidential or non-confidential column masking.
I basically need a means of interrogating the SQL before (or as) it reaches the dimension policy functions, from which the function can identify the Mart from the named tables in the SQL FROM list. Is there a way of doing this, or some other mechanism entirely for delivering this level of access control?
One solution is to have a separate dimension view specific to each Mart. A particular view would join to a particular mart (in Business Objects), and the policy function amended for each. However we would rather avoid this as it could mean up to 20 + views for each dimension, and require a substantial maintenance overhead.
Thanks
Simon
Edinburgh

Why would you want a situation where USER1 cannot see any of the data in the table but owns a procedure that allows him to update any row in the table? That would basically defeat the purpose of using VPD-- if USER1 can circumvent the VPD policy in this procedure, USER1 can circumvent the policy in any procedure and can create procedures that allow him to view and manipulate the data.
Can you provide a bit more background about what problem you're trying to solve? Why does USER1 need to own the procedure if USER1 isn't allowed to see any of the data? Are you trying to write a procedure that will apply the caller's VPD policy (i.e. when USER2 calls the procedure, he can only update the rows that his VPD policy allows him to see)? Or do you want the procedure code to bypass the VPD policy entirely? Why are you fine with granting USER2 the ability to bypass the VPD policy but you are not OK granting USER1 that same privilege?
Justin

Implementing Data level Security ?

I would like to Impelement Data level Security in Universe level itself. I have Set For users belonging to Branch (Mumbai, Delhi Etc) And One set of Users Belonging to Segment (CWG, IFA Etc) and Set of users that are combination oif Branch and Segment.
In the Universe I need to set the Security so that only the data related to them can be viewed. When I use a restriction I have to create many restirction and implement the same in Objects as required.
This consumes a lot of time. Is there a easier way out.
I have already Tables in the Database where the secuity values for the users are already stored.
Any help is welcome
Thanks in advance
Suresh

Hi Alan,
Ok....But How Can I use the Restriction I have created in All the objects of the universe.
For e.g.. I have Two Classes Named Channel and Relation Manager respectively.
The Channel Class has the following Objects Namely : Channel Type, Channel Country, Channel Zone, Channel State, Channel City and Channel Name. and is Derived from BIDIMCHANNEL Table
The Relation Manager Class has following Objects Namely: RM Segment, RM City, RM Branch RM Name. and is Derived from BIDIMRM Table.
I have Created the a Restriction on Channel name By Using the Clause "BIDIMChannel.ChannelName = 'AHMEDABAD' and have assigned it to an BO User.
While using WEBI whenever I Select Anything regarding the Channel Class the restriction works fine. When We I Exclusively Select "Relation Manager" Class, the restriction is Not Applied and the entire data is visible.
Can you Suggest a manner in which the restriction given above can be applied for all the objects belonging to the universe and not just to the class objects where the restrictions are being applied.
Regards
Suresh

WebServices and message level security

Hello,
I am investigating about the use of XI web services using message level security (encrypted xml), is it possible to achieve this between an SAP provider and a third party consumer, without using a PCK or developing a specific adapter? (most solutions I see always point to this).
If anyone could shed some light into this matter i would be thankful.
Regards,
Leandro Fonseca

Hello,
I am investigating about the use of XI web services using message level security (encrypted xml), is it possible to achieve this between an SAP provider and a third party consumer, without using a PCK or developing a specific adapter? (most solutions I see always point to this).
If anyone could shed some light into this matter i would be thankful.
Regards,
Leandro Fonseca

Row Level Security not working for SAP R/3

Hi Guys
We have an environment where the details are as mentioned below:
1. Crystal Reports are created using Open SQL driver to extract data from SAP R/3 using the SAP Integration Kit.
2. The SAP roles are imported in Business Objects CMC.
3. Crystal Reports are published on the Enterprise as well.
3. Authorization objects are created in SAP R/3 and added as required for the row level security as mentioned in the SAP Installation guide as well. The aim is when the user logs into the Infoview and refreshes the report he should only see data that he is meant to so through the authorization objects.The data security works very much fine when the reports are designed directly on the table but when the reports are built on the Business View it doesnt work hence the user is able to see all data.
Any help in this issue is greatly appreciated.
Thanks and Regards
Kamal

Hi,
In order for row level security to work for you using the OpenSql driver, you need to configure the Security Definition Editor on your SAP server. This is a server side tool which the Integration solution for SAP offers as a transport.
This tool defined which tables are to be restricted based on authorizations.
However since you are seeing the issue on reports based on Business Views, you need to identify whether the Business View is configured in such a way where the user refreshing the report is based on the user logging into Infoview. If the connection to your SAP server is always established with the same user when BV is used then you security definition is pointless.
You can confirm this by tracing your SAP server to identify what user is being used to logon to SAP to refresh the reports.
thanks
Mike

Row level security at universe design level

Hi,
I am creating a Universe layer on top of non SAP OLAP cube ( from MS Analysis Services 2005 ) .
My concern is that can we maintain the row level or data level security at universe design level or if i am using that universe in creation of WEBI report so is there any possiblity to maintain this security at WEBI level.
Regards,
Mishra Vibhav.

Thanks for the reply.
Much Appriciated.
My only concern is that i read in the Universe Designer developer guide that it does the row level security so can eloborate a bit about how we maintain at Universe level.
Warm Regrads,
Mishra Vibhav

Object Level Security in OBIEE 11.1.1.5

Hi All,
I am trying to implement object level security for certail groups. We have BI Apps 7.9.6.3 implemented in whch obiee 11.1.1.5 is integrated with EBS R12. Users are able to login through diffrent responsiblities to OBIEe. I need insight into how to implement object level security. Below are the steps whihc i have followed but still i am facing strange issues i.e. some users are able to see dashboards which they have no access with view display error. I checked in dashboard permission. They do not have access
1) Created application roles in OBIEE with the same resposiblity names
2) Grouped the application roles in diffrent groups. I.e. if application roles a,b,c should have access to dashboard x then i made b and c member of a.
3) Configured security in manage previleges and catalog for these application roles i.e. i used application role a mentioned in step 2 in manage previleges etc.
4) Restarted the BI server and presentation servers.
Are there any other steps which should be followed apart from above mentioned steps. Do i have to make use of groups.
Regards,
Sandeep

Sandeep Saini wrote:
I checked the inheritance. I did a lot of investigation but it is weird. My purpose of asking the question was to find out if there are any bugs in version 11.1.1.5 otherwise i didn't see any issues.
There are a couple of bugs related to the issue but I have checked that on 11.1.1.5.5 and its works as expected.
Bug 13982971 : PERMISSIONS ON WEB CATALOG OBJECTS NOT APPLIED IMMEDIATELY
In case you see anything like this -> QA:USER WITH NO ACCESS OVER A FOLDER IS ABLE TO RUN ANALYSIS REPORT CONTAINED then [Patch ID 15626966]
1) I want to check if there are any components i.e. BI server, presentation server or any other service that should be started after creation of application roles. I started only BI server after creating application rolesAny changes made to the Application policies should need a restart of admin and managed server however if you are not creating policies just Roles with similar names OPMN restart should be good to see the changes made.
2) I made use of application roles throughout in object level security . Is it the correct approach ?Yes that is the right approach to use application roles for defining object level permission settings throught, do not go for catalog groups its makes it nasty to manage. Here is the quote from Sec Guide : " Using catalog groups is not considered a best practice and is available for backward compatibility in upgraded systems."
3) To check if there are any object level security related bugsThere might be more than once mentioned above since 11.1.1.5 .. I do not trust that version it bites a lot ;)
And to explain step 2 lets say there are n number of application roles which should have same object level security but diffrent data level security. In that case i made all such application roles member of another application role and configured object level security for that group only. For ex in manage previlege i configured "Access to Answer" for one application group and made other application group member of this group. I hope its clear now .Grouping of Roles with other similar roles is what needs to done to get functionality like catalog groups.However a reference of the 5 basic rules is always a lifesaver : [Rules for Inheritance for Permissions and Privileges|http://docs.oracle.com/cd/E29505_01/bi.1111/e10543/mgrgrpsusers.htm#autoId16]
Hope this helps.!
SVS

Dimension Level Security on a Data Form

Hi,
Is there any other way in Hyperion Planning to know where the dimensional level security is missing when you get the following error - (other than manually going to the dimensions and checking it)
"Security and/or filtering has resulted in a required dimension not being represented on the data form"
Please let me know !
~ Adella

Alp, I did try to work with your idea and it did help. Thank you so much for your input.
Anyways, for now I think I got an answer to my question..but please do let me know of other ideas if you come across any :)
~ Adella

Data level Security issue in obiee 11g

Hi,
We are trying to implement data level security, let me explain the issue
The requirement is, we have 7 schools and each school has one principle , there will be a Superdintent who has 3 schools under him. so now when each principle logs in to dashboard we have a prompt for school i.e Name of school in that prompt he should see only his school and even the data of that school only which are assigned to him, now when Superdintent logs in he should see all 3 schools in the prompt and data. I have gone through this link (http://www.rittmanmead.com/2012/03/obiee-11g-security-week-row-level-security/) but could not achieve.
We are able to achieve by writing SQL in BMM layer ( LTS Table) so where ever the table is used in dashboards the security is being applied and we are able to see what we want. We want to achieve this by application role, But when we are creating session variables and applying on Application Role its not working. We want to achieve this by using Application role because suppose in other dashboards when the table is not used or pulled in, it will not work.But if we do it using application role its applies to all dashboards and data is resticted. so that when principle or Superdintent logs in automatically its restricts the data.
Below is the SQL which we used in BMM LTS, its working fine. But when the same SQL is applied in Application Role it's not working.
SQL used in session variable -
select 'SCHOOL_CD1', school_cd1 from w_staff_d where empl_id ='VALUEOF(NQ_SESSION.USER)'
and job_desc1 = 'Principal High School - KPI'
Any suggestions please ??
Thanks,
VRP

Hi,
I pasted the log view below by applying SET VARIABLE LOGLEVEL=2, DISABLE_CACHE_HIT=1;, ran this report by applying SQL in Session variable. Let me know if you want anything -
Thanks
[OracleBIServerComponent] [TRACE:2] [USER-0] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] ############################################## [[
-------------------- SQL Request:
SET VARIABLE QUERY_SRC_CD='Report',SAW_SRC_PATH='/shared/Key Performance Analytics/Analysis/Climate and Culture/Analysis for total school suspensions',LOGLEVEL=2, DISABLE_CACHE_HIT=1; SELECT s_0, s_1, s_2, s_3, s_4, s_5, s_6, s_7, s_8, s_9, s_10, s_11 FROM (
SELECT
0 s_0,
"High School KPI"."- Date"."School Year" s_1,
"High School KPI"."- Grade"."Grade Level" s_2,
"High School KPI"."- School"."School Name" s_3,
"High School KPI"."- School Suspensions"."% of Students Suspended" s_4,
"High School KPI"."- School Suspensions"."Count of Students Enrolled" s_5,
"High School KPI"."- School Suspensions"."Count of Students with Incidents" s_6,
CASE WHEN (CASE WHEN MAX("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END +(CASE WHEN (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END)=0 THEN CASE WHEN CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END <0 THEN (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END *-1) ELSE CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END END ELSE (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END) END /10))<0 THEN 1 ELSE 2 END s_7,
CASE WHEN (CASE WHEN MAX("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END)=0 THEN CASE WHEN CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END <0 THEN (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END *-1) ELSE CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END END ELSE (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END) END s_8,
CASE WHEN MAX("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END s_9,
CASE WHEN MIN("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY ) END s_10,
REPORT_AGGREGATE("High School KPI"."- School Suspensions"."% of Students Suspended" BY "High School KPI"."- Date"."School Year") s_11
FROM "High School KPI"
WHERE
(("- Discipline Action"."Discipline Action Code" = 'Suspension') AND ("- Date"."School Year Desc" = VALUEOF("school_year_desc")))
) djm ORDER BY 1, 2 ASC NULLS LAST
[2012-10-17T18:36:55.000+00:00] [OracleBIServerComponent] [TRACE:2] [USER-23] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] -------------------- General Query Info: [[
Repository: Star, Subject Area: High School KPI, Presentation: High School KPI
[2012-10-17T18:36:55.000+00:00] [OracleBIServerComponent] [TRACE:2] [USER-18] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] -------------------- Sending query to database named SPA (id: <<62064>>), connection pool named Initialization Block Connection Pool: [[
WITH
SAWITH0 AS (select T30351.SCHOOL_YEAR_DESC as c2,
T26564.GRADE_LONG_DESC as c4,
T26686.SCHOOL_NM as c5,
T29835.STDNT_WID as c6,
ROW_NUMBER() OVER (PARTITION BY T30351.SCHOOL_YEAR_DESC, T29835.STDNT_WID ORDER BY T30351.SCHOOL_YEAR_DESC DESC, T29835.STDNT_WID DESC) as c7
from
W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
W_SCHOOL_YEAR_D T30351 /* KPI_W_SCHOOL_YEAR_D */ ,
W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
W_STDNT_ENROLL_SCHOOL_F T29835 /* KPI_W_STDNT_ENROLL_SCHOOL_F */
where ( T26564.GRADE_LEVEL_WID = T29835.GRADE_LEVEL_WID and T26686.ORGANIZATION_WID = T29835.ORGANIZATION_WID and T29835.SCHOOL_YEAR_WID = T30351.SCHOOL_YEAR_WID and T30351.SCHOOL_YEAR_DESC = '2011-2012' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
SAWITH1 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
D1.c2 as c2,
count(distinct D1.c6) as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH0 D1
group by D1.c2, D1.c4, D1.c5),
SAWITH2 AS (select sum(D1.c1) over (partition by D1.c2) as c1,
D1.c2 as c2,
D1.c3 as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH1 D1),
SAWITH3 AS (select T30647.SCHOOL_YEAR as c3,
T26564.GRADE_LONG_DESC as c4,
T26686.SCHOOL_NM as c5,
T26023.STDNT_WID as c6,
ROW_NUMBER() OVER (PARTITION BY T30647.SCHOOL_YEAR, T26023.STDNT_WID ORDER BY T30647.SCHOOL_YEAR DESC, T26023.STDNT_WID DESC) as c7
from
W_DISCIPLINE_ACTION_D T29975 /* KPI_W_DISCIPLINE_ACTION_D */ ,
W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
W_KPI_QTR_DAY_D T30647,
W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
W_STDNT_DISCIPLINE_F T26023 /* KPI_W_STDNT_DISCIPLINE_F */
where ( T26023.DISCIPLINE_ACTION_WID = T29975.DISCIPLINE_ACTION_WID and T26023.ORGANIZATION_WID = T26686.ORGANIZATION_WID and T26023.DATE_WID = T30647.DATE_WID and T26023.GRADE_LEVEL_WID = T26564.GRADE_LEVEL_WID and T29975.DISCIPLINE_ACTION_CD = 'Suspension' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
SAWITH4 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
count(distinct D1.c6) as c2,
D1.c3 as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH3 D1
group by D1.c3, D1.c4, D1.c5),
SAWITH5 AS (select sum(D1.c1) over (partition by D1.c3) as c1,
D1.c2 as c2,
D1.c3 as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH4 D1)
select distinct case when D1.c2 is not null then D1.c2 when D2.c3 is not null then D2.c3 end as c1,
case when D1.c4 is not null then D1.c4 when D2.c4 is not null then D2.c4 end as c2,
case when D1.c5 is not null then D1.c5 when D2.c5 is not null then D2.c5 end as c3,
case when D1.c3 = 0 then NULL else D2.c2 * 100.0 / nullif( D1.c3, 0) end as c4,
D1.c3 as c5,
D2.c2 as c6
from
SAWITH2 D1,
SAWITH5 D2
where ( nvl(D1.c2 , '1') = nvl(D2.c3 , '1') and nvl(D1.c2 , '2') = nvl(D2.c3 , '2') and nvl(D1.c4 , '1') = nvl(D2.c4 , '1') and nvl(D1.c4 , '2') = nvl(D2.c4 , '2') and nvl(D1.c5 , '1') = nvl(D2.c5 , '1') and nvl(D1.c5 , '2') = nvl(D2.c5 , '2') )
order by c1, c2, c3
[2012-10-17T18:36:55.000+00:00] [OracleBIServerComponent] [TRACE:2] [USER-18] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] -------------------- Sending query to database named SPA (id: <<62434>>), connection pool named Initialization Block Connection Pool: [[
WITH
SAWITH0 AS (select T30351.SCHOOL_YEAR_DESC as c2,
T26564.GRADE_LONG_DESC as c4,
T26686.SCHOOL_NM as c5,
T29835.STDNT_WID as c6,
ROW_NUMBER() OVER (PARTITION BY T30351.SCHOOL_YEAR_DESC, T29835.STDNT_WID ORDER BY T30351.SCHOOL_YEAR_DESC DESC, T29835.STDNT_WID DESC) as c7
from
W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
W_SCHOOL_YEAR_D T30351 /* KPI_W_SCHOOL_YEAR_D */ ,
W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
W_STDNT_ENROLL_SCHOOL_F T29835 /* KPI_W_STDNT_ENROLL_SCHOOL_F */
where ( T26564.GRADE_LEVEL_WID = T29835.GRADE_LEVEL_WID and T26686.ORGANIZATION_WID = T29835.ORGANIZATION_WID and T29835.SCHOOL_YEAR_WID = T30351.SCHOOL_YEAR_WID and T30351.SCHOOL_YEAR_DESC = '2011-2012' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
SAWITH1 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
D1.c2 as c2,
count(distinct D1.c6) as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH0 D1
group by D1.c2, D1.c4, D1.c5),
SAWITH2 AS (select sum(D1.c1) over (partition by D1.c2) as c1,
D1.c2 as c2,
D1.c3 as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH1 D1),
SAWITH3 AS (select T30647.SCHOOL_YEAR as c3,
T26564.GRADE_LONG_DESC as c4,
T26686.SCHOOL_NM as c5,
T26023.STDNT_WID as c6,
ROW_NUMBER() OVER (PARTITION BY T30647.SCHOOL_YEAR, T26023.STDNT_WID ORDER BY T30647.SCHOOL_YEAR DESC, T26023.STDNT_WID DESC) as c7
from
W_DISCIPLINE_ACTION_D T29975 /* KPI_W_DISCIPLINE_ACTION_D */ ,
W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
W_KPI_QTR_DAY_D T30647,
W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
W_STDNT_DISCIPLINE_F T26023 /* KPI_W_STDNT_DISCIPLINE_F */
where ( T26023.DISCIPLINE_ACTION_WID = T29975.DISCIPLINE_ACTION_WID and T26023.ORGANIZATION_WID = T26686.ORGANIZATION_WID and T26023.DATE_WID = T30647.DATE_WID and T26023.GRADE_LEVEL_WID = T26564.GRADE_LEVEL_WID and T29975.DISCIPLINE_ACTION_CD = 'Suspension' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
SAWITH4 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
count(distinct D1.c6) as c2,
D1.c3 as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH3 D1
group by D1.c3, D1.c4, D1.c5),
SAWITH5 AS (select sum(D1.c1) over (partition by D1.c3) as c1,
D1.c2 as c2,
D1.c3 as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH4 D1),
SAWITH6 AS (select case when max(D1.c1) = 0 then NULL else max(D2.c1) * 100.0 / nullif( max(D1.c1), 0) end as c11,
case when D1.c2 is not null then D1.c2 when D2.c3 is not null then D2.c3 end as c12
from
SAWITH2 D1,
SAWITH5 D2
where ( nvl(D1.c2 , '1') = nvl(D2.c3 , '1') and nvl(D1.c2 , '2') = nvl(D2.c3 , '2') and nvl(D1.c4 , '1') = nvl(D2.c4 , '1') and nvl(D1.c4 , '2') = nvl(D2.c4 , '2') and nvl(D1.c5 , '1') = nvl(D2.c5 , '1') and nvl(D1.c5 , '2') = nvl(D2.c5 , '2') )
group by case when D1.c2 is not null then D1.c2 when D2.c3 is not null then D2.c3 end )
select D2.c11 as c1,
D2.c12 as c2
from
SAWITH6 D2
order by c2
Edited by: 965968 on Oct 17, 2012 11:49 AM

Row level security in BI Publisher

Hi All ,
I am using BI publisher for reporting on Siebel system.The issue I am facing is regarding row level security.Even if I am logging with Employee Id, when I generate report ,I have acess to all the information of the other employees.
e.g. If as a cashier I made some entry , when I generate report on collection made by me, its bringing me all the collections made by other cashiers also.
I am generating these report from siebel side.I am not sure if we can apply the rowlevel security to BI Publisher.
Does anyone has used Siebel or EBS with BI Publisher and have row level security ? I am also not sure How to see the reports by loging into BI Publisher .If I am using Siebel or EBS, what is going to be my Data Model or Data Set.
Can anyone help me on this?
Thanks!!

Oracle HRMS has its own security built-in to the schemas. Other modules you will need to customize for your own use.

Invoking a message-level secured webservice WS Security

I am not having any luck invoking a webservice that has been secured via message-level security. For simplicity, I have been using WS-Security Policies provided by WebLogic and applying them on my webservice via annotations. I have been testing with Wssp1.2-Wss1.0-X509-TripleDesRsa.xml. I am using soapUI to invoke the webservice. When I send a singed soap request, I get a response indicating that it wasn't able to validate the signature. I made sure that both soapUI and WebLogic server is using the same identity store. I have also made sure that the certificate in the identity store is also in the trust store for WebLogic. There could also be a problem with the structure of the soap request. I send a soap request that includes a signature of the timestamp, the initiator token (x509 in binary form), and the body.
Anyone have luck with WebLogic webservice security and soapUI?

Applying 'format XML' after signing it changes the message and makes the signature invalid, different content == different signature.
You should also ask yourself why you'd like to transport blank characters (zero information) over the wire just to make it more readable for yourself? Just compare the size of the unformatted and formatted message to see the waste of bandwidth.
--olaf

Domain and User Level Security

Dear Friends
Tuxedo Version : 8.0
Weblogic Server: 7.0
Operating System : Win 2000
I have successfully run the simpapp example with WTC as the connector between
the remote domain (tuxedo) and local domain (WLS).
Now, i want to perform authentication, the documents are not being of much help
so can anybody give me any suggestion to create domain level security and ACL.
Please note, i'm just using the services (import).
As per the documents and newsgroup,
i made changes to the TUXEDO ENVIRNMENT, ubbdomain, adding SECURITY , AUTHSERV
parameters in it.
Also made respective changes in WTC, but when i run the example,
it throws an exception as TPENOENT.
Thank you in anticipation.
Please help me !

Hi Shamu,
I answered similar questions in a posting with title "Service
Authentication How to". The questions were posted after your post.
Check out the questions and my reply see whether they are useful to you.
Regards,
Honghsi
shamu wrote:
>
Dear Friends
Tuxedo Version : 8.0
Weblogic Server: 7.0
Operating System : Win 2000
I have successfully run the simpapp example with WTC as the connector between
the remote domain (tuxedo) and local domain (WLS).
Now, i want to perform authentication, the documents are not being of much help
so can anybody give me any suggestion to create domain level security and ACL.
Please note, i'm just using the services (import).
As per the documents and newsgroup,
i made changes to the TUXEDO ENVIRNMENT, ubbdomain, adding SECURITY , AUTHSERV
parameters in it.
Also made respective changes in WTC, but when i run the example,
it throws an exception as TPENOENT.
Thank you in anticipation.
Please help me !

Data level Security in Essbase

I have an requirement to implement data level security in Essbase. For ex: A user can only see those data which are from Asia region or an user will be able to see those data which are from America.
Asia and America are defined in my location dimension.
Please tell me how to do it?
Regards,
Suman

to make your security maintenance easier, I would suggest putting the users into groups and assigning the filters to the group. If you do it at the indivual level, the user can only have one filter assigned to them, but each group could have a different filter. So for someone who should see Americas and Asia have a group calle America and one called asia. put the user into both groups and assign the america filter to the first group and asia filter to the second group

Corporate vs. Consumer Level Security

Similar Messages

Maybe you are looking for