Domain level security issue with InfoPath Form

Similar Messages

• Security issues with connecting pdf to database

  I have a pdf form that is being called from a webform as part
  of a web application. The PDF has two dropdown lists that I was
  populating from a SQL Server Database. I had created a special user
  that had select access only to the tables for the dropdowns.
  My question is are there any known security issues with
  regard to allowing a pdf to connect to a database this way. The PDF
  is being called from a secure connection but I don't know if
  opening this database connection to populate these dropdowns
  exposes a security hole of any sort. If it does, do you have a
  solution to make this secure? I am asking because another developer
  on the project brought up the issue of this design creating a
  security risk and I haven't been able to find anything online
  discussing it either way.
  Thanks!
  Maureen

  Hello Maureen,
  Thanks for posting, but I'm not sure I see if your question
  relates to Acrobat.com
  Are you using any of the Acrobat.com Services as any part of
  your workflow?
  Thanks!
  Pete

• Using latest version of fireFox to access Think Central, pages will not load and they say that this is a security issue with FireFox?

  Teachers in our district are supposed to use www.thinkcentral.com with FireFox.
  Some have no problem accessing the lesson plans.
  Most when they login click on a lesson plan and an icon shows up that says loading but never does.
  If you reboot the computer and login you can open a page once but not a second time and no other lessons will open.
  Think Central support says this is a security issue with Firefox.
  I have updated FireFox, all the Adobe, Reader, Flash, Air and Shockwave. As well as Java.
  I have allowed the pop ups to the think Central web site.
  Any help would be appreciated

  Are there any notification icons on the left end of the address bar? If so, please click them to see whether they related to security issues (such as blocked content - shield icon: [[How does content that isn't secure affect my safety?]]) or a plugin requiring permission (Lego-like icon).
  Does Think Central have any help pages about this issue? Without an account, it is difficult to explore the issue first-hand.

• Severe Security Issue with Sharing Permissions and Windows

  I recently discovered a severe Security issue with the windows sharing an permission settings:
  I have two users, an admin user and a parental controlled user. On my mac mini, i have a external harddrive connected. On the harddrive, i have three folders, Itunes, Iphoto (Package) and a Temp Folder. I want to share the Harddrive RW for the admin, but only R for the parental user. But the Temp folder should be accessible for RW for the parental as well.
  1. I set the Drive checkbox "ignore ownership" off.
  2. I set the permissions of the drive to admin RW, parental R and Everyone to "no access"
  3. I apply to enclosed Items
  4. I set the permission of the Temp folder to admin RW, parental RW and Everyone to "no access"
  5. I apply to enclosed Items
  6. I go to "File Sharing" in the Preferences and activate SMB sharing for both users
  7. I delete all previous shares
  8. I add the Disk and use the proposed permissions which are admin RW, parental R, Everyone "no access"
  9. I add the Temp folder and use the proposed permissions which are admin RW, parental RW, Everyone "no access" - Funny, there is a new Group called "Temp" created which has custom access on both sharepoints
  10. I connect to the mac over a Windows machine (NTLM auth set appropriatly). Now I try to create a folder on the root of the Disk share, I get a denied message.
  BUT WHEN I GO INTO A SUBFOLDER (eg. ITUNES or IPHOTO), WHICH HAS ALSO JUST "R" PERMISSION FOR THE PARENTAL USER, I AM ABLE TO RW, DELETE AND DO EVERYTHING!!!
  TO RECAPITULATE: THE SHARING PERMISSIONS ARE "R", AND THE FILE PERMISSIONS IN THE RESPECTIVE FOLDERS FOR THE RESPECTIVE USER ARE ALSO JUST "R". BUT THE USER CAN DO EVERYTHING IN THE SUBFOLDERS!!!

  I recently discovered a severe Security issue with the windows sharing an permission settings:
  I have two users, an admin user and a parental controlled user. On my mac mini, i have a external harddrive connected. On the harddrive, i have three folders, Itunes, Iphoto (Package) and a Temp Folder. I want to share the Harddrive RW for the admin, but only R for the parental user. But the Temp folder should be accessible for RW for the parental as well.
  1. I set the Drive checkbox "ignore ownership" off.
  2. I set the permissions of the drive to admin RW, parental R and Everyone to "no access"
  3. I apply to enclosed Items
  4. I set the permission of the Temp folder to admin RW, parental RW and Everyone to "no access"
  5. I apply to enclosed Items
  6. I go to "File Sharing" in the Preferences and activate SMB sharing for both users
  7. I delete all previous shares
  8. I add the Disk and use the proposed permissions which are admin RW, parental R, Everyone "no access"
  9. I add the Temp folder and use the proposed permissions which are admin RW, parental RW, Everyone "no access" - Funny, there is a new Group called "Temp" created which has custom access on both sharepoints
  10. I connect to the mac over a Windows machine (NTLM auth set appropriatly). Now I try to create a folder on the root of the Disk share, I get a denied message.
  BUT WHEN I GO INTO A SUBFOLDER (eg. ITUNES or IPHOTO), WHICH HAS ALSO JUST "R" PERMISSION FOR THE PARENTAL USER, I AM ABLE TO RW, DELETE AND DO EVERYTHING!!!
  TO RECAPITULATE: THE SHARING PERMISSIONS ARE "R", AND THE FILE PERMISSIONS IN THE RESPECTIVE FOLDERS FOR THE RESPECTIVE USER ARE ALSO JUST "R". BUT THE USER CAN DO EVERYTHING IN THE SUBFOLDERS!!!

• Any security issues with My MSN or outlook bookmarks

  any security issues with My Msn and Outlook as bookmarks

  Your question is not quite clear, and no Mac can iOS, but anything and everything made by or for Microsoft carries a security risk.
  Which is why most sensible people run Apple OS X.

• Security issues with Lion

  Anyone know what the real deal is with OS X Lion security.  I've heard lots of things about how the recent Blackhat conference in Las Vegas said that Apple's security was not as good as Windows 7's.  Anyone know anything about this?  Thanks in advance for any feedback or input.

  JB2909 wrote:
  I've downloaded Java for OS X Lion 2012-001 to fix the security issues with Java but when I open it to install it gives me an error message saying don't open it as it has a disk image issue (?) and may make my computer less secure or cause other issues? I don't understand why it would cause security risks when it is supposed to be a patch to fix them?!  Is it safe to go ahead and open/install?
  Could that be why Apple has released Java for OS X Lion 2012-002 here: http://support.apple.com/kb/DL1515 ?

• Security Issues with 8.1 Pro

  I have had several security issues with Windows 8.1 Pro.
  I am curious if the following apps should be loaded by default:
  CheckPoint.VPN
  JuniperNetworks.JunosPulseVpn
  SonicWALL.MobileConnect
  F.vpn.client
  These programs are installed on a fresh install of Windows 8.1 Pro but I do not think they should be.  They are present prior to the install of any 3rd party programs or apps.
  Thanks

  I found them in my firewall list on my Windows 8.1 Pro installation and posted a question on a forum as well, though I don't think it was here.  I don't believe anyone ever answered.
  It looks as though these are parts of the bundled virtual private networking clients.
  Note, for example, the "distributed by Microsoft as part of Windows 8.1" wording on this page:
  http://www.sonicwall.com/app/projects/file_downloader/document_lib.php?t=PG&id=605
  -Noel
  Detailed how-to in my eBooks:  
  Configure The Windows 7 "To Work" Options
  Configure The Windows 8 "To Work" Options

• Privacy/Security Issue with Adobe Flash 10

  Not sure if anyone has noticed this or not, but there is a
  bizarre (if minor) privacy/security issue with Adobe Flash Player
  10. I came across it while attempting to upload a file to Flickr.
  Previous versions of AFP do not exhibit this problem.
  Specifics: using Firefox 3.x, Vista.
  The problem: When Flickr calls the "open file" dialogue in
  Flash 10 (in order to upload files) via the "Upload Photos and
  Videos" link, at the bottom of the dialogue, to the right of the
  "File Name" box, sits a common UI element that brings up a dropdown
  menu of what appear to be (or at least are supposed to be) recently
  viewed or downloaded or accessed files. Actually I'm not sure how
  Flash 10 compiles or accesses this list of files, but at any rate,
  a list of files come up.
  The problem is that, as far as I can tell, the list of files
  that come up reference a long list of files, some that are very old
  and that no longer exist, and that there is no way that I can find
  to clear the list. This is a minor security/privacy issue, as
  generally there should be a way to prevent a dialogue from
  displaying a long list of past-accessed files by clearing a cache
  somewhere or other -- imagine if it was impossible to clear the
  history of a web browser, for example -- this would be considered a
  pretty significant privacy issue. I have tried everything from
  flushing the browser cache to uninstalling and reinstalling the
  browser to uninstalling and reinstalling Adobe Flash to using the
  Flash Settings Manager to clear out the Flash saved sites to
  turning off Vista indexing to clearing out Vista's Recent Items
  list. None of these actions did anything to clear out this list of
  files. I can find no references to these files anywhere when I use
  Vista Search (with unindexed and system files searched as well),
  and I can find no reference to the files anywhere in the registry
  (I checked just in case Flash 10 was storing this index in some
  really bizarre place.) I've linked to a screenshot below of what
  I'm talking about -- most of the files listed below were deleted a
  long, long time ago, and so I have no idea why this dialogue refers
  to them.
  Screenshot
  Is there a simple work-around for this that I'm unaware of?
  Even if there is, there needs to be some more obvious way to clear
  out this list. Where is this information being stored, and what
  criteria does this list use to "put a file on the list"?

  Thanks for putting me on the right scent. That's what I'd
  originally thought, too -- it's just that the file-> open dialog
  was giving an entirely different list of files with other
  applications, so I assumed that it must be Flash that was the
  culprit. Turns out the reason it was different with Flickr was
  because it was restricting the file results via a long string of
  video and picture filetypes that are compatible with the Flickr
  service.
  It turns out the information I'm looking for is buried deep
  within the registry. The only way to clear out this list of files
  is to delete the following key (or specific subkeys):
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSavePidl MRU
  Seems more than a little stupid to store such information in
  the registry if security is your concern. Vista beguiles me
  sometimes.

• Are there any security issues with Quicktime player on macbook

  Are there any security issues with Quick Time Player on macbook pro? 2010 model running Yosemite recently upgraded. Thanks!

  No.

• HT201178 Are there security issues with pairing keyboards with certain passkeys?

  Are there security issues with pairing keyboards with certain passkeys?

  Hello, some info on that...
  http://x704.net/bbs/viewtopic.php?f=29&t=6059&p=73599&hilit=bluetooth#p73599

• Security issue with unlocking my iPhone 4?

  I'm not sure if anyone here will be able to help me but I am trying to get my iPhone unlocked with AT&T. I bought my iPhone on contract through AT&T in December 2010. My account is in good standing. I paid my ETF, it's technically eligible to be unlocked. I called AT&T on April 9th for an unlock and it's now April 19th and still no wordd from them. I've called several times and they won't tell me what's going on other than that "there is a security issue with unlocking my iPhone and the issue is with Apple, but they are working on it." From my understanding, all AT&T needs is the unlock code to enter into the system and unlock it from there. I don't know what security issues could possibly exist that would create a problem. The only thing I can think of is that when I orginally bought my iPhone it turned out to be a lemon and had to get it replaced the day after I bought it. I did this through an Apple store since it was around Christmas. The IMEI number on my phone doesn't match the one AT&T has on file, but that shouldn't matter? I gave them the right IMEI number that is on my current phone. Does anyone know what "security issues" can exist when it comes to unlocking an iPhone 4?

  Don't stress over the words used by the customer service people at AT&T. Half of them don't know what they're talking about more than half the time.  You are probably correct in that it has something to do with their database being inaccurate. 
  Give it a few days, then contact them again and ask for it to be escalated.
  Ignor rNair. The idea that Apple made it mandatory for AT&T to do anything is complete and total bunk. (S)He has no idea what (s)he's talking about

• Permissions Issue with Infopath Data Connection

  I'm not really sure how else to title this....
  Issue - InfoPath Form on SharePoint 2010 gives 'You do not have permissions to access a SharePoint list that contains data required for this form to function correctly."
  It gives a correlation ID
  Log file shows
  "Exception Message: The form cannot run the specified query. The list could not be found."
  Note the look-up is to a SharePoint list on the same content database.
  We have two Web-Front End servers with a load balancer.  We've had a number of other permissions type issues when the 'token' gets switched from one server to another, so we have the HOSTs file on each server pointing back to itself, so that once a
  server is 'grabbed' it stays on the same one.
  The error we are having currently, only seems to be occurring on the first Web Front End Server.
  Also we have sharepoint setup with an address of
  http://sharepoint.domain.com as well as an alias. http://sharepoint.
  The error we are having currently, only occurs if I use the fully qualified domain
  " http://sharepoint.domain.com" on the InfoPath data connection.  If I use the shortened alias, the error does not occur.  That is the current/easy solution, but I would like
  to fix it 'correctly' if possible.
  So, it appears to me that only on one of the Web Front End servers, it isn't liking the fully qualified path when doing a data connection.

  Hi ,
  Is the above issue fixed . if not please check below option
  Check the List / Library  [Source for dataconnection ] permission setting .
  If the permission is unique [ restricted from root site].  we  will the above type error message
  Velu K

• Dimension Level Security on a Data Form

  Hi,
  Is there any other way in Hyperion Planning to know where the dimensional level security is missing when you get the following error - (other than manually going to the dimensions and checking it)
  "Security and/or filtering has resulted in a required dimension not being represented on the data form"
  Please let me know !
  ~ Adella

  Alp, I did try to work with your idea and it did help. Thank you so much for your input.
  Anyways, for now I think I got an answer to my question..but please do let me know of other ideas if you come across any :)
  ~ Adella

• Data level Security issue in obiee 11g

  Hi,
  We are trying to implement data level security, let me explain the issue
  The requirement is, we have 7 schools and each school has one principle , there will be a Superdintent who has 3 schools under him. so now when each principle logs in to dashboard we have a prompt for school i.e Name of school in that prompt he should see only his school and even the data of that school only which are assigned to him, now when Superdintent logs in he should see all 3 schools in the prompt and data. I have gone through this link (http://www.rittmanmead.com/2012/03/obiee-11g-security-week-row-level-security/) but could not achieve.
  We are able to achieve by writing SQL in BMM layer ( LTS Table) so where ever the table is used in dashboards the security is being applied and we are able to see what we want. We want to achieve this by application role, But when we are creating session variables and applying on Application Role its not working. We want to achieve this by using Application role because suppose in other dashboards when the table is not used or pulled in, it will not work.But if we do it using application role its applies to all dashboards and data is resticted. so that when principle or Superdintent logs in automatically its restricts the data.
  Below is the SQL which we used in BMM LTS, its working fine. But when the same SQL is applied in Application Role it's not working.
  SQL used in session variable -
  select  'SCHOOL_CD1', school_cd1 from w_staff_d where empl_id ='VALUEOF(NQ_SESSION.USER)'
  and job_desc1 = 'Principal High School - KPI'
  Any suggestions please ??
  Thanks,
  VRP

  Hi,
  I pasted the log view below by applying SET VARIABLE LOGLEVEL=2, DISABLE_CACHE_HIT=1;, ran this report by applying SQL in Session variable. Let me know if you want anything -
  Thanks
  [OracleBIServerComponent] [TRACE:2] [USER-0] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] ############################################## [[
  -------------------- SQL Request:
  SET VARIABLE QUERY_SRC_CD='Report',SAW_SRC_PATH='/shared/Key Performance Analytics/Analysis/Climate and Culture/Analysis for total school suspensions',LOGLEVEL=2, DISABLE_CACHE_HIT=1; SELECT s_0, s_1, s_2, s_3, s_4, s_5, s_6, s_7, s_8, s_9, s_10, s_11 FROM (
  SELECT
  0 s_0,
  "High School KPI"."- Date"."School Year" s_1,
  "High School KPI"."- Grade"."Grade Level" s_2,
  "High School KPI"."- School"."School Name" s_3,
  "High School KPI"."- School Suspensions"."% of Students Suspended" s_4,
  "High School KPI"."- School Suspensions"."Count of Students Enrolled" s_5,
  "High School KPI"."- School Suspensions"."Count of Students with Incidents" s_6,
  CASE WHEN (CASE WHEN MAX("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END +(CASE WHEN (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END)=0 THEN CASE WHEN CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END <0 THEN (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END *-1) ELSE CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END END ELSE (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END) END /10))<0 THEN 1 ELSE 2 END s_7,
  CASE WHEN (CASE WHEN MAX("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END)=0 THEN CASE WHEN CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END <0 THEN (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END *-1) ELSE CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END END ELSE (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END) END s_8,
  CASE WHEN MAX("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END s_9,
  CASE WHEN MIN("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY ) END s_10,
  REPORT_AGGREGATE("High School KPI"."- School Suspensions"."% of Students Suspended" BY "High School KPI"."- Date"."School Year") s_11
  FROM "High School KPI"
  WHERE
  (("- Discipline Action"."Discipline Action Code" = 'Suspension') AND ("- Date"."School Year Desc" = VALUEOF("school_year_desc")))
  ) djm ORDER BY 1, 2 ASC NULLS LAST
  [2012-10-17T18:36:55.000+00:00] [OracleBIServerComponent] [TRACE:2] [USER-23] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] -------------------- General Query Info: [[
  Repository: Star, Subject Area: High School KPI, Presentation: High School KPI
  [2012-10-17T18:36:55.000+00:00] [OracleBIServerComponent] [TRACE:2] [USER-18] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] -------------------- Sending query to database named SPA (id: <<62064>>), connection pool named Initialization Block Connection Pool: [[
  WITH
  SAWITH0 AS (select T30351.SCHOOL_YEAR_DESC as c2,
  T26564.GRADE_LONG_DESC as c4,
  T26686.SCHOOL_NM as c5,
  T29835.STDNT_WID as c6,
  ROW_NUMBER() OVER (PARTITION BY T30351.SCHOOL_YEAR_DESC, T29835.STDNT_WID ORDER BY T30351.SCHOOL_YEAR_DESC DESC, T29835.STDNT_WID DESC) as c7
  from
  W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
  W_SCHOOL_YEAR_D T30351 /* KPI_W_SCHOOL_YEAR_D */ ,
  W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
  W_STDNT_ENROLL_SCHOOL_F T29835 /* KPI_W_STDNT_ENROLL_SCHOOL_F */
  where ( T26564.GRADE_LEVEL_WID = T29835.GRADE_LEVEL_WID and T26686.ORGANIZATION_WID = T29835.ORGANIZATION_WID and T29835.SCHOOL_YEAR_WID = T30351.SCHOOL_YEAR_WID and T30351.SCHOOL_YEAR_DESC = '2011-2012' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
  SAWITH1 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
  D1.c2 as c2,
  count(distinct D1.c6) as c3,
  D1.c4 as c4,
  D1.c5 as c5
  from
  SAWITH0 D1
  group by D1.c2, D1.c4, D1.c5),
  SAWITH2 AS (select sum(D1.c1) over (partition by D1.c2) as c1,
  D1.c2 as c2,
  D1.c3 as c3,
  D1.c4 as c4,
  D1.c5 as c5
  from
  SAWITH1 D1),
  SAWITH3 AS (select T30647.SCHOOL_YEAR as c3,
  T26564.GRADE_LONG_DESC as c4,
  T26686.SCHOOL_NM as c5,
  T26023.STDNT_WID as c6,
  ROW_NUMBER() OVER (PARTITION BY T30647.SCHOOL_YEAR, T26023.STDNT_WID ORDER BY T30647.SCHOOL_YEAR DESC, T26023.STDNT_WID DESC) as c7
  from
  W_DISCIPLINE_ACTION_D T29975 /* KPI_W_DISCIPLINE_ACTION_D */ ,
  W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
  W_KPI_QTR_DAY_D T30647,
  W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
  W_STDNT_DISCIPLINE_F T26023 /* KPI_W_STDNT_DISCIPLINE_F */
  where ( T26023.DISCIPLINE_ACTION_WID = T29975.DISCIPLINE_ACTION_WID and T26023.ORGANIZATION_WID = T26686.ORGANIZATION_WID and T26023.DATE_WID = T30647.DATE_WID and T26023.GRADE_LEVEL_WID = T26564.GRADE_LEVEL_WID and T29975.DISCIPLINE_ACTION_CD = 'Suspension' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
  SAWITH4 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
  count(distinct D1.c6) as c2,
  D1.c3 as c3,
  D1.c4 as c4,
  D1.c5 as c5
  from
  SAWITH3 D1
  group by D1.c3, D1.c4, D1.c5),
  SAWITH5 AS (select sum(D1.c1) over (partition by D1.c3) as c1,
  D1.c2 as c2,
  D1.c3 as c3,
  D1.c4 as c4,
  D1.c5 as c5
  from
  SAWITH4 D1)
  select distinct case when D1.c2 is not null then D1.c2 when D2.c3 is not null then D2.c3 end as c1,
  case when D1.c4 is not null then D1.c4 when D2.c4 is not null then D2.c4 end as c2,
  case when D1.c5 is not null then D1.c5 when D2.c5 is not null then D2.c5 end as c3,
  case when D1.c3 = 0 then NULL else D2.c2 * 100.0 / nullif( D1.c3, 0) end as c4,
  D1.c3 as c5,
  D2.c2 as c6
  from
  SAWITH2 D1,
  SAWITH5 D2
  where ( nvl(D1.c2 , '1') = nvl(D2.c3 , '1') and nvl(D1.c2 , '2') = nvl(D2.c3 , '2') and nvl(D1.c4 , '1') = nvl(D2.c4 , '1') and nvl(D1.c4 , '2') = nvl(D2.c4 , '2') and nvl(D1.c5 , '1') = nvl(D2.c5 , '1') and nvl(D1.c5 , '2') = nvl(D2.c5 , '2') )
  order by c1, c2, c3
  [2012-10-17T18:36:55.000+00:00] [OracleBIServerComponent] [TRACE:2] [USER-18] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] -------------------- Sending query to database named SPA (id: <<62434>>), connection pool named Initialization Block Connection Pool: [[
  WITH
  SAWITH0 AS (select T30351.SCHOOL_YEAR_DESC as c2,
  T26564.GRADE_LONG_DESC as c4,
  T26686.SCHOOL_NM as c5,
  T29835.STDNT_WID as c6,
  ROW_NUMBER() OVER (PARTITION BY T30351.SCHOOL_YEAR_DESC, T29835.STDNT_WID ORDER BY T30351.SCHOOL_YEAR_DESC DESC, T29835.STDNT_WID DESC) as c7
  from
  W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
  W_SCHOOL_YEAR_D T30351 /* KPI_W_SCHOOL_YEAR_D */ ,
  W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
  W_STDNT_ENROLL_SCHOOL_F T29835 /* KPI_W_STDNT_ENROLL_SCHOOL_F */
  where ( T26564.GRADE_LEVEL_WID = T29835.GRADE_LEVEL_WID and T26686.ORGANIZATION_WID = T29835.ORGANIZATION_WID and T29835.SCHOOL_YEAR_WID = T30351.SCHOOL_YEAR_WID and T30351.SCHOOL_YEAR_DESC = '2011-2012' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
  SAWITH1 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
  D1.c2 as c2,
  count(distinct D1.c6) as c3,
  D1.c4 as c4,
  D1.c5 as c5
  from
  SAWITH0 D1
  group by D1.c2, D1.c4, D1.c5),
  SAWITH2 AS (select sum(D1.c1) over (partition by D1.c2) as c1,
  D1.c2 as c2,
  D1.c3 as c3,
  D1.c4 as c4,
  D1.c5 as c5
  from
  SAWITH1 D1),
  SAWITH3 AS (select T30647.SCHOOL_YEAR as c3,
  T26564.GRADE_LONG_DESC as c4,
  T26686.SCHOOL_NM as c5,
  T26023.STDNT_WID as c6,
  ROW_NUMBER() OVER (PARTITION BY T30647.SCHOOL_YEAR, T26023.STDNT_WID ORDER BY T30647.SCHOOL_YEAR DESC, T26023.STDNT_WID DESC) as c7
  from
  W_DISCIPLINE_ACTION_D T29975 /* KPI_W_DISCIPLINE_ACTION_D */ ,
  W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
  W_KPI_QTR_DAY_D T30647,
  W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
  W_STDNT_DISCIPLINE_F T26023 /* KPI_W_STDNT_DISCIPLINE_F */
  where ( T26023.DISCIPLINE_ACTION_WID = T29975.DISCIPLINE_ACTION_WID and T26023.ORGANIZATION_WID = T26686.ORGANIZATION_WID and T26023.DATE_WID = T30647.DATE_WID and T26023.GRADE_LEVEL_WID = T26564.GRADE_LEVEL_WID and T29975.DISCIPLINE_ACTION_CD = 'Suspension' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
  SAWITH4 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
  count(distinct D1.c6) as c2,
  D1.c3 as c3,
  D1.c4 as c4,
  D1.c5 as c5
  from
  SAWITH3 D1
  group by D1.c3, D1.c4, D1.c5),
  SAWITH5 AS (select sum(D1.c1) over (partition by D1.c3) as c1,
  D1.c2 as c2,
  D1.c3 as c3,
  D1.c4 as c4,
  D1.c5 as c5
  from
  SAWITH4 D1),
  SAWITH6 AS (select case when max(D1.c1) = 0 then NULL else max(D2.c1) * 100.0 / nullif( max(D1.c1), 0) end as c11,
  case when D1.c2 is not null then D1.c2 when D2.c3 is not null then D2.c3 end as c12
  from
  SAWITH2 D1,
  SAWITH5 D2
  where ( nvl(D1.c2 , '1') = nvl(D2.c3 , '1') and nvl(D1.c2 , '2') = nvl(D2.c3 , '2') and nvl(D1.c4 , '1') = nvl(D2.c4 , '1') and nvl(D1.c4 , '2') = nvl(D2.c4 , '2') and nvl(D1.c5 , '1') = nvl(D2.c5 , '1') and nvl(D1.c5 , '2') = nvl(D2.c5 , '2') )
  group by case when D1.c2 is not null then D1.c2 when D2.c3 is not null then D2.c3 end )
  select D2.c11 as c1,
  D2.c12 as c2
  from
  SAWITH6 D2
  order by c2
  Edited by: 965968 on Oct 17, 2012 11:49 AM

• Data Level Security issue

  Hello Gurus:
  I am having a problem with Data Level security.
  I copied my Production RPD and Webcat in Test, changed connection pool DSN and user/passwords.
  Now the problem is, a user who has same rights in Prod and Test, is seeing properly in Production, but sees nothing in Test.
  I am using initialization block from Siebel CRM Application. So customers are assigned to users based on their responsibility from S_RESP and S_USER.
  based on that, users can see the list of customers. Authentication is LDAP, same server for production and Test.
  Now, a user sees properly assigned list in Production, but not in Test. I dont know how to solve it. I searched query logs and stuff, but couldnt find anything.
  Please help me how should I investigate this issue.
  Thanks.
  Vinay

  Thanks for quick reply Stijn:
  Here are my inputs..
  1)"they see nothing"? means the dont see any customers in drop down. This is data level and not related to column or subject area. The only filter I use is
  "ATLAS Reports"."Dim - Accounts Hierarchy".LVL1ANC_ID = VALUEOF(NQ_SESSION."ORGS")
  This filter is applied to Customer hierarchy and couple of sensitive facts.
  The users are able to see all products because filter is not applied. I disabled the filter, and users could see everything. But I cant disable this in Production.
  2) What is the physical sql generated by the report? Set the loglevel of a user to a higher level in order to seet this.
  I am not able to set higher loglevel because i dont see the user in repository. All I see is GROUP, and they are assigned to particular groups based on GROUP session variable. Then filters are set on particular groups. How do I set logging level at Group level?
  3)Can you copy the query and run it against the test database. What results do you get?
  I can not see the query because of above reason.
  4)Does the user get the proper groups assigned? Yes. I put the session variable in title view to verify this.
  5) Are S_USER and S_RESP in Test equal to S_USER and S_REPS in Production? Yes.
  Let me know if you need more information.
  ~Vinay.