OBIEE Data Level Security - Prompt While logging into the OBI Portal
All,
Below is what we are trying to see if it’s possible
We have a BM say 'Sales and Profits' . This is a simple model built around 1 fact and 5 dimensions. The underlying tables contain data from 5 different geographic segments US-NE, US-SW,US-NW,US-Midwest, US-All Segments.
The dimension table 'Segments' has all the above said values which are used to build reports related to each segment and all segments etc..
We have Groups/Users assigned in the repository (Using OBI Rpd security) based on the above segments.
If we want a user from 'US-NE' group to see only data related to his segment , we can add a filter condition to the group privilege tab ( Using SQL expression segment = 'US-NE') . This is straight forward.
Now the problem part , if we have a user who should be able to access data from two segments ,how do we handle it ? . We don't want to go and create multiple groups and assign users to them from the RPD groups.
Other ideas we considered were
Duplicate the BM and add a filter through the LTS ( based on segment value) . Assign group permissions to the corresponding presentation models. This idea though has a lot of disadvantages. Firstly , it would mean creating several duplicate BM and every time we update the master BM we will have to update all duplicate models
Another idea was to specify the filter based on presentation model, while assigning the group privileges ( Using the expression from Group permissions). This approach is at least cleaner in the sense we will have to deal with only 1 BM and 1 Presentation model., but we will run into the same problem of having to create multiple groups or assign users to multiple groups ( Users who will have access to multiple segments)
An ideal solution -
When a user tries to log in or immediately after he logs , Is there a way we can throw a pop-up that will force the user to select segment(s)? This should enforce the data restriction. I did not find a way to do this especially while using RPD based security model. Any ideas how we can do this ?
Since the 'Segment' dimension table is applicable to all BM in our systems (All fact tables in our warehouse have a link to the Segment table). We would ideally want this implemented across all dashboards and reports within in the OBI portal
SK
Now the problem part , if we have a user who should be able to access data from two segments ,how do we handle it ?
You handle it on the same way as 'US-NE'. You will create another group called say US-SW then add the filter to it and make sure the user belongs to both groups. OBIEE will translate this into IN('US-NE', 'US-SW').We don't want to go and create multiple groups and assign users to them from the RPD groups.
You will need to create the groups but you can avoid having to asign them to the group in the RPD by using an init block to populate the GROUPS variable when the user logins.The other options are hacks...
Similar Messages
-
OBIEE Data level security - OR condition among multiple filters
Hi All,
we have an requirement in OBIEE 11.1.1.5 to apply data level security based on mutiple dimension ( for example: Product, Geography and Customer). we have implemented by creating 3 groups one for each dimension,
added appropriate filters for each group and applied on presentation layer. But when we see the query generated by OBIEE server all filters are getting applied with OR condition instead of AND.
Could someone explain why this is happening so.. is this the actual behaviour of OBIEE or am i doing something wrong !!!!
Example of the conditions added is
Select * from table
where Country='XYZ' OR Customer ='ABC' OR Product='123'
Expected behavior is
Select * from table
where Country='XYZ' AND Customer ='ABC' AND Product='123'
Thanks in advance..!
Thanks & Regards
Subhakar ParigiHi,
Any suggestion would be helpful.
Regards,
Subhakar P -
How do I prevent prompt to log into the cloud?
Everytime I start iTunes (and my iPOD) I get prompted to enter my password to log into the cloud. I don't want to be asked. I don't use the cloud and don't intend to. How do I stop this prompt from showing up? It is a big annoyance.
CRANEFISH wrote:
Why is no answer given?
This can happen when the original question is obscured by others before someone who thinks they have an answer notices it. At a guess a year ago the forums were quite busy with a different topic.
KB1VCC wrote:
Everytime I start iTunes (and my iPOD) I get prompted to enter my password to log into the cloud. I don't want to be asked. I don't use the cloud and don't intend to. How do I stop this prompt from showing up? It is a big annoyance.
iPod touch (5th generation)
Use Ctrl+B if needed to enable the menu bar.
Under Edit > Preferences > Store uncheck any entries in the Automatic Downloads section and also untick Show iTunes in the Cloud purchases.
tt2 -
Alternative Data Level Security in OBIEE 11g
Gurus - Wanted to put it out there if there are alternatives ways of achieving data level security as opposed to going the route of creating blocks that initialize session variables which can be applied onto tables through roles in the RPD? The main reason for asking was to try and prevent performance impact of having a significant number of init blocks running when an user logs into the application.
GaneshVPD [Virtual Private Database] would be an alternative for this.
-
BIP Security - Data Level Security / Init Blocks
Hello, I am using BIP 11.1.1.5. I am aware that in OBIEE data-level security can be implemented by placing permissions on a application role. However, I am wondering if this can be accomplished in BIP if I use a BI Analysis or SQL as the datasource for my data model. I have a catalog of 100 BIP reports and was wondering if I can implemented data-level security via the RPD. I am exploring the various options of executing this type of security. I already performed some research and found Oracle's whitepaper on Row Level Security with BI Publisher.
Another Question: Does session init blocks work with BIP? I flipped the switch for BIP security model to 'Oracle BI Server' on the Admin security page. Next, I went to the RPD in online mode and created a simple query inside a init block. However, when I logged into BIP I didn't see the variable from the session init block in the Manage Sessions window.
ThanksLook at the below link..It has three options. this one is from veeravalli I believe..I personally like the second option if there are not many reports to work with.
cool-bi.com -
Error while logging in the BPC
Hi All
We are using BPC MS version.
We have encountered the following error, while Logging into the server :
' Cannot insert duplicate key row in object ' dbo.TBLDEFAULTS' with unique index ' IX_tbldefaults'. The statement has been terminated.
I have also seen note no. 1326648 but we are alredy on SP005
If anybody, has solution for this, please let us know.
Thanks & Regards
Rushabh Doshi
Edited by: R201184 on Nov 19, 2009 3:38 AMUsually this happen when you have a bad restore of an appset.
Or it can happen when you are doing a reimage of one computer into another computer.
Into tbldefault from appset where you try to connect it seems you have some duplicate records and this is causing the issue.
You have to find these duplicate records and to leave just a single record.
Regards
Sorin Radulescu -
How To Redirect to a site after logging into the R3 server?
I want to be able to do something like the following:
www.sapr3servername.doimain.com?redirect=www.xyz.com
So the users will be prompted to log into the SAPr3 server, than after the server has authenticated the user, i want the login page to redirect to a URL of my choosing.
How can I do this? What is the keyword for the parameter in the R3 server ?
Flow
- users will hit www.xyz.com
- If user is not authenticated, xyz.com will direct them to the URL in an iframe: www.sapr3servername.doimain.com?redirect=www.xyz.com
- The user will sign into www.sapr3servername.domain.com with their SAP crednetials
- after the sign on is completed, the R3 server will redirect them back to xyz.com, where they will now be authenticatedBUMP
Is this not possible or what? -
How to change to "EN" (english) before logging into Netweaver 2004s portal
Hello,
How do i change the language to english before logging into the netweaver portal 2004s. Once I enter, the language settings are in german and I dont see any option where a language selection can be made. Pls help.
Thanks,
SDHello Sebastian
another possibility is that you look in the user admin of your portal (http://<portal_server>:<port>/useradmin
Search for the user you log on with and change the default language there.
Regards
Georg -
Data level Security issue in obiee 11g
Hi,
We are trying to implement data level security, let me explain the issue
The requirement is, we have 7 schools and each school has one principle , there will be a Superdintent who has 3 schools under him. so now when each principle logs in to dashboard we have a prompt for school i.e Name of school in that prompt he should see only his school and even the data of that school only which are assigned to him, now when Superdintent logs in he should see all 3 schools in the prompt and data. I have gone through this link (http://www.rittmanmead.com/2012/03/obiee-11g-security-week-row-level-security/) but could not achieve.
We are able to achieve by writing SQL in BMM layer ( LTS Table) so where ever the table is used in dashboards the security is being applied and we are able to see what we want. We want to achieve this by application role, But when we are creating session variables and applying on Application Role its not working. We want to achieve this by using Application role because suppose in other dashboards when the table is not used or pulled in, it will not work.But if we do it using application role its applies to all dashboards and data is resticted. so that when principle or Superdintent logs in automatically its restricts the data.
Below is the SQL which we used in BMM LTS, its working fine. But when the same SQL is applied in Application Role it's not working.
SQL used in session variable -
select 'SCHOOL_CD1', school_cd1 from w_staff_d where empl_id ='VALUEOF(NQ_SESSION.USER)'
and job_desc1 = 'Principal High School - KPI'
Any suggestions please ??
Thanks,
VRPHi,
I pasted the log view below by applying SET VARIABLE LOGLEVEL=2, DISABLE_CACHE_HIT=1;, ran this report by applying SQL in Session variable. Let me know if you want anything -
Thanks
[OracleBIServerComponent] [TRACE:2] [USER-0] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] ############################################## [[
-------------------- SQL Request:
SET VARIABLE QUERY_SRC_CD='Report',SAW_SRC_PATH='/shared/Key Performance Analytics/Analysis/Climate and Culture/Analysis for total school suspensions',LOGLEVEL=2, DISABLE_CACHE_HIT=1; SELECT s_0, s_1, s_2, s_3, s_4, s_5, s_6, s_7, s_8, s_9, s_10, s_11 FROM (
SELECT
0 s_0,
"High School KPI"."- Date"."School Year" s_1,
"High School KPI"."- Grade"."Grade Level" s_2,
"High School KPI"."- School"."School Name" s_3,
"High School KPI"."- School Suspensions"."% of Students Suspended" s_4,
"High School KPI"."- School Suspensions"."Count of Students Enrolled" s_5,
"High School KPI"."- School Suspensions"."Count of Students with Incidents" s_6,
CASE WHEN (CASE WHEN MAX("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END +(CASE WHEN (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END)=0 THEN CASE WHEN CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END <0 THEN (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END *-1) ELSE CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END END ELSE (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END) END /10))<0 THEN 1 ELSE 2 END s_7,
CASE WHEN (CASE WHEN MAX("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END)=0 THEN CASE WHEN CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END <0 THEN (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END *-1) ELSE CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END END ELSE (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END) END s_8,
CASE WHEN MAX("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END s_9,
CASE WHEN MIN("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY ) END s_10,
REPORT_AGGREGATE("High School KPI"."- School Suspensions"."% of Students Suspended" BY "High School KPI"."- Date"."School Year") s_11
FROM "High School KPI"
WHERE
(("- Discipline Action"."Discipline Action Code" = 'Suspension') AND ("- Date"."School Year Desc" = VALUEOF("school_year_desc")))
) djm ORDER BY 1, 2 ASC NULLS LAST
[2012-10-17T18:36:55.000+00:00] [OracleBIServerComponent] [TRACE:2] [USER-23] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] -------------------- General Query Info: [[
Repository: Star, Subject Area: High School KPI, Presentation: High School KPI
[2012-10-17T18:36:55.000+00:00] [OracleBIServerComponent] [TRACE:2] [USER-18] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] -------------------- Sending query to database named SPA (id: <<62064>>), connection pool named Initialization Block Connection Pool: [[
WITH
SAWITH0 AS (select T30351.SCHOOL_YEAR_DESC as c2,
T26564.GRADE_LONG_DESC as c4,
T26686.SCHOOL_NM as c5,
T29835.STDNT_WID as c6,
ROW_NUMBER() OVER (PARTITION BY T30351.SCHOOL_YEAR_DESC, T29835.STDNT_WID ORDER BY T30351.SCHOOL_YEAR_DESC DESC, T29835.STDNT_WID DESC) as c7
from
W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
W_SCHOOL_YEAR_D T30351 /* KPI_W_SCHOOL_YEAR_D */ ,
W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
W_STDNT_ENROLL_SCHOOL_F T29835 /* KPI_W_STDNT_ENROLL_SCHOOL_F */
where ( T26564.GRADE_LEVEL_WID = T29835.GRADE_LEVEL_WID and T26686.ORGANIZATION_WID = T29835.ORGANIZATION_WID and T29835.SCHOOL_YEAR_WID = T30351.SCHOOL_YEAR_WID and T30351.SCHOOL_YEAR_DESC = '2011-2012' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
SAWITH1 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
D1.c2 as c2,
count(distinct D1.c6) as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH0 D1
group by D1.c2, D1.c4, D1.c5),
SAWITH2 AS (select sum(D1.c1) over (partition by D1.c2) as c1,
D1.c2 as c2,
D1.c3 as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH1 D1),
SAWITH3 AS (select T30647.SCHOOL_YEAR as c3,
T26564.GRADE_LONG_DESC as c4,
T26686.SCHOOL_NM as c5,
T26023.STDNT_WID as c6,
ROW_NUMBER() OVER (PARTITION BY T30647.SCHOOL_YEAR, T26023.STDNT_WID ORDER BY T30647.SCHOOL_YEAR DESC, T26023.STDNT_WID DESC) as c7
from
W_DISCIPLINE_ACTION_D T29975 /* KPI_W_DISCIPLINE_ACTION_D */ ,
W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
W_KPI_QTR_DAY_D T30647,
W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
W_STDNT_DISCIPLINE_F T26023 /* KPI_W_STDNT_DISCIPLINE_F */
where ( T26023.DISCIPLINE_ACTION_WID = T29975.DISCIPLINE_ACTION_WID and T26023.ORGANIZATION_WID = T26686.ORGANIZATION_WID and T26023.DATE_WID = T30647.DATE_WID and T26023.GRADE_LEVEL_WID = T26564.GRADE_LEVEL_WID and T29975.DISCIPLINE_ACTION_CD = 'Suspension' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
SAWITH4 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
count(distinct D1.c6) as c2,
D1.c3 as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH3 D1
group by D1.c3, D1.c4, D1.c5),
SAWITH5 AS (select sum(D1.c1) over (partition by D1.c3) as c1,
D1.c2 as c2,
D1.c3 as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH4 D1)
select distinct case when D1.c2 is not null then D1.c2 when D2.c3 is not null then D2.c3 end as c1,
case when D1.c4 is not null then D1.c4 when D2.c4 is not null then D2.c4 end as c2,
case when D1.c5 is not null then D1.c5 when D2.c5 is not null then D2.c5 end as c3,
case when D1.c3 = 0 then NULL else D2.c2 * 100.0 / nullif( D1.c3, 0) end as c4,
D1.c3 as c5,
D2.c2 as c6
from
SAWITH2 D1,
SAWITH5 D2
where ( nvl(D1.c2 , '1') = nvl(D2.c3 , '1') and nvl(D1.c2 , '2') = nvl(D2.c3 , '2') and nvl(D1.c4 , '1') = nvl(D2.c4 , '1') and nvl(D1.c4 , '2') = nvl(D2.c4 , '2') and nvl(D1.c5 , '1') = nvl(D2.c5 , '1') and nvl(D1.c5 , '2') = nvl(D2.c5 , '2') )
order by c1, c2, c3
[2012-10-17T18:36:55.000+00:00] [OracleBIServerComponent] [TRACE:2] [USER-18] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] -------------------- Sending query to database named SPA (id: <<62434>>), connection pool named Initialization Block Connection Pool: [[
WITH
SAWITH0 AS (select T30351.SCHOOL_YEAR_DESC as c2,
T26564.GRADE_LONG_DESC as c4,
T26686.SCHOOL_NM as c5,
T29835.STDNT_WID as c6,
ROW_NUMBER() OVER (PARTITION BY T30351.SCHOOL_YEAR_DESC, T29835.STDNT_WID ORDER BY T30351.SCHOOL_YEAR_DESC DESC, T29835.STDNT_WID DESC) as c7
from
W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
W_SCHOOL_YEAR_D T30351 /* KPI_W_SCHOOL_YEAR_D */ ,
W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
W_STDNT_ENROLL_SCHOOL_F T29835 /* KPI_W_STDNT_ENROLL_SCHOOL_F */
where ( T26564.GRADE_LEVEL_WID = T29835.GRADE_LEVEL_WID and T26686.ORGANIZATION_WID = T29835.ORGANIZATION_WID and T29835.SCHOOL_YEAR_WID = T30351.SCHOOL_YEAR_WID and T30351.SCHOOL_YEAR_DESC = '2011-2012' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
SAWITH1 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
D1.c2 as c2,
count(distinct D1.c6) as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH0 D1
group by D1.c2, D1.c4, D1.c5),
SAWITH2 AS (select sum(D1.c1) over (partition by D1.c2) as c1,
D1.c2 as c2,
D1.c3 as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH1 D1),
SAWITH3 AS (select T30647.SCHOOL_YEAR as c3,
T26564.GRADE_LONG_DESC as c4,
T26686.SCHOOL_NM as c5,
T26023.STDNT_WID as c6,
ROW_NUMBER() OVER (PARTITION BY T30647.SCHOOL_YEAR, T26023.STDNT_WID ORDER BY T30647.SCHOOL_YEAR DESC, T26023.STDNT_WID DESC) as c7
from
W_DISCIPLINE_ACTION_D T29975 /* KPI_W_DISCIPLINE_ACTION_D */ ,
W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
W_KPI_QTR_DAY_D T30647,
W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
W_STDNT_DISCIPLINE_F T26023 /* KPI_W_STDNT_DISCIPLINE_F */
where ( T26023.DISCIPLINE_ACTION_WID = T29975.DISCIPLINE_ACTION_WID and T26023.ORGANIZATION_WID = T26686.ORGANIZATION_WID and T26023.DATE_WID = T30647.DATE_WID and T26023.GRADE_LEVEL_WID = T26564.GRADE_LEVEL_WID and T29975.DISCIPLINE_ACTION_CD = 'Suspension' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
SAWITH4 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
count(distinct D1.c6) as c2,
D1.c3 as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH3 D1
group by D1.c3, D1.c4, D1.c5),
SAWITH5 AS (select sum(D1.c1) over (partition by D1.c3) as c1,
D1.c2 as c2,
D1.c3 as c3,
D1.c4 as c4,
D1.c5 as c5
from
SAWITH4 D1),
SAWITH6 AS (select case when max(D1.c1) = 0 then NULL else max(D2.c1) * 100.0 / nullif( max(D1.c1), 0) end as c11,
case when D1.c2 is not null then D1.c2 when D2.c3 is not null then D2.c3 end as c12
from
SAWITH2 D1,
SAWITH5 D2
where ( nvl(D1.c2 , '1') = nvl(D2.c3 , '1') and nvl(D1.c2 , '2') = nvl(D2.c3 , '2') and nvl(D1.c4 , '1') = nvl(D2.c4 , '1') and nvl(D1.c4 , '2') = nvl(D2.c4 , '2') and nvl(D1.c5 , '1') = nvl(D2.c5 , '1') and nvl(D1.c5 , '2') = nvl(D2.c5 , '2') )
group by case when D1.c2 is not null then D1.c2 when D2.c3 is not null then D2.c3 end )
select D2.c11 as c1,
D2.c12 as c2
from
SAWITH6 D2
order by c2
Edited by: 965968 on Oct 17, 2012 11:49 AM -
Dashboard prompts are getting cached and not working as per data level security
Hi,
Version: OBIEE 11.1.1.5 BP2
We have dashboard prompts that have data level security defined in RPD - Content tab of an LTS.
After clearing cache, the dashboard prompt applies the security properly. When another user who has a different security defined, is seeing the same prompt values on clicking the drop down of a prompt and also when they click search prompt popup.
Issue is, for second user, I do not even see cached query in the session logs. Tried applying the DISABLE_CACHE_HIT=1 in the prompt sql results, no luck.
But reports are applying the security correctly, issue is with prompts alone.
Any thoughts on this?
Thanks,
RajeshJust for others reference: We disabled caching on the table to avoid this issue.
-
Data Level Security In OBIEE 11g based on the filters setup in RPD
Hello All,
We are trying to implement the data level security on a BI publisher report that is using BI server as the data source. The filters are created in the RPD based on user login ( session variable USER). From the documentation of BI publisher, I see that you have to enable the option Use Proxy Authentication to pass the user information down to BI publisher from OBIEE when using BI server as the data source to implement row-level security. After checking that option, the BI pub report does not render anymore. This is all in 11g. Can anyone help me with where I am going wrong?
Regards,
-Amith.A.Y wrote:
Hello All,
We are trying to implement the data level security on a BI publisher report that is using BI server as the data source. The filters are created in the RPD based on user login ( session variable USER). From the documentation of BI publisher, I see that you have to enable the option Use Proxy Authentication to pass the user information down to BI publisher from OBIEE when using BI server as the data source to implement row-level security. After checking that option, the BI pub report does not render anymore. This is all in 11g. Can anyone help me with where I am going wrong?
Regards,
-Amith.Not sure, if anyone has yet ran into this issue, but the workaround we have implemented is to build a report in OBIEE and use the analysis query as the source for BI Publisher. -
Safari Version 6.0.2 (7536.26.17)
I believe my problems stem from the public side of Yahoo where I go to open my Yahoo Email account, and/or from the file I get in
email.
Yahoo security - Using Yahoo search engine: while logged into Yahoo my entire screen gets taken over by a full page popup add/i've cleared histories & cookies & flash cookies but the problem returns, sometimes right away, sometime on the next log on … what to do … . I’ve heard of this problem being called a form of ‘yahoo mail hijacking’.
Yahoo is better than Google right now. While using Google as a search engine and logged into Yahoo-mail the page elevator (up& down) bar actually freezes, a dead giveaway that something is up. So far nothing I do will stop the page elevator from freezing when I'm using the Google search engine. I either have to use the Yahoo or Bing search engines.
MacPro w/OS X ver 10.7.5 & Norton Internet Security 5 for Mac ver 12.4 (73) / I update Norton security at least 3-times a day. I thing I get the bug when I log onto my Yahoo Email and go through my emails. When problems get constant I Reset Safari then run flush to burn flash cookies. What else can I do?
Yahoo wanted $58-bucks for a consult, that’s ********. You would think Yahoo would want to be advised of ongoing Yahoo Searchengine / Yahoo Email problems, and want to help there users with ongoing problems. Sure they will help me with their problem for $58, and probably even suggest even less than what I am already doing on my own.It's hard to tell from your description what is going on, but try this first.
Quit Safari. If it won't quit in the usual way, select
▹ Force Quit...
from the menu bar, then select Safari from the list and press return.
Relaunch Safari by holding down the shift key and clicking its icon in the Dock. That will stop the bad page from reloading automatically. From the menu bar, select
Safari ▹ Preferences... ▹ Privacy ▹ Remove all website data
to get rid of any cookies or other data left by the server. Open your Downloads folder and delete anything you don't recognize.
Also get rid of the useless Norton crapware, after backing up all data.
Uninstalling your Norton product for Mac -
We have implemented data level security by applying filters on groups in Obiee Administration tool. Here we have set filter on division(which is a column in Customer table). This is done so that user can see data for division for which he has access.
When user creates report which consists of division column filter is working fine. E.g. if user1 has access to division1
and when user1 cretes a report for (customerName,division,sales columns) he can see sales of customers belong to division1. But if user1 cretes report which does not contain division column e.g.(customerName,sales columns report) he can see all the customers sales data. How can we aoide that. We want User1 to see division1's data only irrespective whether division column is there in report or not.
Can any one suggest what should be done to achive this.
Thanks,
AvdhutHi friend,
You need to create group of users and then apply filters over that groups.
you should establish an additional filter for group1 (user1 belongs to group1 in your example). Follow next steps:
- Manage -> Security...
- Groups -> click right group1 and select propierties.
- Select button 'Permissions...'
- Select tab 'Filters' -> add new filter.
- On the column name select the metric you need filter, in your example, customer sales. On the column 'Business model filter' put table.division=division1
I hope this can help you.
Good luck. -
Data Level Security OBIEE,PLEASE HELP
How can we implement data level security in OBIEE. For example, a Sales officer should only see data for his customers, similarly a Sales Manager should only be able to see data for Sales Officers working under him....
any help would be appreciatedHi there are many blogs on data level security..
understand the concepts and try to implement, if you stuck up anywhere will help you out..
http://obieeblog.wordpress.com/2009/01/15/obiee-data-security-column-level-security/
Data level security in OBIEE -
OBIEE BI Apps data level security involving multiple PeopleSoft Segments
Has anyone implemented OBIEE BI Apps data level security involving multiple PeopleSoft Segments and can provide some tips?
Our PeopleSoft security grants access by 2 segment combinations:
All Segment 3 (Department) and any Segment 6 (Project)
Specific Segment 6
Specific combinations of Segment 3 and Segment 6
In addition, there is a flag to indicate if the user also has access to payroll data. Payroll access is a subset of the general finance access.
We've got a security init blocks running successfully for general finance and payroll access. We've created Data filters on the Segments for general finance access and GL Account for payroll access. We designed dashboards to use Dept and Project from the Segments on the general finance dashboards and pull Dept and Project from GL Account for the payroll dashboards.
The problem is both data filters are being applied to the general finance dashboards since the joins behind the scenes on the general finance dashboards use GL Account.
Does anyone have a suggestion?Business Intelligence Applications
Maybe you are looking for
-
Since I updated my adobe flash player firefox keeps saying that it is not responding after I open it and it loads my home page, I disabled add-ons and went throught the process of figuring out which one it was and it was adobe flash, but without flas
-
Hello. I recently woke up this morning to use my iPod Touch (2nd Gen) to find that it was completely unresponsive to both buttons and would not turn on. I had been using it the night before and had not charged it. Thinking the battery was drained, I
-
Hello, I'm try to make a Matlab bundle, I is very BIG Directory (7GB). But when I assigned it to device, it fail with Cache Item Error, or if it work, it fail after 40% (In Show Proccess). I try it on a several devices, and the same problem. Can some
-
Creating a DVD that you can select specific tracks to play.. (read on)
I am wanting to create a DVD that has say for example 10 individual buttons for the 10 different videos (tracks), but want to be able to select just the videos I want to watch out of the 10, for example videos 1, 5 and 8. Is there a way that this can
-
Navigating to new row in table view
Hi, I have a table view which displays only 10 rows in one screen. When there are more than 10 rows, links are displayed to navigate to other pages. If 'new' button is pressed, a new row is created at the end of the table. If there are multiple pages