Reports XI: Infoview behavior with Row Level Security

Post Author: pwilliamsbssp
CA Forum: General
I have a report that is based off a business view that has project information with an additional table used to assign report users to certain clients (each project has a client).  A filter is used to assign the report user to the current ce username.The report is scheduled by the administrator login.  Each user goes to view their report on Infoview and is able to view data for only those clients specifically assigned.   This functionality seems to work fine - everyone views one instance of the report and InfoView assigns the row level security.However, I'm running into a problem viewing report histories when adding or changing client assignments.   The historical reports come up either blank or with erroneous information (such as the current week's information instead of the previous week's data saved with the instance of the report).   I have not found a logical link between the behavior of the historical reports and the specific users.  Some can see one week and not another while others have the reverse, regardless of their security assignments.Does anyone understand the behavior of view historical reports with row-level security?  I have no idea what data/metadata is saved with each report instance and when the row-level security is being read.  Is it read when viewing the report? or, is it specific to the structure of the data when the report was run?With other reports using the same row-level security model I'm able to view the historical reports although it has the client assignments at the time the report was created.  But, at least I'm able to view the reports.Any insight welcome.Patrick Williams

Post Author: pwilliamsbssp
CA Forum: General
Bump.  Anyone is welcome to tackle this question.  Please.

Similar Messages

  • Crystal reports LOV cascading prompts row level security not working

    Crystal report LOV cascading prompts with row level security is not woking when the crytal report cache server/page server cache (Oldest On-Demand Data Given To a Client (in minutes)) is turned on. But its working fine when the cache is turned off.
    Using XIR2 environment.
    Appreciate the response.
    Thanks
    Chenthil

    Hi Chen,
    In terms of what could be done on the Crystal Reports end, there is no such controls available.  However, your question may be better answered if it was posted to our Business Objects Enterprise forum. 
    It is at "BusinessObjects Enterprise Administration" section of the forums.
    FYI.

  • Universe row level security workiing in main report but not subreports

    I have a report with a couple of sub reports that are running against a universe with row level security. The security works in the main report but when the sub reports run, the security is missing. The report is running through BOE, CR XI R2. Is there something Im missing...? Being new to BOE...

    Hi Michael,
    I am sure the Sub-report is also based on Universe.
    Try to create query with atleast one object/column coming from table on which row level security is applied in universe.
    Hope this will solve the problem.
    Thanks,
    Sushil

  • What is Row level security in SSAS?

    Hi All,
    What is row level security in SSAS?
    How many ways to provide security to a cube?

    Implement Dynamic Security by Using Row Filters
    Getting Started with Row Level Security
    Andreas Wolter (Blog |
    Twitter)
    MCM - Microsoft Certified Master SQL Server 2008
    MCSM - Microsoft Certified Solutions Master Data Platform, SQL Server 2012
    www.andreas-wolter.com |
    www.SarpedonQualityLab.com

  • Help with implementing Row Level Security in Interactive Reporting

    We're deploying Hyperion BI+ 9.3.1, using Workspace and Interactive Reporting. I'm researching how we can use the Workspace row level security option. I've read what's available for documentation in the Workspace Administrator Guide and the Interactive Reporting Users Guide. I understand the concept of setting up rules with row_level_security.bqy, but I'm confused about where these tables should go and what actually happens when I go to Workspace > Administrator > Row Level Security and turn it on.
    The Administrator's Guide tells me the "properties" are stored in the repository, but the "rules" are in the "data source". Does that mean my BRIOSEC* tables go in the database I'm running my reports from? If so, then what's the data source I'm filling in on Workspace > Administrator > Row Level Security?
    I have many different database connections going to different Oracle and SQL*Plus instances, and I don't want to apply row level security to all of them. How does Workspace tell the difference between them? If I enable rules but create a report from a database that doesn't have rules defined for it, what happens?

    The 3 tables used with the RLS are stored in the same schema as your repository by default.
    The RLS store all the Rules for any database that you are using.
    You define the rules based on the tablename (owner.tablename) and the column name.

  • Row level security in Xcelsius through scheduled reports?

    Hi Experts,
    Our requirement is to implement row level security in Xcelsius dashboards from SAP BW source through Bex queries which would have authorization variables. We have seen that these Bex authorization variables work in Webi reports and security is applied appropriately. But do they work in upto Xcelsius as well, if we use Live Office Parameter binding option? If it does, then do we need to create prompts agian in Webi?
    We have also seen that security is applied if we use the BICS (SAP Netweaver native connectivity) option. However our objective is to schedule as many reports as possible in the dashboard to save on report refresh time at run-time, which is not possible is BICS or QAAWS. Therefore the best option for us would have been if we could apply row level security on scheduled reports.
    Can you please advise on the best approach? Your help is greatly appreciated.
    Thanks,
    Sougata

    Since you are using BEx queries as data sources authorization variables is the only way to apply row level security. This will work fine also for XCelsius dashboards that run in the InfoView (in an SAP logon context eg. when the user uses it's SAP credentials to login into the InfoView) and fetch data on-demand over LO from your WebI reports. Just make sure that the underlying webi reports are set to use SSO.
    If you are using scheduled report instances no row level security is applied depending on the context of the user that started the dashboard. XCelsius will get the data that have been saved in the instances. In this case the row level security has been already applied at the moment the report instance was created BUT for the user who scheduled the reports to run.
    Regards,
    Stratos

  • Crystal Reports - ECC Tables - Row level security on Multiple tables

    Hi Experts,
    We are implementing Crystal Reports directly reporting on ECC Tables.  Lot of information on row-level security has been provided by experts Ingo Hilgefort, Don Williamsand Mike Seblani, but not related to multiple tables or Wild cards
    Requirement:
    Crystal Users should have access to ALL the tables in ECC, but restricted by Company code, plant, Sales Organization, Purchasing Organization fields to what ever table it applies to. Example: MARC table should be restricted by Plant, BSEG table should be restricted by Plant and company code, GLT0 table should be restricted by Company code..etc
    Users should ONLY see their Organization related data.
    Solution Developed:
    1. We created custom authorization object with BUKRS and WERKS
    2. In  /CRYSTAL/RLS  we used Wild Cards *, +  rather than specific table  and referenced the custom authorization object with =BUKRS and =WERKS  in the Field Value
    3. Enabled global lock
    4. Custom Authorization object was added to user-profiles with corresponding restrictions
    *Observation:*
    1. This security works when a crystal report was developed on a ECC table which has both BUKRS and WERKS
    2. This setup DOES NOT work when a crystal report developed on a table with either one of BUKRS or WERKS
        Example: Does not work on MARC table - error message "Database connection error: /CRYSTAL/OSQL_EXECUTE_QUERY Message: field T0~BUKRS" unknown"
       Does not work on GLT0 table - error message "Database connection error: /CRYSTAL/OSQL_EXECUTE_QUERY Message: field T0~WERKS unknown"
    Trouble Shooting:
    In the "where clause" of the internal ABAP code generated for MARC, system is checking for BUKRS - which  should not be the expected result
    ANYTHING WRONG IN THE SECURITY SETUP ? PLEASE ADVICE
    Note: Document "BusinessObjects XI Release 2, Integration Kit for SAP, Installation Guide" does not talk much about this multiple table restriction. Any other document to be referred to ?

    I'm not sure how that would help; by using the Faculty_ID Session Variable I can identify the CRN and Term of all courses a faculty member is teaching. But I don't think that has to do with the problem I am having?

  • Applying row-level security to crystal report instance

    Hi
    we have created crystal reports based on sap r/3 data using open sql driver and imposed row level security and published to BOE.The user when opens report with view on demand can see the data which he is supposed to see.
    Is it possible to schedule a single instance of the crystal report and then all the users access the instance and see the data that they are supposed to see.If not what is the other way out.
    Thanks in advance.
    Kamal

    Hi,
    I didn't try it so far
    but I found this Link:
    http://neverknewthat.wordpress.com/2007/11/06/row-level-security-trick-with-crystal-reports/
    -> create Instance with full authorization
    -> Join CR-Result with Customer-Table: User Authorization
    Max

  • Row level security with session variables, not a best practice?

    Hello,
    We are about to implement row level security in our BI project using OBIEE, and the solution we found most convenient for our requirement was to use session variables with initalization blocks.
    The problem is that this method is listed as a "non best practice" in the Oracle documentation.
    Alternative Security Administration Options - 11g Release 1 (11.1.1)
    (This appendix describes alternative security administration options included for backward compatibility with upgraded systems and are not considered a best practice.)
    Managing Session Variables
    System session variables obtain their values from initialization blocks and are used to authenticate Oracle Business Intelligence users against external sources such as LDAP servers or database tables. Every active BI Server session generates session variables and initializes them. Each session variable instance can be initialized to a different value. For more information about how session variable and initialization blocks are used by Oracle Business Intelligence, see "Using Variables in the Oracle BI Repository" in Oracle Fusion Middleware Metadata Repository Builder's Guide for Oracle Business Intelligence Enterprise Edition.
    How confusing... what is the best practice then?
    Thank you for your help.
    Joao Moreira

    authenticating / authorizing part is take care by weblogic and then USER variable initialized and you may use it for any initblocks for security.
    Init block for authenticating / authorizing and session variables are different, i guess you are mixing both.

  • Urgent: row level security with VPD

    Has any one implemented the row level security in Virtual private database(VPD) for Discoverer.
    Please let me know how well does it work with discoverer and are there any flip sides that one needs to be aware of.
    Thanks

    authenticating / authorizing part is take care by weblogic and then USER variable initialized and you may use it for any initblocks for security.
    Init block for authenticating / authorizing and session variables are different, i guess you are mixing both.

  • Report based row level security

    I have a requirement to have row level security on only one particular report - so a user in the "Accounting" group - when running this report can only see the "Accounting" business unit but not any of the other business units such as "food service" or "training" - however when running any of the other reports - they are able to see all business units. Is there a way to deploy row level security so when a particular report is run that the security filter is applied - and not in all cases?
    thanks very much for your help!

    Kapsnerc,
    One way to solve your problem is to duplicate the column in your rpd and then define security accordingly.
    For this report use the duplicated column and for the rest use the original column to build the report.
    Regards,
    Venkata.
    Edited by: user8000915 on Jun 28, 2010 2:07 PM

  • Row Level Security not working for SAP R/3

    Hi Guys
    We have an environment where the details are as mentioned below:
    1. Crystal Reports are created using Open SQL driver to extract data from SAP R/3 using the SAP Integration Kit.
    2. The SAP roles are imported in Business Objects CMC.
    3. Crystal Reports are published on the Enterprise as well.
    3. Authorization objects are created in SAP R/3 and added as required for the row level security as mentioned in the SAP Installation guide as well. The aim is when the user logs into the Infoview and refreshes the report he should only see data that he is meant to so through the authorization objects.The data security works very much fine when the reports are designed directly on the table but when the reports are built on the Business View it doesnt work hence the user is able to see all data.
    Any help in this issue is greatly appreciated.
    Thanks and Regards
    Kamal

    Hi,
    In order for row level security to work for you using the OpenSql driver, you need to configure the Security Definition Editor on your SAP server.  This is a server side tool which the Integration solution for SAP offers as a transport.
    This tool defined which tables are to be restricted based on authorizations.
    However since you are seeing the issue on reports based on Business Views, you need to identify whether the Business View is configured in such a way where the user refreshing the report is based on the user logging into Infoview.  If the connection to your SAP server is always established with the same user when BV is used then you security definition is pointless.
    You can confirm this by tracing your SAP server to identify what user is being used to logon to SAP to refresh the reports.
    thanks
    Mike

  • How to implement Bursting(Row level security) in Xcelsius

    Hi,
    We are using Xcelsius 2008. We have created xcelsius dashboard using Qaaws but for authentication in qaaws we are suing enterprise authentication and default user.
    Now in my dashboard i have one combo box wich gives data fro diffrent states, now i need to restrict the user to see the state values. I implement the row level security in universe, when i create webi report and view that reprot in infoview, the row level security works. But when i publish the dashboard to infoview the row level security doesn't work.
    We are uisng XO 3.1 with SSO on IIS. So how and what are the diffrent option available to implement the row level security in Xcelsius Dashboard.
    Thanks for the help in advance.
    Thanks,
    Nimesh.

    Nimesh,
    Were you able to implement ? I have a requirement to use the same dashboard for 5 regional users.
    Row level security works.
    combo box intial value is Global , when I login as North America user, combo still shows Global but it will have the value of North America.
    i am curious to know how you implemeted this?
    Thanks
    Pushpa

  • Row level security in BI Publisher

    Hi All ,
    I am using BI publisher for reporting on Siebel system.The issue I am facing is regarding row level security.Even if I am logging with Employee Id, when I generate report ,I have acess to all the information of the other employees.
    e.g. If as a cashier I made some entry , when I generate report on collection made by me, its bringing me all the collections made by other cashiers also.
    I am generating these report from siebel side.I am not sure if we can apply the rowlevel security to BI Publisher.
    Does anyone has used Siebel or EBS with BI Publisher and have row level security ? I am also not sure How to see the reports by loging into BI Publisher .If I am using Siebel or EBS, what is going to be my Data Model or Data Set.
    Can anyone help me on this?
    Thanks!!

    Oracle HRMS has its own security built-in to the schemas. Other modules you will need to customize for your own use.

  • Setting up Row Level Security in EPM 11.1.1.3

    I have been following the Administration guide but failed to setup row level security in EPM 11.1. Please advise which part of my steps are wrong. (note I am using MS SQL Server for the EPM Shared Services and Workspace database, everything under Windows env)
    i) Enable row level security in Workspace.
    Step 1) Define a ODBC Data Source named "EPM_WS" in Windows. The ODBC Data Source points to the MS SQL Server database of EPM Workspace since it contains the 3 tables (BRIOSECG, BRIOSECP, BRIOSECR) related to row-level-security.
    Step 2) Login to workspace, select "Administer"->"Configuration Console". Edit "Interactive Reporting Data Access Services" and add a data source with ODBC->MS SQL Server -> "EPM_WS" as the name of datasource. Restart "Interactive Reporting Data Access Services".
    Step 3) Login to workspace, select "Administer"->"Row Level Security". Check "Enable Row Level Security", Choose ODBC->MS SQL Server-> fill in "EPM_WS" as Data Source Name"-> Provide correct user name and password. Click "Save Properties"
    Step 4) It always prompt "Server error setting the Connectivity. Recommended Action: Logoff and logon again. If problem persists contact your local security administrator."
    Any log I can inspect for the connectivity error?
    ii) Configure Row Level Security setting
    I know that for Hyperion IR, there is a file row_level_security.bqy comes with the installation. User can use this bqy file to configure the actual row level security setting. However, I cannot locate this bqy file in the EPM 11.1 installation. What is the proper step for setting up the row level security configuration?
    thank you very much.

    I have been following the Administration guide but failed to setup row level security in EPM 11.1. Please advise which part of my steps are wrong. (note I am using MS SQL Server for the EPM Shared Services and Workspace database, everything under Windows env)
    i) Enable row level security in Workspace.
    Step 1) Define a ODBC Data Source named "EPM_WS" in Windows. The ODBC Data Source points to the MS SQL Server database of EPM Workspace since it contains the 3 tables (BRIOSECG, BRIOSECP, BRIOSECR) related to row-level-security.
    Step 2) Login to workspace, select "Administer"->"Configuration Console". Edit "Interactive Reporting Data Access Services" and add a data source with ODBC->MS SQL Server -> "EPM_WS" as the name of datasource. Restart "Interactive Reporting Data Access Services".
    Step 3) Login to workspace, select "Administer"->"Row Level Security". Check "Enable Row Level Security", Choose ODBC->MS SQL Server-> fill in "EPM_WS" as Data Source Name"-> Provide correct user name and password. Click "Save Properties"
    Step 4) It always prompt "Server error setting the Connectivity. Recommended Action: Logoff and logon again. If problem persists contact your local security administrator."
    Any log I can inspect for the connectivity error?
    ii) Configure Row Level Security setting
    I know that for Hyperion IR, there is a file row_level_security.bqy comes with the installation. User can use this bqy file to configure the actual row level security setting. However, I cannot locate this bqy file in the EPM 11.1 installation. What is the proper step for setting up the row level security configuration?
    thank you very much.

Maybe you are looking for

  • Debug tables

    Hi Experts, I was debugging and noticed that for structure or internal tables the debug listing of the contents can differ. Sometimes, I see the columns in the rows, which is good as it shows me the data in 1 screen. But other times, for either struc

  • Wrapper classes/ instance variables&methods

    can anyone provide me additional information on the wrapper classes. In addition, could someone please provide an explination of the- instance and class (variables+methods)

  • Error 'Internal Error' with Reader X

    Hi, we got an "Internal Error" by opening PDF Documents wie Adobe Reader X. These Documents works fine with Adobe 9. We deteimined the error remaining on the jpg which is in the document. We created the jpg again an now we could open new documents wi

  • Delete and close gap doesn't

    When I delete a clip the gap does not close.  I held the shift ctrl key down one time and now the ripple effect seems to be off. Michael

  • Analytic Workspace Manager vs Warehouse Builder

    When is it best to use Analytic Workspace Manager over Warehouse Builder to create the OLAP? Please advise.