Focal Point Banner


As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.

Join the TIBCO Community
TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.

  • From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
  • Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
  • Request access to the private WebFOCUS User Group (login required) to network with fellow members.

Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.



Read-Only Read-Only Topic
Go
Search
Notify
Tools
access issue
 Login/Join
 
Gold member
posted
Hi,

I am developing self service applications with a simple hmtl page as the front end. The problem is how do we limit the access to the report. I do not want everyone to see all the reports that are out there on the web. How can we limit access specific to the report?
Any ideas?

Thanks
 
Posts: 76 | Registered: October 28, 2003Report This Post
<monte2000>
posted
Hi RB.

Do you know about WebFOCUS Managed Reporting? WebFOCUS Managed Reporting allows you to provide your end users with robust ad hoc reporting and analysis capabilities and personalized views of corporate information while maintaining a secure and cohesive environment.

WebFOCUS can also be integrated and synchronized with custom security systems, as well as any standard Web or database security system for single-user logon capabilities.

Here is a link to more information on WebFOCUS Managed Reporting.

If you are not interested in Managed Reporting, you would have to build your own security infrastructure.

Hope this helps.
 
Report This Post
<WFUser>
posted
When you're working with a self service application, you're basically on your own when it comes to security. In the past, I have done the following and it works very well.

1) Set up a small file or table that keeps track of what user ids have access to what.
2) Dynamically create a menu for the user upon login.
3) Create a simple fex that check the current user has access to the fex that is running. If not, exit out to a -HTMLFORM page. This is to insure that a user is not running a report that is not on their menu.
4) -INCLUDE that fex into each of your reports.
 
Report This Post
Expert
posted Hide Post
simplest way: your launch page has a password as one of its fields.
The fex checks that password.
make sure your fex has -SET &ECHO = OFF ;
so that casual passersby cant crack open the results page (view source) to see the pw.
Not bullet proof, but so so simple.

next way: if you use MSFrontPage, its easy to set up a database of users; either MSAccess or a flat file; Or use a focus file;
you can build a site home page with a userlogin, check that userlogin against your db either with VBscript (if MSAccess or flat)
or with focus against any file;
If the user passes the id check, then launch your site's portal page.
 
Posts: 3811 | Location: Manhattan | Registered: October 28, 2003Report This Post
Platinum Member
posted Hide Post
I completely agree with WFUser.

Regards,
Mikel
 
Posts: 173 | Location: Madrid, Spain | Registered: May 09, 2003Report This Post
Gold member
posted Hide Post
Yes, I do not want to use MRE.
WFUSER's way of doing it is good.

Thank you.
 
Posts: 76 | Registered: October 28, 2003Report This Post
<pranasH>
posted
Doc.CD:MasterIndex->Contents->Supplementary Doc.->Security and Admin.->Custom Security exits->WebFOCUS Servlet Callable Exits (or CGI Frowner )

You'd need writing some small program to retriewe user ID from http session (simplified example for Servlet API provided in doc.) and perform lookup in some repository in order to get security &GROUP,$IBIC_user etc. Actual authentication may be performed by Application Server.
Perform -IF WHERE etc. with derived data.
Nice, isn't it?


Pranas
 
Report This Post
  Powered by Social Strata  

Read-Only Read-Only Topic


Copyright © 1996-2020 Information Builders