Focal Point Banner
Community Center Education Summit Technical Support User Groups
Let's Get Social!

Facebook Twitter LinkedIn YouTube
Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     DB2 Table and Field Security in WebFOCUS
Go
New
Search
Notify
Tools
Reply
  
DB2 Table and Field Security in WebFOCUS
 Login/Join
 
Gold member
posted
We use WebFOCUS to query our DB2 Tables on our mainframe using an ODBC Connection. We have RACF Security on our mainframe for database access.
We wanted to use the RACF security, but our company did not purchase the module or version which will enable us to do so.

We have WebFOCUS 4.3.6 SP 7 and have an "upgrade" to the new WebFOCUS version 5.2, but have not implemented yet.

Our Marketing/Finance Department has sensitive data, of course, with some users only allowed to view certain customers in a particular DB2 Table.

We need some ideas on how to enact security to:

1. Allow users to only query/view certain tables
2. Allow users to only view certain records of a table (field value level)

Ideas have been thrown around to utilize Intranet Sign-on, WebFOCUS sign-on, etc.

Right now, the immediate problem is if we allowed the access to the Marketing/Payroll files through WebFOCUS, anyone who can create a report would see those databases displayed from the list of databases to create a query from. Nothing is stopping them from selected those tables and do queries against.

If anyone's company has this particular situation, how is it being handled? Are some of the Exits in WebFOCUS being used to control table and field access? Are different servers set up for each department?

I know this is too broad of a subject, but maybe I can get into more detail if I need to.
 
Posts: 57 | Registered: February 24, 2004Reply With QuoteReport This Post
Gold member
posted Hide Post
It looks like the User Guide section: Implementing Data Source Security is what I am looking for.

Has anyone used this approach?

Example, from the Master File:

DBA=JONES76,$
USER=TOM ,ACCESS=RW,$
USER=BILL ,ACCESS=R ,RESTRICT=SEGMENT ,NAME=COMPSEG ,$
USER=JOHN ,ACCESS=R ,RESTRICT=FIELD ,NAME=SALARY ,$
NAME=INCREASE ,$


If there are several tables that would have the same security, is there a way to read in this USER data without adding this to the bottom of each and every Master File? This would be tedious as employees are added or deleted.
 
Posts: 57 | Registered: February 24, 2004Reply With QuoteReport This Post
Member
posted Hide Post
You have two options, you could use DBAFILE, this will allow multiple MFD to share the same DBA rules. The other option would be to use the DBA Exit, with the exit you can choose where the rules are stored and accessed (i.e. a database)
 
Posts: 5 | Registered: May 20, 2003Reply With QuoteReport This Post
  Powered by Social Strata  
 

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     DB2 Table and Field Security in WebFOCUS

Copyright © 1996-2018 Information Builders, leaders in enterprise business intelligence.