Focal Point Banner


As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.

Join the TIBCO Community
TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.

  • From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
  • Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
  • Request access to the private WebFOCUS User Group (login required) to network with fellow members.

Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.


Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [CLOSED] Self Service application security

Read-Only Read-Only Topic
Go
Search
Notify
Tools
[CLOSED] Self Service application security
 Login/Join
 
Guru
posted
Hi,

I have setup siteminder to do the authentication.
For MRE users the authorization part is driven by the authorization process in MRE using groups domains and so on.
But today i am facing a problem with all reports that are on the reporting server:
When a user has a URL, he just types in Iexplorer and he get the report after he gets autehnticated even if he does not have the rights to it.
My question then is :
How can limit the access to an application to only an authorized user or group of users.

Thanks a lot.

This message has been edited. Last edited by: Kerry,


WebFocus 7.6.5
AND WebLogic server as web server
sql2005 as database server
 
Posts: 273 | Location: Europe | Registered: May 31, 2007Report This Post
Virtuoso
posted Hide Post
Majid

This issue was subject in one of the sessions at the summit this year.
You have to setup some things at the application server, but this is not something to be easy explained via this medium
I would advice to contact the local support and they should be able to help you.




Frank

prod: WF 7.6.10 platform Windows,
databases: msSQL2000, msSQL2005, RMS, Oracle, Sybase,IE7
test: WF 7.6.10 on the same platform and databases,IE7

 
Posts: 2387 | Location: Amsterdam, the Netherlands | Registered: December 03, 2006Report This Post
Expert
posted Hide Post
I think that you will have to keep track of the user and check each time they run a report.


Waz...

Prod:WebFOCUS 7.6.10/8.1.04Upgrade:WebFOCUS 8.2.07OS:LinuxOutputs:HTML, PDF, Excel, PPT
In Focus since 1984
Pity the lost knowledge of an old programmer!

 
Posts: 6347 | Location: 33°49'23.0"S, 151°11'41.0"E | Registered: October 31, 2006Report This Post
Gold member
posted Hide Post
Depending on the number of users you might be able to handle it using DBA security. Clients I have dealt with have also created tables to manage users authorization much as MRE manages authentication and authorization. You'll either have to devise your own or contact IBI Professional Services and have someone come in to give you a hand.


WF 7703M, XP/Win7, MRE, RC, BID, PMF, HTML, PDF, Excel 2000/7/10
 
Posts: 73 | Location: NY | Registered: February 06, 2007Report This Post
Guru
posted Hide Post
Hi,

Thanks to all of you for your suggestion. I will try to contact the support.

Regards.


WebFocus 7.6.5
AND WebLogic server as web server
sql2005 as database server
 
Posts: 273 | Location: Europe | Registered: May 31, 2007Report This Post
Platinum Member
posted Hide Post
Reporting Server level authorization can be controlled using APP LOCK (TechMemo 4613).

It does this by locking down the APP PATH after all the server profiles have run.

e.g. You can setup the APP PATH using the Reporting Server Profile (edasprof.prf), group profiles (Depending on RS Security) and user profiles. Once the user profile runs, the APP PATH can no longer be changed.

As a result a user who does not have a certain folder in their APP PATH can not access any of the MAS or FEX within that folder.

In environments where people want the rules to be more complicated than simply Reporting Server, group, and user profiles, I've seen people write a "security fex", that sets the APP PATH based on a custom ruleset.

They then include this FEX in the edasprof.prf, or as part of the &_SITE_PROFILE passed from the WebFOCUS Client.

Thanks,
Doug Logan
 
Posts: 203 | Registered: November 19, 2007Report This Post
  Powered by Social Strata  

Read-Only Read-Only Topic

Focal Point    Focal Point Forums  Hop To Forum Categories  WebFOCUS/FOCUS Forum on Focal Point     [CLOSED] Self Service application security

Copyright © 1996-2020 Information Builders