As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.
Join the TIBCO Community TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.
From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
Request access to the private WebFOCUS User Group (login required) to network with fellow members.
Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.
I am looking forward to restrict users from accessing application under EDASERVE so that they are not able to change the metadata files lying in the application folders. They have been given access to their domains in MRE. They should stick to their perticular domain, should not be allowed to play with the metadata or common files lying on EDASERVE. Can somebody point me to a reference link of documentation or technique which could make this possible.
Regards, DeepakThis message has been edited. Last edited by: Kerry,
Regards,
Deepak WebFOCUS 7.6.11 Redhat Linux 5.5 Excel, pdf, HTML
There are two features which are helpful in controlling access to application folders and their content. APPLOCK will restrict the user to certain folders and &&APP_PERMIT restricts read/write to application folders. Technical Memos TM4523 and TM4613 respectively explain the features and how to configure. Ginny's suggestion is also appropriate, using the operating system file permissions. To leverage file permissions, the WebFOCUS Reporting Server must be running with an Access Mode of OPSYS.
You stated that you were using MRE, look at the WebFOCUS Managed Reporting Administrator's Manual. The very nature of MRE prohibits a user from editing metadata. However, what Ginny and Ron recommended can also be used.
Rhonda
WebFOCUS & ReportCaster 8.1.05, 7.7.03 - AIX/LINUX, FOCUS 7.6.13 MVS, Output PDF, XLS-XLSX, DOCX and HTML
Posts: 146 | Location: Atlanta, GA | Registered: May 31, 2007
Thanks Everybody for your valuable suggestions. Ginny, our webfocus instance is installed on AIX 5.3. Restricting the write access using operating permission, will it disallow users connecting through Developer Studio not to change the files?
Ron, Can you please give me reference to TM4523 & TM4613? My reporting server is running with PTH security. But users are still exposed to metadata from developer studio. And my intention is to restrict them do to so.
Regards, Deepak Webfocus 7.1.4, unix AIX 5.3.
Regards,
Deepak WebFOCUS 7.6.11 Redhat Linux 5.5 Excel, pdf, HTML
Yes, it will depending on where the restrictions are. Remember on UNIX, there are 3 levels of permissions, owner, group, and world. Maybe you can do something with the group permissions.
As an added thought, depending on what kind of metadata you have, i.e. relational, fixed, etc., for the former I really don't recommend changing those by hand but rather using the web console to re-generate the masters.
Another thought is actually using the web console instead of DS to do MFD maintenance. I don't know what your shop is like and whether you have a small group of developers, but you can assign different security roles for the web console which allow certain people, like Application Managers, to modify metadata. Basic users cannot. Check out the Server Administration Guide for UNIX platforms to get details.