Hi all,

I have installed PTH security on my webfocus server to protect metadata to be changed by anauthenticated users(non-administrator) but I can still see list of application folder and metadata files visible on User's Dev Studio from where they can make changes to metadata files. This is not desirable.

Can somebody please suggest?

This message has been edited. Last edited by: Kerry,

If you want DevStudio users to use the metadata (and you do, otherwise reports will not be created against that metadata), you have to grant them at least read access to the files. Changing the security on your server does not really change that requirement.
The only thing you can do I guess, is to set the metadata properties to read-only by using the file system security tools available.

If you want to lock down meta-data it is advisable to not use PTH security.

PTH security is only security on the Reporting Server webconsole. It does not do any other type of authentication for regular report requests.

If you are looking for users not to be prompted for credentials there are other ways of achieving this.

e.g. Trusted connection from the Reporting Server.

When the Reporting Server is properly secured you have the option of using APP LOCK to restrict the viewing of metadata for a user.

For more information about APP LOCK, please see:
http://documentation.informati...pdf_wf_71/TM4613.pdf

I am not positive this is referenced in the Techmemo, but you will also want to go to:

WF Admin Console -> Configuration -> General and set WF_proj_list_from wfrs.

This will make it so that the project list is also restricted by APP LOCK if you're using APP LOCK.

This message has been edited. Last edited by: dlogan,