As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.
Join the TIBCO Community TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.
From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
Request access to the private WebFOCUS User Group (login required) to network with fellow members.
Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.
I'm looking at the Security Manual and scratching my head a bit on this one.
I have a single WF Client with multiple Reporting Servers working with it. Each Reporting Server has security turned on.
When users come in via Dev Studio, they get immediate access to every application on every Reporting Server without being uid/pw challenged. My guess is that the WF Client's proxy ID (required for business processing) is giving everyone with Dev Studio access to everything? I have an ID in the WF Client's IBI_Report_User setting.
Data Migrator appears to respect the login requirement (works directly with the RS) but Dev Studio gets a pass (processes through the client).
How do you guys restrict Dev Studio access to applications within the system?
By the way, two WF Clients on the same CPU -- additional license required, correct? Is anyone out there configured this way?
J.
Posts: 1012 | Location: At the Mast | Registered: May 17, 2007
When the users come in through dev studio, they are using the the uid in in the WF Client's IBI_Report_User setting. So they don't get challenged. That is how we are set up, anyway.
What we do is make certain applications require a different id than that one (on the databases). They simply can't run them unless they put in different credentials.