I'm looking at the Security Manual and scratching my head a bit on this one.

I have a single WF Client with multiple Reporting Servers working with it. Each Reporting Server has security turned on.

When users come in via Dev Studio, they get immediate access to every application on every Reporting Server without being uid/pw challenged. My guess is that the WF Client's proxy ID (required for business processing) is giving everyone with Dev Studio access to everything? I have an ID in the WF Client's IBI_Report_User setting.

Data Migrator appears to respect the login requirement (works directly with the RS) but Dev Studio gets a pass (processes through the client).

How do you guys restrict Dev Studio access to applications within the system?

By the way, two WF Clients on the same CPU -- additional license required, correct? Is anyone out there configured this way?

J.

When the users come in through dev studio, they are using the the uid in in the WF Client's IBI_Report_User setting. So they don't get challenged. That is how we are set up, anyway.

What we do is make certain applications require a different id than that one (on the databases). They simply can't run them unless they put in different credentials.