 |
|||||
|
As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only. Join the TIBCO Community
Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community. | |||||
Read-Only TopicGo | Search | Notify | Tools |
| [CLOSED] Dynamic Security | Login/Join |
| Platinum Member |
Hi, I have a requirement where we need to show only specific procedures in the Portal(Environment tree) based on the user id(Internal and External). They are not willing to create separate folders or set security for each procedures. They have a table which gives the information whether the user is an external or internal user.Is it possible in webFOCUS to restrict the user from seeing certain procedures in any other way. Also there are cases where the user belongs to both external and Internal groups. WF8105M Windows 10This message has been edited. Last edited by: FP Mod Chuck, | ||
|
| Virtuoso |
But this is the "normal" and easiest way to do it user WF8 security model. Another way is to limit the execution of the report based on the retrieved security. But it needs code and the report will still be show in the three list. Something such as to put at the top of each fex -* Create your user access check code based on your access table -* -IF "&the_user Is Not Authorized" THEN GOTO NOACCESS; -EXECUTEREPORT TABLE FILE ... END -GOTO XEND -NOACCESS < Create nice advise for no access > -XEND WF versions : Prod 8.2.04M gen 33, Dev 8.2.04M gen 33, OS : Windows, DB : MSSQL, Outputs : HTML, Excel, PDF In Focus since 2007 | |||
|
| Virtuoso |
Hi Siva! We utilize AD groups to manage users in our company. We've configured our BI environment with LDAP and to authenticate/authorize against the AD listings. Now, for additional custom configuration, we've created a filtering procedure that runs at the Universal Profile level that checks what retail stores each user has assigned to them in a table (much like your table you speak of), it brings in user IDs via the Custom Settings environment variable set up called &IBIMR_user to do that (available to you as well). In the end, every procedure or piece of content in the environment has some global variables available to them that we can use to filter content output with. Hope this gives you some helpful ideas. Good luck! 8.2.02M (production), 8.2.02M (test), Windows 10, all outputs. | |||
|
| Platinum Member |
Hey Martin, I will be using the Environment tree option in the portal.They should not see the procedure which they are not supposed to. Hey CoolGuy, With this you will be ale to restrict the user from seeing the procedure in Environment tree itself. Sorry, I might be a pain but i am so confused here. | |||
|
| Virtuoso |
Siva If you use the ldap (AD) groups to authorize the users to the folders in the environment tree as CoolGuy has suggested they will only see the procedures they are authorized for. It is much better to do it at the ldap group level because as people come and go there is only maintenance done within ldap and WebFOCUS continues to function without any modifications Thank you for using Focal Point! Chuck Wolff - Focal Point Moderator WebFOCUS 7x and 8x, Windows, Linux All output Formats | |||
|
| Virtuoso |
So as we all said : use the WF8 security model WF versions : Prod 8.2.04M gen 33, Dev 8.2.04M gen 33, OS : Windows, DB : MSSQL, Outputs : HTML, Excel, PDF In Focus since 2007 | |||
|
| Virtuoso |
Siva, If you learn and utilize the built-in WebFOCUS 8 security model described in the manual for your needs, that you can find in the online documentation, you'll know enough on how to go about doing what you're looking to do. When you set up folders, you'll want to separate out content based on your requirements into separate folders. External users accessing one folder, while the internal access the other. You also have the ability to hide folders, unpublish, etc. Go through the manual and become familiar with this aspect of user administration. Good luck! 8.2.02M (production), 8.2.02M (test), Windows 10, all outputs. | |||
|
| Virtuoso |
Additionally, despite users accessing content from differing folders, you can then create a fex that runs before actual content runs inside a portal, tied to a portal panel, once you want to create one. Tie this initial fex to the panel, and create a branch flow based on whether the user is internal or external, and -INCLUDE the proper content in for running based on which branch executes. That way the users only see what they are supposed to. 8.2.02M (production), 8.2.02M (test), Windows 10, all outputs. | |||
|
| Powered by Social Strata |
 | Please Wait. Your request is being processed... |
Read-Only TopicCopyright © 1996-2020 Information Builders
| View $GS_USERNAME's Public Profile |
| Add $GS_USERNAME to my Ignore List |
| View Recent Posts by $GS_USERNAME |
| Notify me of New Posts by $GS_USERNAME |