As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.
Join the TIBCO Community TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.
From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
Request access to the private WebFOCUS User Group (login required) to network with fellow members.
Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.
I was curious what other people have done to enforce report level security at report run time when not using MREs in browser based applications. Our current thought is to create database tables that will associate a fex name with a set of users and query this table when a fex is run to enforce security. We are planning to emmbed the IBI app into our owns so I know in the running fex we will have access to the user as well as the name of the fex that is being executed and I have seen examples of returning HTML forms which should allow us to handle the various scenarios. But I am curious if there are ways I have overlooked\not thought of.
Thanks, ManishThis message has been edited. Last edited by: Kerry,
if your entire set up is backend only (from apps, not mre), then let your entire system be accessed via a single main menu page each item on the page is a link to an overall launch page (submenu) for a given app directory you choose to reveal an item in the main menu based on a user's access...via a one-time lookup to that table you mentioned setting up. that works. Use comments, one for each app, turn them all off initially, then read the security file for the user, and set the comments open for whatever access that user has. -SET &cmt_app1 = '-*'; -SET &cmt_app2 = '-*'; ...etc ...then read your security table, discover that user has access only to app number 9, say, -SET &cmt_app9 = ' '; ... now your entire menu page is commented. &cmt_app1.EVAL ...whatever code reveals that app &cmt_app2.EVAL &cmt_.... you get the idea
i apparently have nothing to do at work today
In Focus since 1979///7706m/5 ;wintel 2008/64;OAM security; Oracle db, ///MRE/BID
Posts: 3811 | Location: Manhattan | Registered: October 28, 2003
This is great for showing what links are active to a user!
What about in the case when a user no longer has access to that fex but may have it bookmarked?
Or if somehow someone started to access a fex via HTTP that they should not (ie. that may not necessarily be a report but part of a report).
Also, I was wondering if MREs has the ability to “introspect” a HTML composer page and create the appropriate security constraints? What we want to know is if we have to manage a HTML page and its fex(es) as separate entities or are they treated as a unit. This would avoid situations were a user can access a html page but not the fex that is being called.
If you want to do this without the security mechanisms provided by MRE you have to build it yourself. I have worked with 2 clients, one a utility the other a university, who did this by creating a table to record what reports a user had access to. Based on the user id only the reports that a user had access to would display on a report listing. All reports also were secured internally by including a a call to determine if the user had approved access.
WF 7.7.04, WF 8.0.7, Win7, Win8, Linux, UNIX, Excel, PDF
Posts: 175 | Location: Pomona, NY | Registered: August 06, 2003