As of December 1, 2020, Focal Point is retired and repurposed as a reference repository. We value the wealth of knowledge that's been shared here over the years. You'll continue to have access to this treasure trove of knowledge, for search purposes only.
Join the TIBCO Community TIBCO Community is a collaborative space for users to share knowledge and support one another in making the best use of TIBCO products and services. There are several TIBCO WebFOCUS resources in the community.
From the Home page, select Predict: WebFOCUS to view articles, questions, and trending articles.
Select Products from the top navigation bar, scroll, and then select the TIBCO WebFOCUS product page to view product overview, articles, and discussions.
Request access to the private WebFOCUS User Group (login required) to network with fellow members.
Former myibi community members should have received an email on 8/3/22 to activate their user accounts to join the community. Check your Spam folder for the email. Please get in touch with us at community@tibco.com for further assistance. Reference the community FAQ to learn more about the community.
I have setup siteminder to do the authentication. For MRE users the authorization part is driven by the authorization process in MRE using groups domains and so on. But today i am facing a problem with all reports that are on the reporting server: When a user has a URL, he just types in Iexplorer and he get the report after he gets autehnticated even if he does not have the rights to it. My question then is : How can limit the access to an application to only an authorized user or group of users.
Thanks a lot.This message has been edited. Last edited by: Kerry,
WebFocus 7.6.5 AND WebLogic server as web server sql2005 as database server
Posts: 273 | Location: Europe | Registered: May 31, 2007
This issue was subject in one of the sessions at the summit this year. You have to setup some things at the application server, but this is not something to be easy explained via this medium I would advice to contact the local support and they should be able to help you.
Frank
prod: WF 7.6.10 platform Windows, databases: msSQL2000, msSQL2005, RMS, Oracle, Sybase,IE7 test: WF 7.6.10 on the same platform and databases,IE7
Posts: 2387 | Location: Amsterdam, the Netherlands | Registered: December 03, 2006
Depending on the number of users you might be able to handle it using DBA security. Clients I have dealt with have also created tables to manage users authorization much as MRE manages authentication and authorization. You'll either have to devise your own or contact IBI Professional Services and have someone come in to give you a hand.
Reporting Server level authorization can be controlled using APP LOCK (TechMemo 4613).
It does this by locking down the APP PATH after all the server profiles have run.
e.g. You can setup the APP PATH using the Reporting Server Profile (edasprof.prf), group profiles (Depending on RS Security) and user profiles. Once the user profile runs, the APP PATH can no longer be changed.
As a result a user who does not have a certain folder in their APP PATH can not access any of the MAS or FEX within that folder.
In environments where people want the rules to be more complicated than simply Reporting Server, group, and user profiles, I've seen people write a "security fex", that sets the APP PATH based on a custom ruleset.
They then include this FEX in the edasprof.prf, or as part of the &_SITE_PROFILE passed from the WebFOCUS Client.