Hi ,
I am trying to set up object level security on few objects in the universe,

the criteria looking for is
1.These objects should not be visible for adhoc reporting to users
2.if any of these objects are already there in any canned reports,
they should run fine and display no data, when accessed by the restricted group.

we are in 4.0 sp 2.18

The path i followed is
set those objects to controlled access level in the universe and gave that group public access at universe security level in cmc,
so when ever i ran the report its giving me error .

so can some one point out where i am doing wrong , or point to me some article which will help me in resolving this.

Thanks for your help,
Putty

boputty (BOB member since 2007-05-19)

If I were you and if you are using oracle as your data source I would definately look into Virtual private Database (VPD) functionality of oracle instead of using the universe way of restricting objects.

Why you might ask? Because VPD offers:

• Simplicity
• Transparency (to any frontend tool, no setup required in the universe)
• Consistency (since you are securing your data source, not one of many universes)
• Security (even if you could manipulate the SQL code, VPD still gets you)

Andreas (BOB member since 2002-06-20)