Hi Experts,
I have 10 columns in the report. I have a requirement like i need to display Column 1,2,3,4,5 for user-1 and for user-2 i need to display 6,7,8,9,10 and for user-3 i need to display all 10 columns.
Is there any way to implment this. i know about Row level security, but this is the first time i have to implment column level security.
Any idea really Appreciate!
Thanks,
-B-
lovebo 
(BOB member since 2010-10-06)
There is an object level security too. You define the security level for each object and then an access for users which level they will have an access to.
Marfi 
(BOB member since 2006-12-18)
Thanks for your reply!
But in the report level i have to hide the column based on the user. 
Thanks
-B-
lovebo (BOB member since 2010-10-06)
You can’t really hide a column using object level security without it throwing an error to users that don’t have access to said columns.
In a recent project, we actually opted to use Oracle VPD to do column masking, applying a NULL value to a field if a user did not have explicit access.
The short of it is, the database layer may be the most efficient (but longest road) way to apply the column level masking.
V
Eric Vallo 
(BOB member since 2002-08-15)
The easy way (if you don’t mind blank columns) is to use an Alerter.
If the user has rites to the column, then you can show the data. If not you can display something else in the column (a blank, dashes, n/a etc).
If you have 2 or 3 types of users. You can set up 3 tables and have them one on top of the other. Then depending on which User you can hide 2 tables and show the third.
weaver (BOB member since 2008-10-17)
I am pretty sure that if report has e.g. 3 columns: A, B, C and if a specific user doesn’t have access to lets say object A then simply this object will not show up in the data provider and eventually will not be displayed in the report. If it is throwing an error so what would be the purpose of object level security :?
Marfi (BOB member since 2006-12-18)
Object level security prevents it from showing up in the query panel for that user.
If it is already in the micro cube of a report, it will throw an error (at least it did last time we implemented this). The user can continue to use the report, but they do get a message about columns being dropped or something like that.
As far as using Alerts, security by obscurity isn’t necessarily effective unfortunately because a user can just uncheck the alerter. Plus, it’s not based on a role.
V
Eric Vallo (BOB member since 2002-08-15)