Webi Report viewing security --- _Please_ help

system · January 28, 2009, 7:45pm

Hey All,

We’ve been stuck on this security problem for a couple days, I’ve visited every page on BOB relating to this subject, but am still stuck.

We have row level security setup, so when a user creates a report, they only see the data they should have access to, this works perfectly. The only problem is say a manager creates and runs a report, and then saves the report for his employees, if he forgets to purge the data/enable refresh on open then the data that is saved with the report is viewable to all of his employees, this is a risk we do not want to take.

I’ve tried editing jsp files to force the checkbox to be checked, but BO looks and acts as if I didn’t change a thing (I restarted the server after my changes, and restarted the tomcat service).

I realize we could make it so people can only save to their favorites folder, and if they need a report published they could contact IT, but that isn’t a favorite idea by many either.

There must be a way to enable security upon opening a webi report that ensures people do not see data they shouldn’t be (somehow force a refresh on open?)

Anyone have any ideas?

Thanks

We’re running BO XI 3.0.

beach (BOB member since 2008-10-19)

SebastienGoiffon · January 28, 2009, 10:32pm

I don’t think there is a setting for this … It’s more a functional problem than a technical one.

system · January 29, 2009, 7:04pm

Agreed! Crystal Reports that are based on business views have a concept called “view time security” that would solve this problem. Alas, the same feature is not available with universe-based solutions, including DeskI / WebI. Because “run time security” is your only option, I’m afraid the solution will have to be procedural. Like having everyone (manager or employee) run their own from a purged copy (either interactively or scheduled).

Dwayne Hoffpauir (BOB member since 2002-09-19)