Friday 12 August 2016

OBIEE Security -Part 3 - Data Level Security

Data Level Security:
Data Level security controls rights to view data. Row level security is implemented by the BI server on the background automatically allowing users to see data or rows to which they are authorized to.
You can choose to set up row-level security in the repository, or in the database. Implementing row-level security in the repository provides many benefits, including the following:
  • All users share the same database connection pool for better performance
  • All users share cache for better performance
  • You can define and maintain security rules that apply across many federated data sources
Setting up Data Level Security:
  1. A aususer created and assigned BICONSUMER group
  1. Create a User_country table
CREATE TABLE USER_COUNTRY
  ( USERNAME VARCHAR2(20),
COUNTRY VARCHAR2(25)
  )
  1. Insert sample data
insert into user_country(username, country ) values ('WEBLOGIC', 'USA');
insert into user_country(username, country ) values ('USER1', 'IND');
insert into user_country(username, country ) values ('SAMPLEUSER', 'AUS');
insert into user_country(username, country ) values ('AUSUSER', 'AUS');

  1. Create a sample Report Country, Year, Revenue and save “country year revenue report”
Scenario: As per user_security table aususer belongs to AUS country. He should see only Aus data only
Steps to implement data level security:
  1. Create a session variable for user country
  2. Apply data filters
Create a session variable for user country
  1. Open variable manager from rpd
  2. Create a session variable initialization block and give the below details ( see the below screen)
  1. Click ok
Apply data filters:
  1. Open Identity Manager from rpd
  2. Select the application roles tab
  3. Select the BICONSUMER ROLE
  4. Click on Permission
  5. Select the Data Filter tab
  6. Add data filter (see below screen)
  1. Click ok and Save the repository.
Verifying the Data Level Security:
Login to the analytics editor using aususer and open the report
Data Level Security applied on the report and report shows only AUS data
Data Level Security can be applied on BMM layer also
  1. Open the LTS of the table and select Content tab
  1. Apply the filter condition on the where clause section

Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)