Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Obiee security
1. DATA/Object/Column Level Security in OBIEE
Authorization can be done in two ways
Object Level Security: In this we can restrict dashboards, pages, sections, tables
Data Level Security: Here we can restrict access to values in columns
Column Level Security: Giving access to certain columns in a table.
Here we are have three users: duser1, vuser1
Groups for which the users belong to
duser1 - Disney
vuser1 - Verizon
These groups are created in repository under Manage -> Security -> Groups
Object & Data level security for Disney group:
When duser1 logs in and be belongs to Disney group who can view only Financial Dashboard (Object Level
Security) and data in the Column, based on the access given to him (Data Level Security). He can view only
few clients (Brand 1), restricting data in Client Column.
Fig 1: Restricting data from GROUP Level
Object Level Security
1. Dashboard/Page/Section Level Security
Create these groups in Answers.
Admin -> Manage Presentation Catalog Groups and Users -> Create new catalog group
Give permissions to dashboards for each group as per requirement. (Object Level)
Restricting the groups to a dashboard
Settings ->Administration -> Manage Interactive Dashboards -> Click on Dashboard permissions
2. After clicking on permissions tab then assign the respective group to your dashboard
When a Duser1 logs in he will only see the Financial Dashboard
Column Level Security
In the presentation layer of repository we need to restrict tables and columns for those groups
Double click on the table -> Permissions Tab -> General
Check show all user/groups and put an X by Read. Now the user under that group cannot view that table in
answers.
3. We have a subject area called Sample Sales Reduced. In this we restricted Other Dimensions table. When
Duser1 logs in, he can't see table from presentation view /answers. In the below picture we can see Other
Dimensions table in the Presentation Layer of repository but it’s not present in Answers. In the same way I
restricted the particular column in a table to this user. Here we restricted No of customer, employees, orders
these three columns from Fact Others table for this users. When the users logins he can't view those columns,
but he can see those columns in repository. In the below picture we can see Facts Others with different
Columns in Answers and Repository.
NOTE:
If a report is created using a column which has access to one user and no access to other user, then the user who don't have the access cannot view
report they will get ERROR to avoid the error message you change the NQSCONFIG.INI file
PROJECT_INACCESSIBLE_COLUMN_AS_NULL = NO, under security in NQSCONFIG.INI change it to YES
so that he can view the report properly without that column.