cancel
Showing results for 
Search instead for 
Did you mean: 

Restrictions not working for Row Level Security within sap BO 4.0

Former Member
0 Kudos
742

I have created a profile with some restriction e.g particular user should be able see only one plant from the given report(WEBI Report). And i assigned this profile to given user but it is not working ,user is able to see data for all plants...

Accepted Solutions (1)

Accepted Solutions (1)

former_member182521
Active Contributor
0 Kudos

Hello Nadeem,

Have a look at Security profiles especially Data Security Profile applied at data foundation level.

Below tutorial will give you an overview on security profile..

http://scn.sap.com/docs/DOC-22107

Regards,

Mani

Former Member
0 Kudos

ya i did that and working fine but i need to perform the same in CMC using profiles only,Is it possible in cmc  to restrict user...i have created profile and assigned them  but they are not working....

Former Member
0 Kudos

Hello Nadeem,

Profiles from CMC are used while Publishing, not when refreshing a report.

Quote from the users guide - Profiles (CMC):
"A profile is an object that associates users and groups with personalization values. Profiles are used with Publishing to create personalized content and distribute it to recipients."

I think you need a Security Profile done in IDT:

A data security profile restricts access to specific rows

BR

Answers (1)

Answers (1)

wmarcy
Contributor
0 Kudos

Hi Nadeem,

the answer is explained in the IDT admin guide at page 260/380.

http://help.sap.com/businessobject/product_guides/boexir4/en/xi4sp5_info_design_tool_en.pdf

You've to use "Rows settings". (can be defined for relational universes only).

Use Data Security Profile Rows settings to restrict the rows returned in a query.

You restrict the rows by defining an SQL WHERE clause for a specified table. Once a user is assigned or inherits a profile with a Rows setting, when the user runs a query on the universe, the defined WHERE clause is added to the SQL generated if the table is referenced in the query.

And that's it !

You can also mix rows settings with User Attribute Management in CMC to make your own personnal security based on personnal properties.

Regards,

Former Member
0 Kudos

now i am using  Data Security Profile in IDT to restrict the data(Row Level Security ) and is working fine but i am creating Data Security Profile for each Universe eg i am restrict one user to one plant in purchase and sales by creating two  Security Profile in each sales and purchase universe. Is there is way so that i need to create just One profile otherwise it become cumbersome if i hv to make restrict to many universes with same condition

former_member182521
Active Contributor
0 Kudos

Hi Nadeem,

Data security profile implementation can be done only at the individual universe level and there is no way to implement the same for all or specific set of universes together.

If you want to implement such approach just go for security implementation using external database table and use them in your universe using BOUSER. also try consider using Dynamic Publication for report level personalisation

Former Member
0 Kudos

The instructions seem straightforward. But I have been trying for hours now.. have tried many variations of folders, groups etc.  I just can't get this row restriction to work.

I have gone to most simple case of one table in Universe.  My row restriction has where clause for that table.  I have assigned the restriction to a group, a user, many variations.  Never has the where clause been added to the query. 

Is there some extra setup, or other options or something to turn on in Universe or CMC, or somewhere so that row restriction works?

I have followed numerous tutorials.  Nothing is working for me.

Any ideas?  Much appreciated.