Security at the level of the project in the same instance of the Director Disqualification
Anyone know if it is possible to restrict access to specific users to the project level?
We have several administrators/data analysts Disqualification defined, but we want to restrict these users so that individual projects they oversee.
See you soon
Jon
You can set up a project access to the Disqualification, but there are the following restrictions:
1. anyone who has "Add a project" permission is automatically able to see all the projects. This allows to avoid problems with name clashes/accidentally make users do not have access to aware of ongoing projects
2. users cannot have different functional permissions within different projects.
Best practice is to have a super user to set up the necessary projects and their access. Users who have restricted access cannot add their own projects and will only see those that they have permissions for.
Tags: Fusion Middleware
Similar Questions
-
What level of security is the best in the OSI model, which is the application level?
Hello
I'm curious to know what level of the model OSI protects best against pirates, which is the application level?
Thank you
Johan
Hello Johan,.
The OSI networking reference model (ISO 7498 - 1) is designed around seven layers arranged in a stack.
The OSI security reference model architecture (ISO 7498-2) is also designed around seven layers, reflecting a high level of different requirements in the security of the network.
In the OSI model, each layer has its own functionality and according to which it has features of different security as shown below.
Application - authentication
Presentation - access control
Session - non-repudiation
Transport - the integrity of the data
Network - Privacy
Data binding - insurance / availability
Physics - certification / Signature
-
Security at the level of the ADF Page - need help
Hello
Currently, I am looking to secure my adf application. The taskflow Unbounded (adfc-config. XML) in my application is as follows
Application is shared with several customers. The homepage of a customer's A.jsp and other D.jsp. The reason is that there are several pages are shared by them. for example. B.JSP and C.jsp
The distinication between two clients's context path. Context path is different to one another. Context for client 1 path is ctx_path1 and for client 2 is ctx_path2.
Since all the page mapping is adfc-config.xml file, when client 2 is being access to the application context path ctx_path2 help and the D.jsp homepage, after if there change the url to A.jsp (ctx_path2/A.jsp), it could reach A.jsp and then B.jsp so on. Client 2 is then able to access the application customer1 and vice versa by changing the URL.
Note: There is correspondence of the page between either B.jsp and F.jsp C.jsp to E.jsp or C.jsp to G.jsp E.jsp to B.jsp so on.
Now, I want to add security to the level of the page Let's say A.jsp, when a customer access request 2 using context path (say ctx_path2)... / ctx_path2/D.jsp, although if he change the URL in... / ctx_path2/A.jsp, the safety of the adf must block access to A.jsp (client application 1.)
Please let me know the solution for the problem above mentioned above.Version Note: ADF - 11.1.1.6.0
Thank you
ASIS
If you enable ADF security and have Customer1 and Customer2 associated with different Application roles, you can set a level for each page role permission, provided that each page has a definition of page each. This will automatically solve your problem of "access if URL.
In addition, when you need to show/hide the navigation links based on the permissions of the user, you can use the visible property:
-
People,
Hello. I implement 9.0 Solution on a University Campus. I faced a problem as below:
Navigator:
Campus community
-Personal Information (student)
-Add/update a person > Search EMPLIDI can enter new information of a person in the system and save successfully. All the information of the people returned to the level of the SQL database > successfully. But in the browser, click on "Search", it returns "no corresponding value found.
I followed the tutorial http://peoplesoftconcept.blogspot.com/2014/03/row-level-security-views-as-search.html review of research PEOPLE_SRCH (view) for the SCC_BIO_DEMO component. GBL step by step as below:
Step 1:
Check them that whitelists has been entrusted to the PS of the user on the user profile page below:
Navigator PeopleTools > Security > (PS) user profile > general page
There are 4 predefined whitelists:
Browser home page: HCSPNAVHP
Profile of the process: HCSPPRFL
Elementary school: HCPPALL
Rank of security: HCDPALLStep 2:
Check security game and the Type of security access to the list of security permissions line HCDPALL as below:Navigator SetUp HRMS > Security > security level line Core > secure by the permissions list
Whitelist: HCDPALL
Security set: PPLOI (Description: unemployed people)
Type of security access: 009
Key 1: 00000-00007, 00008, 00009, 00010SQL > Select CLASSID, SCRTY_SET_CD, SCRTY_TYPE_CD, SCRTY_KEY1 from USER.PS_SJT_CLASS_ALL where CLASSID = "HCDPALL";
His output: 42 selected lines. Type of security access 00009 has 5 ranks as below:
HCDPALL PPLPOI 00000-00009
HCDPALL PPLPOI 00009 00007
HCDPALL PPLPOI 00009-00008
HCDPALL PPLPOI 00009 00009
HCDPALL PPLPOI 00009 00010Step 3:
Check if these types of security and the security of key1 access access EMPLID.SQL > select EMPLID in user.PS_SJT_PERSON where SCRTY_TYPE_CD = '009 ' AND SCRTY_KEY1 = ' 00000';
Its output:
0075
0076
SQL > select EMPLID in user.PS_SJT_PERSON where SCRTY_TYPE_CD = '009 ' AND SCRTY_KEY1 = ' 00009';
Its output:
0064
0065
0066
...There is no selected line for SCRTY_KEY1 '00007', '00008', "00010".
The above output means Permission list HCDPALL, set of security PPLPOI security type 00009 and security access key1 00000, 00009 to have access to all of the EMPLIDs. Thus, the outputs above must return in the browser browser:
Campus community
-Personal Information (student)
-Add/update a person > Search "EMPLID.The problem is that the output above does not return in the browser browser:
Campus community
-Personal Information (student)
-Add/update a person > Search "EMPLID.I see no error to find record PEOPLE_SRCH (view) running the process. I can't understand why the output does not return in the browser "Find" EMPLID.
My question is:
Is that what you would you please run the 3 steps above in your machine and to understand why the output does not return in the browser "Find" EMPLID?
Thanks in advance.People,
Hello. The problem is solved by myself.
The thing is that we can get the information of a person into the system and return it as a person. But if we want to return as a student, the person needs to have registration and registration information. If the person is not admitted or not save you no matter what class, may not be back as a student.
Thank you.
-
What is the fastest way to convert navigation app 1-level 2-level once a project has already been established?
You cannot change a project to change this setting. You will need to create a new project.
-
A group of users with more than security at the level of line!
I have a users group and with morethah, how to control the security level line in Inractive report data?
For example.
user1 to access the line 1.5 < br >
user2 to access the line < br > 1,9,6
the util_3 to access the line 7 < br >
UserX See all tier 1 ~ 100000
I try to appy security at the level of the table, its not feasible!
Thank youselect doc_name ,create_by from doc_table where create_by=:APP_USER
RAMThis request a link with another thread and reached the requirement.
-
Security at the level of the object by creating groups of catalog in OBIEE - 10 G
Hi all
I have a requirement to display the dashboard based on the user login. Ex. Mike belongs to HR, Smith to accounts
When Mike connects, he should see only these three dashboards. View of CF, commune data1, data2 common. When Smith connects, he should see only these three dashboards. Display accounts, common data1, commondata2.
Commondata1 and commondata2 dashboards has joint reports for all departments. Other dashboards is particular department with all the different reports. How can I implement this?
One of my previous posts, I was told to do by using the object-level security by creating groups of catalog. Can you please provide me with instructions to end-to-end on creating object groups of catalog-based security level.
Thanks for your time and your help.Hello
Mike to HR
Smit - accountYes, groups reach you by security at the object level by creating catalog
(1) create a catalog group and users partially RPD (Ex: Account_grp, HR_grp)
(2) assign user to this particular group (say Ex: Account_grp = Smith and HR_grp = Mike)(3) login (username Admin) dashboard and---> gale dashboard page layout--> add users to this particular
Dashboard users and save it then
try to connect to the user mike and smith, it will workyou see link below
http://www.rittmanmead.com/2010/01/OBIEE-10G-Web-catalog-best-practices/
http://www.rittmanmead.com/2007/05/OBIEE-and-row-level-security/
Thank you
Deva
-
How to clear the Dimension and security at the level of the members which is already applied?
Hello
Below the question about safety in the 11.1.2.0 version.
I wanted to know if there was a way to clear the dimension and Member specific security level that has been applied to a specific user or a group by using a SecFile.
Is there a command that we could use to erase this title in particular and not security on the whole?
Also, is there a way to clean up the security directly from shared Services?
I know that SL_CLEARALL clears all the security.
Please let me know your opinion on this.Change the secfile to include only the users/groups that you want to delete, and use the SL_CLEARALL safety switch.
-
Level of security for the dashboard pages.
Hi all
I have a question. I want to apply security to the level of the data to the data in dashboard pages.
All the answers.
Thank you sunny.Hello
Can do this by using the section level security.
Place the x, y in a section and z report in the other section. Now apply security at the level of the article accordingly.Awarded points if the answer.
Kind regards
Srikanth -
Security at the level of the @Dashboard DAT files
Hello
I would like to make a few clarifications for below
(1) we can implement security to the level given in the dashboard? If yes how to do this in the dashboard.
(2) I want to divide into 4 equal parts dash? Thanks for giving an idea
(3) in the case of need, we will use 2 LTS as a Dimension table?
If anyone knows pls give an idea.Hi RamOBI,
Just as an info, it makes it easier for others who will help you if you keep a question to each thread. Right now, you have three questions. Here is my answer to that shown in your topic of the thread.
1. you implement security at the level of data in the repository file (SPR). Build you a domain with the level of data security and use this material to build your dashboard with the level of data security. Here is a site that will guide you through the level of data security. http://www.rittmanmead.com/2007/05/13/OBIEE-and-row-level-security/
If you post other issues into their own net, I'll be more than willing to give you feedback.
Let me know if it helps.
Best regards
-Joe
-
Security at the level of the dimensions
I just want to confirm that it is not something that I'm missing
If I have a dimension for example 'account '. Under account it has 8 members (assets, liabilities, expenses, revenue... etc.)
I want to put "some" users, certainly not 'all', to have access to all members in 'account '.
Option 1) create a new Member above these 8 members who is "All accounts", which wraps on 'account '.
Option 2) Create security for each of these 8 members by user so that they have each other. Even with batch processing, loading is boring
....
(Option 3)?
First 2 options would work of course but I would fix rather just security Member 'account' which does not seem possible. Secrets out there?MattRollings wrote:
Create a shared services group.
Add users to the group.
Add the group to have access to a higher level of accounts with Idescendants.
Refresh securityI don't think you read the question correctly, you cannot set security at the origin of a dimension in planning.
See you soon
John
http://John-Goodwin.blogspot.com/ -
The issue of security at the object level.
Hello
I am facing a problem in the application of security at the level of the object in OLIVIER.
I did the LDAP authentication successfully.
At the level of the object, I want to give permission to the user currently connected to a general ledger dashboard page.
In this regard, I added the corresponding group the user connected through 'Manage privilège' and given access to dashboards.
After doing this I get following error in my report, but when I'll loggin to the same user.
"Odbc driver returned an error (SQLExecDirectW).
Error details
Error codes: OPR4ONWY:U9IM8TAC:OI2DL65P:OI2DL65P
State: HY000. Code: 10058. [NQODBC] [SQL_STATE: HY000] [nQSError: 10058] A general error occurred. [nQSError: 27004] Unresolved table: 'financial services - GL balance sheet '. (HY000)
Publ. SQL: {call NQSGetQueryColumnInfo ("SELECT" Profit Center"." Business unit name 'book.' Ledger name"time. "" Fiscal quarter ", time. (» Exercice"DE"Financials-GL-bilan"')}
SQL issued: SELECT "Profit Center". "Unit name"book. "" Book name "time. "" Fiscal quarter ", time. «' Exercise ' OF ' Financials - GL-balance»
"
Please suggest me where else I need to do any setting.Hello
It seems that the user doesn't have access to the presentation/column of table, check and see if the Group has access.
See: http://obiee-tips.blogspot.com/2009/09/obiee-security.html
Kind regards
Matt
-
How to implement security at the level of data
How to implement security at the level of data in BI Publihser? I use Obiee enterprise edition and publihser bi. My requirement is to show the data based on the user relation ship - region.
He belongs to the eastern region
B - the user belongs to the region of the South
so if the user has opened a session it must see only the region Eastern report. If user B is connected it should see only the southern region. I use direct sql to my database of oralce as data source.
I appriciate your helpHello
You can use *: xdo_user_name * in your query.
concerning
Rainer -
I document for which the security of the document does not allow me to assemble documents, copy of content, page extraction, form filling, signature & creating the model. Buy adobe acrobat won't solve all?
The result is that Adobe does not provide any software to defeat the security of a PDF file. If the creator of the PDF file set to this level of security, intentionally or not, that's what it is! The solution to your problem is to go to the creator of the document and ask the password or an unprotected PDF file version.
-Dov
-
Hi all
We have a SignIn page in our application for the authentication of the user and all components. In the ADF - config.xml, I have the following Setup
authorizationEnforce = "false" authenticationRequire = "true".
but I was redirected to the main home page (the page will be sent after a successful authentication) without any authentication. Although I put authenticationRequire = 'true '.
However, if I set the URL scheme as ' / ' in the security constraint. It opens the SignIn page. However, the images were not properly?
When the ADF security is enabled, i.e. when the two indicators of authentication/authorization in afc - config.xml are enabled, it works correctly.
Please help us.Hello
However, if I set the URL scheme as ' / ' in the security constraint. It opens the SignIn page.
That's what the assistants of ADF Security adds by default when you select authentication only because there is no authorization, leading to a delayed authentication
However, the images were not properly?
This is because "/" protects all files under the root of Java EE. To change this, change the constraint "/" for authentication *.jspx (or *.jsp If you are using this as a file extension). In this case the images are excluded from security
(Note that it is not here ADF security, but the security of web applications in Java EE)
When the ADF security is enabled, i.e. when the two indicators of authentication/authorization in afc - config.xml are enabled, it works correctly.
This is because the permission is not applied on the level of path (your path of the application root) context Java EE
Frank
Maybe you are looking for
-
Is it easy to change HARD SSD drive on Acer TravelMate P246-M - 53T 2 14 "Laptop?
Interested by Acer TravelMate P246-M - 53T 2 14 "Lpatop and that you want to upgrade to an SSD, it is simple to swap the disks or the hard drive built into the Board of Directors? Any information on this would be appreciated. Thank you
-
I have a hp 4620 all in one. Lately when I print documents mainly bank statements or credit cards that the page will get out more with text blacked out. What is going on? He has never done this before that I'm now using windows 10. If I print somethi
-
Question about Visual Basic 6 programming
Coding iproblem. I type thr suite depc fpr the object: Private Sub cmdNme_Click() When I hit the Enter key or arrow down the first 12 characters of erasure. The cursor appears on the next line. I am not able to code a program. Thi s problem occurred
-
package installer error 1720 problem window
Downloaded the Windows install 4.5 for my system tells me not the correct update.try to automatically update a tax programdownloaded update manually and still does not (installation)Get the error code 1720.problem with window installation package.rea
-
Problem passing traffic through the VPN tunnel
With well over 150 VPN lan-to-lan tunnels configured, I can usually get tunnels upward. However, this one is stumping me, unless the ISP is to give false information. Using a router Cisco 871 on-site a Cisco 3005 concentrator in my data center, I hav