cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security of parameters

Former Member

on ‎06-02-2013 5:45 PM

0 Kudos

Hi,

I want to provide a report in a DHTML viewer. This report should filter the data to let the user see only the data he should see.

Therefore I use a record selection formula USER_ID = {?USER_ID}.

This parameter is hidden in the parameter panel and set by the servlet programatically.

However, I am not sure, if this is secure enough because I don't know if a user can manipulate the post-back of the report viewer to change the value of this parameter.

Is this possible, even if the parameter is hidden in the parameter panel?

Should I use a formula instead, which cannot be changed by a user for sure?

Thanks in advance,

rgrill

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

abhilash_kumar
Active Contributor
‎06-03-2013 8:06 AM
0 Kudos

Hi Ruben,

This space is dedicated for CR Design issues.

You may try posting to the SAP Crystal Reports, version for Visual Studio space.

-Abhilash

Show replies
Show replies
Former Member
‎06-03-2013 8:27 AM
0 Kudos

Hi Abhilash,

Thanks for indicating this. I posted this again in SAP Crystal Reports, version for Eclipse.

This discussion can be deleted.

rgrill

Ask a Question