Skip to Content

Automatically generate list of User Security for every public folder?

Is it possible to automatically generate a list of the User Security in place for every public folder in a BOBJ environment--and then perhaps dump the list to a text file? The alternative is to manually visit each folder, select User Security, and then transfer the details to a document. When there are many folders, this is a lot of work! Also, regularly generating an automatically generated list would be useful for catching any changes that have been made since the list was last generated.

Add a comment
10|10000 characters needed characters exceeded

Related questions

2 Answers

  • Best Answer
    Posted on Oct 28, 2015 at 04:18 PM


    For this you needs to create the security queries in BO CMC->Query results.

    Same query you can rerun later and can save in the CSV format.

    How to Create a Security Query in the CMC - Business Intelligence (BusinessObjects) - SCN Wiki


    Add a comment
    10|10000 characters needed characters exceeded

    • Thanks for the response. This is helpful ... but seems to be limited to displaying the security from the user and group principal.

      I'm interested in displaying the security from the point of view of the folder principal; i.e., for each folder, what user and group principals have access ... and, for each user and group principal, what is the permission?

      Is that possible?

  • Posted on Oct 28, 2015 at 04:48 PM

    Hi Chris,

    This should be useful for you to export the security as a whole instead of each folder provided you have some SDK expertise. Just give a try and let me know how it goes.

    SeeSec - security detail for XIr2 and XI3



    Add a comment
    10|10000 characters needed characters exceeded

    • You don't mention which version of BO you're using, but from 4.0 SP4 on, the SecurityInfo2 class is exposed in the .NET SDK. So, you could potentially use that to get your information.

      As for Java, you don't have to do it as a .jsp on Tomcat. Most of the Java SDK work that I do are runnable .jar files that have no UI. I've posted below the class that I use for getting the security information about a generic IInfoObject. NOTE: QueryHelper is a class that we've created for managing queries to the CMS.

      import java.util.ArrayList;
      import java.util.HashMap;
      import java.util.Iterator;

      import com.crystaldecisions.sdk.exception.SDKException;
      import com.crystaldecisions.sdk.occa.infostore.IEffectivePrincipal;
      import com.crystaldecisions.sdk.occa.infostore.IEffectivePrincipals;
      import com.crystaldecisions.sdk.occa.infostore.IExplicitPrincipal;
      import com.crystaldecisions.sdk.occa.infostore.IExplicitPrincipals;
      import com.crystaldecisions.sdk.occa.infostore.IInfoObject;
      import com.crystaldecisions.sdk.occa.infostore.ISecurityInfo2;
      import com.dft.boetools.QueryHelper;

      public class baseInfo {
      protected Integer id = -1;
      protected Integer parentId = -1;
      protected String title = "";
      protected String kind = "";
      protected String cuid = "";
      protected ArrayList<SecurityInfo> security = new ArrayList<SecurityInfo>();
      protected boolean hasAdvancedSec = false;
      protected String folder = "";
      protected String parentCuid = "";

      public baseInfo()
      id = -1;
      parentId = -1;
      title = "";
      kind = "";
      cuid = "";

      public baseInfo(IInfoObject iobj) throws SDKException{
      id = iobj.getID();
      parentId = iobj.getParentID();
      title = iobj.getTitle();
      kind = iobj.getKind();
      cuid = iobj.getCUID();
      parentCuid = iobj.getParentCUID();

      protected void loadSecurity(IInfoObject o, HashMap<Integer, AccessLevel> accessLevels, boolean doAdvanced, boolean doEffective, QueryHelper qh) throws SDKException{
      ISecurityInfo2 si2 = o.getSecurityInfo2();
      IExplicitPrincipals ieps = si2.getExplicitPrincipals();
      Iterator<IExplicitPrincipal> expit = ieps.iterator();
      while (expit.hasNext()){
      IExplicitPrincipal iep =;
      if (iep != null){
      SecurityInfo si = new SecurityInfo(iep, accessLevels, doAdvanced, qh);
      hasAdvancedSec = hasAdvancedSec || si.hasAdvancedRights();

      if (doEffective){
      IEffectivePrincipals eps = si2.getEffectivePrincipals();
      Iterator<IEffectivePrincipal> effit = eps.iterator();
      while (effit.hasNext()){
      IEffectivePrincipal ep =;
      if (ep != null){
      SecurityInfo si = new SecurityInfo(ep, accessLevels, doAdvanced, qh);
      hasAdvancedSec = hasAdvancedSec || si.hasAdvancedRights();

      public Integer getId() { return id; }
      public Integer getParentId() { return parentId; }
      public String getTitle() { return title; }
      public String getKind() { return kind; }
      public String getCUID() { return cuid; }
      public ArrayList<SecurityInfo> getSecurity() { return security; }
      public boolean hasAdvancedRights() { return hasAdvancedSec; }
      public String getFolder() { return folder; }
      public String getParentCuid() { return parentCuid; }



Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.