Skip to Content
author's profile photo
Former Member

Restrictions not working for Row Level Security within sap BO 4.0

I have created a profile with some restriction e.g particular user should be able see only one plant from the given report(WEBI Report). And i assigned this profile to given user but it is not working ,user is able to see data for all plants...

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

2 Answers

  • Best Answer
    Posted on Jan 21, 2013 at 06:27 AM

    Hello Nadeem,

    Have a look at Security profiles especially Data Security Profile applied at data foundation level.

    Below tutorial will give you an overview on security profile..

    http://scn.sap.com/docs/DOC-22107

    Regards,

    Mani

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hello Nadeem,

      Profiles from CMC are used while Publishing, not when refreshing a report.

      Quote from the users guide - Profiles (CMC):
      "A profile is an object that associates users and groups with personalization values. Profiles are used with Publishing to create personalized content and distribute it to recipients."

      I think you need a Security Profile done in IDT:

      A data security profile restricts access to specific rows

      BR

  • Posted on Jan 21, 2013 at 09:18 PM

    Hi Nadeem,

    the answer is explained in the IDT admin guide at page 260/380.

    http://help.sap.com/businessobject/product_guides/boexir4/en/xi4sp5_info_design_tool_en.pdf

    You've to use "Rows settings". (can be defined for relational universes only).

    Use Data Security Profile Rows settings to restrict the rows returned in a query.

    You restrict the rows by defining an SQL WHERE clause for a specified table. Once a user is assigned or inherits a profile with a Rows setting, when the user runs a query on the universe, the defined WHERE clause is added to the SQL generated if the table is referenced in the query.

    And that's it !

    You can also mix rows settings with User Attribute Management in CMC to make your own personnal security based on personnal properties.

    Regards,

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      The instructions seem straightforward. But I have been trying for hours now.. have tried many variations of folders, groups etc. I just can't get this row restriction to work.

      I have gone to most simple case of one table in Universe. My row restriction has where clause for that table. I have assigned the restriction to a group, a user, many variations. Never has the where clause been added to the query.

      Is there some extra setup, or other options or something to turn on in Universe or CMC, or somewhere so that row restriction works?

      I have followed numerous tutorials. Nothing is working for me.

      Any ideas? Much appreciated.