on 09-18-2008 7:52 AM
Hello guys,
I am facing a problem in BI 7.0 authorization checks.
For a given report the BI team has placed a restriction in the query only for infoObject 0Comp_code (company code) and 0SOLD_TO (sold to party). Accordingly i have created authorization in RSECADMIN and assigned to role--> user.
But when the user runs the report, he gets as authorization error and during analysis in RSECADMIN i see that "list of Authorization relevant charecteristics(infoObjects) for info provider xxxx" contain other infoObjects as well.
Is it a case where infoObjects can be made authorization relevant for the whole info provider eg-ZSD_M42" (where this is a multi provider)apart from being checked for specific reports eg- ZSD_M42_Q0001?
How do i get around this problem?
Regards,
Prashant
Make sure that your AA Object contains all the authorization relevant characteristics of the infoprovider on which the query is ran. Since BI follows All or None principle.
Just to give it a try, add the missing auth relevant characteristics with value * and try to run the query.
Regards,
Zaheer
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
So, Zaheer, does this mean that authorization relevant charecteristics are marked on the info provider as a whole.
This would mean that for query reports which run for a given info provider will need to have authorization for an infoObject even though it is not relevant to that particular Query report.
Is there no work around?
Regards
Prashant
Yes, you got it right. And depending on your requirements you can restrict the auth relevant characteristics.
So, when a query is fired at a infoprovider, a check is performed for all the auth relevant characteristics of that infoprovider with what user has (via AA Objects). If user lacks any of it, a authorization error is generated.
So you need to make sure that all auth relevant characteristics of infoproviders on which query is fired are included in AA object for query to run sucessfully
Regards,
Zaheer
Hi Prashanth,
What Zaheer said was exactly correct.Make sure all the Auth relevant Chaaracteristics of an Infoprovider are properly authorized through your Analysis Authorization.Suppose if you don't need security on other Characteristics of an InfoProvider give * in your AA which will byepass check on that particular Auth relevant Characteristics..
More over,See to that all the key figures are properly authorized as all the keyfigures are by default auth relevant in BI.
Cheers,,
Ramkumar C
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
6 | |
6 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.