cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to prompt for database credentials for Universe during run-time?

Go to solution
Former Member

on ‎04-05-2010 7:39 PM

0 Kudos

Greetings,

We are using BO 3.1 SP2 with databases on Oracle 10g.

We are working on upgrading to Oracle 11gR2 and enable end-to-end SSO to oracle using kerberos and active directory but that is a few month down the line. Right now we use Oracle credentials to log-in to the database.

We have for strict data security policies. We have huge amounts of confidential data that only specific users can view.

We require that users of universes are prompted for their database credentials during run-time when using web intelligence.

How can we do that?

Note: Generic database credentials or service accounts are not an option.

We are trying to promote WEBI to our wide user base and this is a major obstacle for us.

Thank you for your help.

Regards,

Hassan

Show replies
Show replies
anisha_sampangi
Member
‎11-17-2020 7:55 PM
0 Kudos

Was this resolved? If so, could you please share the solution implemented?

Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎04-05-2010 8:45 PM
0 Kudos

When you create the connection in Designer to create the Universe, you can either use generic userid and password or has an option to pass the credentials of the user who logged on to Business Objects InvoView/DeskI/etc. If you use the second option query will be executed with the credentails of the user at the database. This way, if the security is defined at the database level, you will see the data what they are suppose to see.

Show replies
Show replies
Former Member
‎04-05-2010 8:54 PM
0 Kudos

Thanks Sreedhar for your prompt response.

When I create the connection I only have three options:

1. Specific User ID and password.

2. credential Mapping. (Not practical since we have many users).

3. SSO (not yet configured).

I can't see the option you specified. is there some setting that I can configure to enable this option?

Former Member
‎04-05-2010 9:50 PM
0 Kudos

2) Use Business Objects Credentials mapping.

If you select this, automatically username and password will be greyed out. User must have the same credentials as Business Objects.

It really doesn't matter how many users are there. All users must be defined at the backend with appropriate rights.

Former Member
‎04-06-2010 8:41 AM
0 Kudos

Thanks Again.

I tested it and it works.

Our problem with this approach is that we have many users.

Do we have to ask every user to logon to CMC and configure his own Database credential mapping?

or is there a better approach.

Also, when it comes to designing, using the credential mapping doesn't allow the developer access to the database from designer. The way around this, as I see it, is to design the universe using a generic ID then changing the connection to a credential mapping connection to the same database before exporting the universe to Enterprise. Is this a good approach? if not, please suggest a better approach.

Thanks again for your help.

Regards,

Hassan

Former Member
‎04-06-2010 3:12 PM
0 Kudos

Users don't have to configure anything in CMC or any other tool set. It is all internal thing.

It really doesn't matter for the designer to use generic credentails while designing the universe structure. As long as the tables are exposed to all users, it really doesn't matter. Remember universe is metadata (no data is stored in the universe). When the user creates a reports, it generates the SQL based on the joins in the universe structure and sends that SQL to database for execution. Based on the security defined at the database level, they get the data.

Also look into Table Mapping option in the designer. In Designer guide 3.1 it is on 591 page.

Answers (0)

Ask a Question