on 02-16-2015 1:55 PM
Hello,
My question is - how can we hide all additional SAP Design Studio files (CSS, images, fonts etc.) from end users in the BI Launch Pad but at the same time let them open, use and refresh the SAP Design Studio dashboard?
We are using SAP Design Studio 1.4 together with SAP BusinessObjects BI 4.1 SP05 platform. After creating a SAP Design Studio dashboard we are saving it into BI Launch Pad together with all supporting files like custom CSS, images etc. and also MIME folder which is created in the BI Launch Pad near the saved SAP Design Studio dashboard. I have noticed that if an end user have access rights to those supporting files he/she can successfully open and refresh a SAP Design Studio dashboard. But if we revoke access to these supporting files from an end user then in this case when he/she tries to open the SAP Design Studio dashboard an error "cannot open a web page" appears.
We have a requirement to hide those custom CSS, images and other supporting SAP Design Studio files from an end user. How can we achieve this?
Thank you in advance.
Best regards,
Donatas
Hi Donatas,
I think this is more of a BI platform security question; would you be OK if we moved this question to the BI platform space (for faster response)?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi, Tammy,
Thank you for your quick response. I really appreciate this.
Actually I know how to hide those supporting files from an end user using BI Platform security from a BI Platform perspective.
But my main goal here is to get knowledge and answers how specifically the SAP Design Studio developers are saving and providing SAP Design Studio dashboards within BI Platform for an end user consumption and what is the best practice. How SAP Design Studio experts hide (if this is the case) those supporting files (i.e. custom CSS files) within the BI Platform.
Can we leave this message in SAP Design Studio thread for a while?
Thank you, Tammy.
Best regards,
Donatas
Hi Donatas,
I don't think we can hide the custom CSS file from the end users , because the Application uses the url and if your restrict the file then u are restricting the application's access to URL's . What u can Do is organize the CSS File and Images in separate Folders as Technical Docs and keep Design Studio Application outside the Technical docs.
Regards,
Bala
Make a containing folder that you want to hold all the files, and then a subfolder inside of it that has the files:
Example structure:
- folder A
-- subfolder
--- file.css
--- file_1.jpg
--- file_2.jpg
--- etc etc
Apply security on folder A where the folder is not accessible or visible to users.
Then on the subfolder make the security where the users technically can access it. The subfolder is to that you can then just let the items inside of it inherit its security there.
This means that DS should be able to reference the files as normal and users can technically access it while not being able to navigate to it in BI Launchpad.
We did similar practice with Xcelsius dashboards that had QaaWS/BIWS Webis that we didn't need to confuse our users with.
Hello, Michael,
Thank you for your feedback. This seems exactly what I would like to achieve .
Just tried your scenario this morning but unfortunately I've got the same error. I have tried this setup of access rights:
- Folder A (User 1, No Access)
-- Folder CSS (User 1, Full Control)
--- BI.css (User 1, Full Control (Inherited))
- Folder B (User 1, Full Control)
-- DS application (User 1, Full Control (Inherited))
Is my understanding of your suggestion is correct? If I set Full Control to Folder A for User 1, then in this case he/she can successfully open and refresh the DS application.
Looking forward your feedback what is incorrect in my access rights configuration.
Thank you.
Donatas
when I checked this workaround one year ago it did not work in Design Studio (but I had used this same trick successfully for other tools like web intelligence), at least it did not work consistently across internet browsers. I decided to place those files directly on the web server (tomcat in my case).
Best regards,
Victor
Hi, Victor,
Thank you very much for your input.
Can you please elaborate more about how you use those files if placed on the Tomcat directly. Where you placed it? How those files are specified in the SAP Design Studio analysis application? And how those files are used via BI Launch Pad?
Thank you in advance.
Best regards,
Donatas
Hello Donatas,
You can find the root Folder of tomcat on the Server in following path:
/tomcat/webapps/ROOT
When you place an Image there, lets say "image1.jpg", then you can access it like this: http://<boserver>:<port>/image1.jpg
Best regards,
Victor
Hello Donatas ,
This is an extremely important piece of info for our scenario as well .
I have two questions for you -
Hi Victor,
I have my files in /tomcat/webapps/ROOT, How can i access it from Design Studio ?
Regards,
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Jhonatan ,
Just access them as http://<servername>:8080/<filename.jpg>
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello, Venkatesh,
Thank you for your feedback.
Yes, indeed, this solution will deny the end users from modifying those supporting SAP Design Studio analysis application files.
But my main challenge is to hide those files completely - not only to simplify the end user experience and UI but also to secure the IP of those files.
Thank you.
Regards,
Donatas
Hi Jhontan
In Public Folders I created a folder called Images. Within this folder I store public images/CSS Files/SAP Font file etc.
For the Design Studio App I save it to its own folder wherever I want to save it but the css would link to Root Folder/Images/design studio.css for example.
Hope this makes sense.
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.