cancel
Showing results for 
Search instead for 
Did you mean: 

BO reports security

Former Member
0 Kudos

Hi all,

I have a system on SAP BI BO 4 SP6. I want to restrict report viewing as per the following requirements. Please advise:

1) I want to restrict a user to view report during a specific time interval only, for. eg from 08 00 to 16 00. Is this possible? How can this be achieved? Or maybe can we restrict the user to login in the BI lauchpad during this period only.

2) I want to allow only specific IPs or MAC addresses to access the BI launchpad. Can this be achieved and how?

regards.

Accepted Solutions (0)

Answers (3)

Answers (3)

onkarvelhals
Contributor
0 Kudos

Hi Suraj,

To restrict users based on IP you would need to add allowed ips for Tomcat

In \tomcat7\conf\server.xml:

<Engine name="Catalina" defaultHost="localhost"> ... ... ... <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="10\.132\.77\.55|10\.132\.76\.120|10\.132\.77\.47"/> ... </Engine>

Read more tomcat documentation here

Regards,

Onkar

Former Member
0 Kudos

your second requirement can be done using of network functionality. Restrict the IP Address/ MAC Address from BO server , so that particaular IP through , they will not allow to open BI Launchpad.

your first requirement is actually not possible, but manually you can do this.

1) remove rights for that user meanwhile.

2) you can monitoring that particular user is login during the time from session (CMC) or in auditing database report.

For this automatic process is not possible.

Former Member
0 Kudos

Hi Ajay/Dhaval,

Thnks for your comments. I've been reading thru several documentations but didn't find much. Any idea about the 3rd party tools that can be used?

regards.

Former Member
0 Kudos

Hi Suraj,

There isnt any 3rd party tool that can override rights in BO for certain time period.

You can alwasys create new SDKs that can help in removing the access temporarily from the application.

This has to be done using the SDK that can be uploaded to BO and scheduled as per your time restriction.

BTW, I am curious why would you need such a setting?

Regards,

Jatin

Former Member
0 Kudos

Hi Jatin,

Why I need such a setting is due to the sensitivity of the information within the report. It's been decided by management.

regards.

Former Member
0 Kudos

you need to restrict to some reports in a time interval or all the plattform in a time interval?

because you can run an SO script to stop SIA and start it again when you want

CdnConnection
Active Contributor
0 Kudos

Suraj,

    The 3rd party tool I am recommending using a network hardware load balancing type tool.  You can have everyone go through a Cisco router type device and then control access to the BOBJ server by MAC address. 

Keep in mind there is NO 3rd party tool to alter the BOBJ security by MAC / Time / IP.  You need have everyone go through the Hardware / Software type solution.   Basic you putting another layer between the users and BOBJ server that can be managed by MAC / Time / IP related access.

Regards,

Ajay

CdnConnection
Active Contributor
0 Kudos

Suraj,

    Currently you can NOT manage security restriction at time interval within the BI 4.x Platform.

You would need to use some sort of 3rd party tool to restrict access by time &/or MAC address.

Regards,

Ajay