Are you feeling secure?

Download Report

Transcript Are you feeling secure?

Are you feeling

secure

?

Lee Donaldson Information Builders

Are you feeling secure?

Agenda    WebFOCUS components WebFOCUS security options Managed Reporting security   Authentication Authorization     Roles Groups Domains Users   Dashboard Implementing Banner security

Are you feeling secure?

WebFOCUS components J2EE Application Server

WebFOCUS - Java Web App

· WF Client - Servlet version · WF Dashboard - JSP Portal · · · · J2EE Application Server WF Report Assistant - DHTML WF Graph Assistant - DHTML WF OLAP Control Panel - DHTML

WF ReportCaster

-

Java Web App

· WF ReportCaster Servlets - Java API · Scheduling - by Administrator · Scheduling - by User

WF User Admin. Services Repository WF Open Portal Services(Portlets/Gadgets)

HTTP/S Web Server JDBC TCP WebFOCUS Reporting Server WebFOCUS Reporting Server WF (iWAY) Adapters · · · · ·

200+ Intelligent Adapters & Connectors

· Legacy Data · Relational Data Transactional Systems Messaging Systems XML, WebServices Java EDI … WebFOCUS Reporting Server Mainframe UNIX Windows I5 (AS/400) (35+ Platforms) WebFOCUS Reporting Server WF Metadata Repository WF Resource Analyzer WF Resource Governor Usage Monitoring HTTP/S HTTP/S Developer Studio Distribution Server · · WF Client - CGI version Static HTML Content

(Can alternatively be placed on J2EE Server)

JDBC

WF Report Caster

· Scheduling · Distribution · · Archive Library Open Distribution

(JRE Required)

· · · RDBMS w/BLOB Support Job Schedule Information Archive Library WF Reports & Open Output Content · · · · · · ·

WF Developer Studio

· Graphical Report Designer · 4GL Developer Workbench Metadata Management User Management and Administration ReportCaster Administration Managed Reporting Administration Portal Design and Development Deployment Version Control (Source Safe)

Are you feeling secure?

Security Checkpoints J2EE Application Server JDBC

WebFOCUS - Java Web App

· WF Client - Servlet version · WF Dashboard - JSP Portal · · · · J2EE Application Server WF Report Assistant - DHTML WF Graph Assistant - DHTML WF OLAP Control Panel - DHTML

WF ReportCaster

-

Java Web App

· WF ReportCaster Servlets - Java API · Scheduling - by Administrator · Scheduling - by User

WF User Admin. Services Repository WF Open Portal Services(Portlets/Gadgets)

HTTP/S Web Server TCP HTTP/S · · WF Client - CGI version Static HTML Content

(Can alternatively be placed on J2EE Server)

WebFOCUS Reporting Server WebFOCUS Reporting Server WF (iWAY) Adapters · · · · ·

200+ Intelligent Adapters & Connectors

· Legacy Data · Relational Data Transactional Systems Messaging Systems XML, WebServices Java EDI … WebFOCUS Reporting Server Mainframe UNIX Windows I5 (AS/400) (35+ Platforms) WebFOCUS Reporting Server WF Metadata Repository WF Resource Analyzer WF Resource Governor Usage Monitoring HTTP/S Distribution Server JDBC

WF Report Caster

· Scheduling · Distribution · · Archive Library Open Distribution

(JRE Required)

· · · RDBMS w/BLOB Support Job Schedule Information Archive Library WF Reports & Open Output Content Developer Studio · · · · · · ·

WF Developer Studio

· Graphical Report Designer · 4GL Developer Workbench Metadata Management User Management and Administration ReportCaster Administration Managed Reporting Administration Portal Design and Development Deployment Version Control (Source Safe)

Are you feeling secure?

Basic security concepts   Authentication  Who are you  Are you a valid user Authorization  What role are you  Administrator, Developer, End User  What can you do  Use Report Assist, Use Reportcaster, Run Only user  What do you have access to    Which reports Which databases or files Which records

Are you feeling secure?

WebFOCUS Authentication options  No authentication  Anonymous users  User authentication  You supply a userid and password to gain access  Web server authentication   IWA, Kerberos, Siteminder 3 rd party Portals (Plumtree, Sharepoint, Oracle)  WebFOCUS Reporting server authentication      Operating system DBMS LDAP Custom Set up with the WebFOCUS Server Console

Are you feeling secure?

WF Server Console

Are you feeling secure?

WebFOCUS Managed Reporting Security  Explicit   Userid and password required Internal MR authentication  Integrated   Sign on previously and values passed to WebFOCUS External authentication  Trusted   No password required Credentials set by web server

Are you feeling secure?

Explicit Authentication

Are you feeling secure?

External Authentication

Are you feeling secure?

Trusted Authentication

WebFOCUS Managed Reporting Authentication

Web Access Management Lightweight Directory Access Protocol (LDAP) WebFOCUS Reporting Server CUSTOM Operating System Relation Database Management System (RDBMS)

Are you feeling secure?

Managed Reporting Security Administration  MRE Authorization   MRE administrators set up environment Domains  Assign logical names to application folders in MRE  Business units, Types of data, test/production  Users    Create entries for valid user ids Assign privileges to each user or use a default Role Assign users ids to groups

WebFOCUS Security Model WebFOCUS Managed Reporting Authorization     Roles – Administrators, run only users, Analytical users, custom Privileges – schedule, share reports, report library Groups – Categories of users - associated to Domains Domains – Groups of reports - groups are related to Domains 

See the WebFOCUS Managed Reporting Administrator’s manual

WebFOCUS MRE Security Model

FINMGR

User

Accounting Senior Managers

Groups

Analytical User

Role

Run Reports Save My Reports Assist Tools

Default Privileges

Schedule Report Library

Optional Privileges

Finance Plant Operations

Domains

BI Dashboard - Authorization Users, Groups and Domains Accountant ACCOUNTING SENIOR MANAGERS FINMGR HR Human Resource Manager

Are you feeling secure?

Managed Reporting Security Administration  Roles administration

Are you feeling secure?

Managed Reporting Security Administration  Group administration

Are you feeling secure?

Managed Reporting Security Administration  Domain administration

Are you feeling secure?

Managed Reporting Security Administration  User administration

Managed Reporting Environment aka MRE also CUS – Comprehensive User Services

BI Dashboard Managed Reporting Environment (MRE)

Are you feeling secure?

Implementing Banner Security  WebFOCUS Reporting Server set for DBMS Security   All users are validated for having valid Oracle userid Set up an adapter connection to Oracle with password passthru  Change server security to DBMS mode pointing to the adapter connection  WebFOCUS Client set for WFRS security  Tell the WF Client (MRE, Dashboard) to send the userid and password entered to the WF server for validation  Adminstrator userid must be a valid Oracle id  Dashboard  Public or default userid must be a valid Oracle id

Are you feeling secure?

Implementing Banner Security  FAU integrated WF DBMS security and Banner ODS Object security  DART BOARD  Creates dynamic reporting templates per user based on Banner security definitions  Utilizes Banner Objects and Banner Classes  DART  Dynamic Application Reporting Template  BOARD  Banner ODS Application Report Data

Are you feeling secure?

Implementing Banner Security  DART - Dynamic Application Reporting Template  Generation of measures (counts, totals, averages, minimum, max, etc.)     drilldown operational reporting pop-up field descriptions standardized look, styling, and operation crumb trails (documented filters, user id, date/time stamp)         graphs preset selection of fields for reports Creation of Ad Hoc reports Applying business rules via the DEFINEs statement Ready to customize predefined reports Creation of key lists for subsequent reporting, matching, etc.

Dynamic Page breaks Report options for PDF, Excel, and HTML formats

Are you feeling secure?

Implementing Banner Security  BOARD - Banner ODS Application Report Data  Integrates Banner ODS and Banner Security   Controls logon authentication from one source Provides access to    Reporting Templates LOV filters – List of Values specific per user Applies to Student, HR, Finance, Financial Aid and AR modules  Access is through the WebFOCUS Dashboard

Are you feeling secure?

Implementing Banner Security  Access to templates is based on a 7 position token stored in a flat file  buspaw01.htm;PEAEMPL;Payroll Distribution;H;Payroll;IRM - BITS; payroll  rcast101.htm;OPEN;ReportCaster Schedules;G;ReportCaster;IRM - BITS;   Position 1 – name of the launch page stored in WebFOCUS MRE      Position 2 - security access value  Open to all, Closed to all, Limited to this Banner Object Position 3 – Title to be displayed on Dashboard Position 4 - Relating Group  C=Common, F=Finance, H=HR, G=General Utility, S=Student Position 5 – Banner Business Concept Position 6 - Developer Group/Name Position 7 - Notes

Are you feeling secure?

Implementing Banner Security

Are you feeling secure?

Implementing Banner Security List of Values Filters automatically generated

Are you feeling secure?

Implementing Banner Security

Questions?