Transcript Are you feeling secure?
Are you feeling
secure
?
Lee Donaldson Information Builders
Are you feeling secure?
Agenda WebFOCUS components WebFOCUS security options Managed Reporting security Authentication Authorization Roles Groups Domains Users Dashboard Implementing Banner security
Are you feeling secure?
WebFOCUS components J2EE Application Server
WebFOCUS - Java Web App
· WF Client - Servlet version · WF Dashboard - JSP Portal · · · · J2EE Application Server WF Report Assistant - DHTML WF Graph Assistant - DHTML WF OLAP Control Panel - DHTML
WF ReportCaster
-
Java Web App
· WF ReportCaster Servlets - Java API · Scheduling - by Administrator · Scheduling - by User
WF User Admin. Services Repository WF Open Portal Services(Portlets/Gadgets)
HTTP/S Web Server JDBC TCP WebFOCUS Reporting Server WebFOCUS Reporting Server WF (iWAY) Adapters · · · · ·
200+ Intelligent Adapters & Connectors
· Legacy Data · Relational Data Transactional Systems Messaging Systems XML, WebServices Java EDI … WebFOCUS Reporting Server Mainframe UNIX Windows I5 (AS/400) (35+ Platforms) WebFOCUS Reporting Server WF Metadata Repository WF Resource Analyzer WF Resource Governor Usage Monitoring HTTP/S HTTP/S Developer Studio Distribution Server · · WF Client - CGI version Static HTML Content
(Can alternatively be placed on J2EE Server)
JDBC
WF Report Caster
· Scheduling · Distribution · · Archive Library Open Distribution
(JRE Required)
· · · RDBMS w/BLOB Support Job Schedule Information Archive Library WF Reports & Open Output Content · · · · · · ·
WF Developer Studio
· Graphical Report Designer · 4GL Developer Workbench Metadata Management User Management and Administration ReportCaster Administration Managed Reporting Administration Portal Design and Development Deployment Version Control (Source Safe)
Are you feeling secure?
Security Checkpoints J2EE Application Server JDBC
WebFOCUS - Java Web App
· WF Client - Servlet version · WF Dashboard - JSP Portal · · · · J2EE Application Server WF Report Assistant - DHTML WF Graph Assistant - DHTML WF OLAP Control Panel - DHTML
WF ReportCaster
-
Java Web App
· WF ReportCaster Servlets - Java API · Scheduling - by Administrator · Scheduling - by User
WF User Admin. Services Repository WF Open Portal Services(Portlets/Gadgets)
HTTP/S Web Server TCP HTTP/S · · WF Client - CGI version Static HTML Content
(Can alternatively be placed on J2EE Server)
WebFOCUS Reporting Server WebFOCUS Reporting Server WF (iWAY) Adapters · · · · ·
200+ Intelligent Adapters & Connectors
· Legacy Data · Relational Data Transactional Systems Messaging Systems XML, WebServices Java EDI … WebFOCUS Reporting Server Mainframe UNIX Windows I5 (AS/400) (35+ Platforms) WebFOCUS Reporting Server WF Metadata Repository WF Resource Analyzer WF Resource Governor Usage Monitoring HTTP/S Distribution Server JDBC
WF Report Caster
· Scheduling · Distribution · · Archive Library Open Distribution
(JRE Required)
· · · RDBMS w/BLOB Support Job Schedule Information Archive Library WF Reports & Open Output Content Developer Studio · · · · · · ·
WF Developer Studio
· Graphical Report Designer · 4GL Developer Workbench Metadata Management User Management and Administration ReportCaster Administration Managed Reporting Administration Portal Design and Development Deployment Version Control (Source Safe)
Are you feeling secure?
Basic security concepts Authentication Who are you Are you a valid user Authorization What role are you Administrator, Developer, End User What can you do Use Report Assist, Use Reportcaster, Run Only user What do you have access to Which reports Which databases or files Which records
Are you feeling secure?
WebFOCUS Authentication options No authentication Anonymous users User authentication You supply a userid and password to gain access Web server authentication IWA, Kerberos, Siteminder 3 rd party Portals (Plumtree, Sharepoint, Oracle) WebFOCUS Reporting server authentication Operating system DBMS LDAP Custom Set up with the WebFOCUS Server Console
Are you feeling secure?
WF Server Console
Are you feeling secure?
WebFOCUS Managed Reporting Security Explicit Userid and password required Internal MR authentication Integrated Sign on previously and values passed to WebFOCUS External authentication Trusted No password required Credentials set by web server
Are you feeling secure?
Explicit Authentication
Are you feeling secure?
External Authentication
Are you feeling secure?
Trusted Authentication
WebFOCUS Managed Reporting Authentication
Web Access Management Lightweight Directory Access Protocol (LDAP) WebFOCUS Reporting Server CUSTOM Operating System Relation Database Management System (RDBMS)
Are you feeling secure?
Managed Reporting Security Administration MRE Authorization MRE administrators set up environment Domains Assign logical names to application folders in MRE Business units, Types of data, test/production Users Create entries for valid user ids Assign privileges to each user or use a default Role Assign users ids to groups
WebFOCUS Security Model WebFOCUS Managed Reporting Authorization Roles – Administrators, run only users, Analytical users, custom Privileges – schedule, share reports, report library Groups – Categories of users - associated to Domains Domains – Groups of reports - groups are related to Domains
See the WebFOCUS Managed Reporting Administrator’s manual
WebFOCUS MRE Security Model
FINMGR
User
Accounting Senior Managers
Groups
Analytical User
Role
Run Reports Save My Reports Assist Tools
Default Privileges
Schedule Report Library
Optional Privileges
Finance Plant Operations
Domains
BI Dashboard - Authorization Users, Groups and Domains Accountant ACCOUNTING SENIOR MANAGERS FINMGR HR Human Resource Manager
Are you feeling secure?
Managed Reporting Security Administration Roles administration
Are you feeling secure?
Managed Reporting Security Administration Group administration
Are you feeling secure?
Managed Reporting Security Administration Domain administration
Are you feeling secure?
Managed Reporting Security Administration User administration
Managed Reporting Environment aka MRE also CUS – Comprehensive User Services
BI Dashboard Managed Reporting Environment (MRE)
Are you feeling secure?
Implementing Banner Security WebFOCUS Reporting Server set for DBMS Security All users are validated for having valid Oracle userid Set up an adapter connection to Oracle with password passthru Change server security to DBMS mode pointing to the adapter connection WebFOCUS Client set for WFRS security Tell the WF Client (MRE, Dashboard) to send the userid and password entered to the WF server for validation Adminstrator userid must be a valid Oracle id Dashboard Public or default userid must be a valid Oracle id
Are you feeling secure?
Implementing Banner Security FAU integrated WF DBMS security and Banner ODS Object security DART BOARD Creates dynamic reporting templates per user based on Banner security definitions Utilizes Banner Objects and Banner Classes DART Dynamic Application Reporting Template BOARD Banner ODS Application Report Data
Are you feeling secure?
Implementing Banner Security DART - Dynamic Application Reporting Template Generation of measures (counts, totals, averages, minimum, max, etc.) drilldown operational reporting pop-up field descriptions standardized look, styling, and operation crumb trails (documented filters, user id, date/time stamp) graphs preset selection of fields for reports Creation of Ad Hoc reports Applying business rules via the DEFINEs statement Ready to customize predefined reports Creation of key lists for subsequent reporting, matching, etc.
Dynamic Page breaks Report options for PDF, Excel, and HTML formats
Are you feeling secure?
Implementing Banner Security BOARD - Banner ODS Application Report Data Integrates Banner ODS and Banner Security Controls logon authentication from one source Provides access to Reporting Templates LOV filters – List of Values specific per user Applies to Student, HR, Finance, Financial Aid and AR modules Access is through the WebFOCUS Dashboard
Are you feeling secure?
Implementing Banner Security Access to templates is based on a 7 position token stored in a flat file buspaw01.htm;PEAEMPL;Payroll Distribution;H;Payroll;IRM - BITS; payroll rcast101.htm;OPEN;ReportCaster Schedules;G;ReportCaster;IRM - BITS; Position 1 – name of the launch page stored in WebFOCUS MRE Position 2 - security access value Open to all, Closed to all, Limited to this Banner Object Position 3 – Title to be displayed on Dashboard Position 4 - Relating Group C=Common, F=Finance, H=HR, G=General Utility, S=Student Position 5 – Banner Business Concept Position 6 - Developer Group/Name Position 7 - Notes
Are you feeling secure?
Implementing Banner Security
Are you feeling secure?
Implementing Banner Security List of Values Filters automatically generated
Are you feeling secure?
Implementing Banner Security