You can optionally enhance the security of Managed Reporting by restricting access to its data and preventing users from accessing Managed Reporting data through the file system. File system access to Managed Reporting data should be avoided because sensitive information can be exposed, production reports can be altered, and Managed Reporting itself can be rendered inoperable.

Managed Reporting maintains most of its files in its repository directory:

/install_directory/ibi/WebFOCUS80/basedir

and uses the following directory for processing:

/install_directory/ibi/WebFOCUS80/temp

During normal operation, these directories should only be accesses by accounts that run WebFOCUS servlets. This depends on your configuration and varies considerably depending on your application server and environment. Consult your third-party documentation for more information and review the user ID requirements in User ID Requirements for the WebFOCUS Client.

Your system administrator may assign *RWX data authority to individual users, or use an authorization list to manage authority to the following folder:

/install_directory/ibi/WebFOCUS80/temp

After the installation is completed, PUBLIC user is given *RW authority to:

/install_directory/ibi/WebFOCUS80/temp

It is advised to remove PUBLIC authority.

Note: You may also want to grant file system access to an administrator group for support and debugging purposes.