In this section: |
You can use DBA security features to provide security for any data source. A DBA security rule is comprised of the following attributes, the values of which can be static or variable.
In the DBA security rule:
USER=LARRY, ACCESS=U, RESTRICT=FIELD, NAME=SALARY ,$
Name: USER=LARRY
Type of Access: ACCESS=U
The segments, fields, or ranges of data values to which the user access is restricted:
RESTRICT=FIELD, NAME=SALARY ,$
There are two options for leveraging the DBA attribute.
In this option, the attribute values and the security rules are unchanging.
For example:
USER=LARRY, ACCESS=U, RESTRICT=FIELD, NAME=SALARY ,$
Considerations:
In this option, the security rule itself is unchanging, but the attribute values are parameter driven using the MFD_PROFILE feature or leveraging system variables. The variables are populated in real-time and are dynamically applied so it is not possible to inject or override values at run time.
For example:
USER=&FOCSECUSER, ACCESS=U, RESTRICT=FIELD, NAME=SALARY ,$ USER=&FOCSECGROUP, ACCESS=U, RESTRICT=FIELD, NAME=SALARY ,$
Considerations:
Information Builders |