Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Passing DB logon info from CE

Status
Not open for further replies.
BUBTH

BUBTH

Programmer
Mar 30, 2002
1
NL
Hi there! Just purchased Crystal Enterprise Pro but are having some troubles with security.

My problem is that all our customers should only see their data set in common data tables. I have created filtering tables and stored procedures, that based on the login of the user, outputs the right data. But then it seems that I have to maintain two separate logins/passwords for each user, one for the CE and one for the database login. I cannot find a way of passing the CE logon information further on to the database login.

Crystal Enterprise security seems to focus only on securing the individual reports. If you need separate outputs from reports you should create separate reports. But it would not be pratical to maintain 6-8 separate reports for each customer.

I could of course build in the datafiltering into each report, and based on the CE login, passing the filtering rules over to report, but it does not seem to be secure solution. I mean would it not be to easy for others to fake new filtering rules over to the report viewer and therby gain access to other customers data.
 
Sort by date Sort by votes
With Crystal Enterprise it's possibnle to call the report via the report id....


Then to get the user security, build that into your rpt file.

1) Use a unique password for each supplier (in the supplier or a parallel table)
2) create parameters in your report for supplier id and password
3) Add to your report selection formula
{supplier.password} = {?password} and
{Supplier.supplierID} = {?supplier}

The pass the supplier and password to the report via your web page. A supplier could possibly guess another's supplier ID, but is unlikely to guess their password. Editor and Publisher of Crystal Clear
 
Upvote 0 Downvote
I am interested to know how you would even filter the result data based on the CE login? Would you add it as record selection criteria? I would like to filter results based on the NT logon rather than the CE logon. How can I capture the NT logon name and use it in the record selection criteria for me CE8 report?
thanks,
-cf
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dellguy
  • Locked
  • Question
DB connection alias in CMC
Replies
1
Views
167
kray4660
kray4660
n2nuk
  • Locked
  • Question
Migrating reports from CR server 2013 to CR Server 2016
Replies
6
Views
360
n2nuk
n2nuk
kdavis6416
  • Locked
  • Question
Find email-addressess with CSP Query Builder and other detail information about reports
Replies
0
Views
93
kdavis6416
kdavis6416
kate8
  • Locked
  • Question
Error in Uploading report from InfoView
Replies
3
Views
119
kray4660
kray4660
Robyne
  • Locked
  • Question
Finding Source Report in InfoView
Replies
1
Views
109
briangriffin
briangriffin

Part and Inventory Search

Sponsor

Back
Top