Hi
I need little information on how the row level security is implemented in Cognos8 (Framework Manager). We implemented dimensionally Modelled
Relational (DMR) model in our project. We have 9 regular dimensions and 1 measure dimension. We need to implement the row level security in our
project. When I look into the Cognos KB, it suggests to use the security table or parameter maps to implement the row level security.
Our seucirty requirement is to restrict the users on couple of dimensions (Region and Division). Based on the region and division the user is
entitled, the fact data should be restricted to show only those members and facts. Currently we are thinking of setting up a security table with
three fields (email_id, region_id and division_id) and join this table with measure dimension on region_id and division_id. Then we will add
the where clause in fact table on email_id where it fetches the data that is equal to the login id from the session parameter.
But since our fact data is available at the lowest level member (6 to 7 levels in each dimension), the data in our security table is going to be
huge. The region and division combinations for different users are going to run into thousands. We are expecting 100 to 150 users to use the applicationi. This will have negative impact on the performance.
I have few questions on this row level security.
1. What are the different options to implement the row level security in Cognos8 FM.
2. How can we implement the parameter maps to group the users and implement the security for the above situation.
3. What are all the pitfalls in following the security table and parameter maps approaches.
If I understand correctly, parameter maps will be static and can't be used in the above scenario. The users are going to be added or removed
from certain regions and divisions frequently and its based on the dimensions.
Thanks in Advance
I need little information on how the row level security is implemented in Cognos8 (Framework Manager). We implemented dimensionally Modelled
Relational (DMR) model in our project. We have 9 regular dimensions and 1 measure dimension. We need to implement the row level security in our
project. When I look into the Cognos KB, it suggests to use the security table or parameter maps to implement the row level security.
Our seucirty requirement is to restrict the users on couple of dimensions (Region and Division). Based on the region and division the user is
entitled, the fact data should be restricted to show only those members and facts. Currently we are thinking of setting up a security table with
three fields (email_id, region_id and division_id) and join this table with measure dimension on region_id and division_id. Then we will add
the where clause in fact table on email_id where it fetches the data that is equal to the login id from the session parameter.
But since our fact data is available at the lowest level member (6 to 7 levels in each dimension), the data in our security table is going to be
huge. The region and division combinations for different users are going to run into thousands. We are expecting 100 to 150 users to use the applicationi. This will have negative impact on the performance.
I have few questions on this row level security.
1. What are the different options to implement the row level security in Cognos8 FM.
2. How can we implement the parameter maps to group the users and implement the security for the above situation.
3. What are all the pitfalls in following the security table and parameter maps approaches.
If I understand correctly, parameter maps will be static and can't be used in the above scenario. The users are going to be added or removed
from certain regions and divisions frequently and its based on the dimensions.
Thanks in Advance
