Credential Based Filters
Last updated
Last updated
You can author dashboards that honor enterprise data security policies . This capability allows dashboard authors to author a single dashboard and publish it to a group of users who, when accessing that dashboard, will see only the data that they are authorized to see.
Access to the data within a project is controlled by a security strategy that must be defined and installed within the project directory area of the AE Server. A security strategy is a set of associations between users and data values, and whether those data values should be included or excluded from the display of data present to them when viewing a project. There may be one or more data strategies that are identified by name. When a project is published one of the configured data strategies may be selected to control access to the project data.
Data strategies are defined within files placed in the project directory of the AE Server. These files are named 'data security.config' and may be placed within project subdirectories or in the root project directory. A data security file placed within a subdirectory will be located and used for projects published to that subdirectory and a data security file located in the root project directory will be utilized for all other projects. This allows for security strategies based upon the directory that a project is published to with a default strategy located in the root directory. Note that all security strategies must have entries within the root project configuration file, if a strategy is defined within a subdirectory it may have an empty definition in the root. Without the definition in the root, the strategy will not be available for selection when publishing.
An empty data security file is installed in the project root directory and may be used as a starting point. The data security files are formatted XML files. An example of a set of security strategies might be:
This file defines two data strategies named 'Sales Regions' and 'Historical Quarters'. Within the 'Sales Region' strategy the user 'YourDomainName\fflintstone' will only see data that corresponding to rows having the values 'West' and 'East'. The user 'YourDomainName\wflintstone' will only see data values corresponding to rows having the values 'South' and 'West'. Any user that is not authenticated (the 'anonymous' User entry) will be excluded from seeing any data that corresponds to rows having a value of 'West'. The second security strategy is named 'Historical Quarters' and only specifies that the user 'YourDomainName\brubble' will see data values corresponding to rows having the values of 'Q1' and 'Q2'.
Specific notes about the fields within the data strategy:
The 'id' attribute of a Strategy must be unique among your strategies and should never be changed. This value is embedded within project files as they are published. If a strategy is further defined within a configuration file in a project subdirectory it must have the same identifier. The 'name' attribute of the strategy may be changed and is only used for display and selection of the available strategies when a project is published.
A User is specified with their full login domain and user name. The case of the entered values is ignored, but the formatting and spelling of the values must be exact. A user name of 'anonymous' may be used to match users that are not authenticated with the server.
Each user will have a ValueList that contains one or more Value elements that correspond to data values within a field in a project's data pool. These data values must be entered exactly as they exist within the data, case is observed to match values. This set of values will be included or excluded from the data within a project based on the filterType attribute setting of 'include' or 'exclude'. Any entry specified here that does not start with 'inc' will be considered to be an exclusion.
To exclude all data for a specific user create a ValueList with a filterType of 'include' without any Value elements.
If the 'anonymous' user entry is not present, access by non-authenticated users will be denied.
A single configuration file may contain multiple Strategy elements. A security Strategy may have multiple User elements, a ValueList may have multiple Value elements, but a User is only expected to have one ValueList.
Before publishing dashboards to the server, you must make sure that the Server AE installation has been configured properly. This implementation relies upon Windows integrated security to identify users. You must modify the web.config file in the Server AE directory of your IIS installation to enable Windows integrated security to be utilized.
Open up the IIS tree under Computer Management on your server. Browse to the ADV virtual directory and open up Properties. Under the Directory Security tab, make sure to check the box for “Windows integrated security”. This will set up IIS to pass Windows user credentials from the browser session to authenticate the users.
Modify the web.config file in the Server AE installation directory. Under the <system.serviceModel> key, comment out the default anonymous bindings and select an appropriate security mode from the available choices that support Windows authentication.
Copy the data security.config file that you created above to the Server AE Projects directory.
The server is now configured for credential filtering.
When publishing a project to the server an additional dialog page is provided to configure data security for the project if there are data security strategies configured for the server. To enable data security, check the 'Enable Data Security' checkbox and provide values for the Table, Field, and Strategy names. The Table and Field values are used to identify the table and field within the data pool that must contain the values specified within a desired security strategy as explained above. The Strategy is the name of the desired security strategy that was created above. The Strategy names are collected from the data security configuration file that is installed in the root of the AE Server project directory.
When selecting a data field for security, insure that the selected field is not used in a text filter within the project. Only one text filter per data field is currently supported. A text filter accessible by the user would allow them to override the values specified by the security strategy. If it is desirable to have a text filter available to further exclude field items, a second field should be created with a copy operation for the field specified to the security strategy. This copied field should then never be used in a text filter.
