Are you feeling secure?

Download Report

Transcript Are you feeling secure? 

Are you feeling secure?
Lee Donaldson
Information Builders
Are you feeling secure?
Agenda
 WebFOCUS components
 WebFOCUS security options
 Managed Reporting security
 Authentication
 Authorization
 Roles
 Groups
 Domains
 Users
 Dashboard
 Implementing Banner security
Are you feeling secure?
WebFOCUS components
WebFOCUS Reporting Server
J2EE Application Server
WF (iWAY) Adapters
WebFOCUS
Reporting Server
JDBC
WebFOCUS - Java Web App
·
WF Client - Servlet version
·
WF Dashboard - JSP Portal
J2EE
Server
·
WF
Ad-hocApplication
Tools - JSP/Beans
·
WF Report Assistant - DHTML
·
WF Graph Assistant - DHTML
·
WF OLAP Control Panel - DHTML
Mainframe
UNIX
Windows
I5 (AS/400)
(35+ Platforms)
WF User Admin. Services Repository
JDBC
WF ReportCaster - Java Web App
·
WF ReportCaster Servlets - Java API
·
Scheduling - by Administrator
·
Scheduling - by User
200+ Intelligent Adapters
& Connectors
·
Legacy Data
·
Relational Data
·
Transactional Systems
·
Messaging Systems
·
XML, EDI …
·
WebServices
·
Java
WebFOCUS
Reporting Server
WebFOCUS
Reporting Server
WF
Metadata
Repository
WF Resource
Analyzer
TCP
WF Resource
Governor
WF Open Portal Services(Portlets/Gadgets)
JDBC
Usage Monitoring
HTTP/S
HTTP/S
Web Server
HTTP/S
Developer Studio
Distribution Server
·
WF Client - CGI version
·
Static HTML Content
(Can alternatively be placed
on J2EE Server)
JDBC
WF
·
·
·
·
Report Caster
Scheduling
Distribution
Archive Library
Open Distribution
(JRE Required)
RDBMS
w/BLOB Support
·
·
·
Job Schedule Information
Archive Library
WF Reports & Open
Output Content
WF Developer Studio
·
Graphical Report Designer
·
4GL Developer Workbench
·
Metadata Management
·
User Management and
Administration
·
ReportCaster Administration
·
Managed Reporting
Administration
·
Portal Design and Development
·
Deployment
·
Version Control (Source Safe)
Are you feeling secure?
Security Checkpoints
WebFOCUS Reporting Server
J2EE Application Server
WF (iWAY) Adapters
WebFOCUS
Reporting Server
JDBC
WebFOCUS - Java Web App
·
WF Client - Servlet version
·
WF Dashboard - JSP Portal
J2EE
Server
·
WF
Ad-hocApplication
Tools - JSP/Beans
·
WF Report Assistant - DHTML
·
WF Graph Assistant - DHTML
·
WF OLAP Control Panel - DHTML
Mainframe
UNIX
Windows
I5 (AS/400)
(35+ Platforms)
WF User Admin. Services Repository
JDBC
WF ReportCaster - Java Web App
·
WF ReportCaster Servlets - Java API
·
Scheduling - by Administrator
·
Scheduling - by User
200+ Intelligent Adapters
& Connectors
·
Legacy Data
·
Relational Data
·
Transactional Systems
·
Messaging Systems
·
XML, EDI …
·
WebServices
·
Java
WebFOCUS
Reporting Server
WebFOCUS
Reporting Server
WF
Metadata
Repository
WF Resource
Analyzer
TCP
WF Resource
Governor
WF Open Portal Services(Portlets/Gadgets)
JDBC
Usage Monitoring
HTTP/S
HTTP/S
Web Server
HTTP/S
Developer Studio
Distribution Server
·
WF Client - CGI version
·
Static HTML Content
(Can alternatively be placed
on J2EE Server)
JDBC
WF
·
·
·
·
Report Caster
Scheduling
Distribution
Archive Library
Open Distribution
(JRE Required)
RDBMS
w/BLOB Support
·
·
·
Job Schedule Information
Archive Library
WF Reports & Open
Output Content
WF Developer Studio
·
Graphical Report Designer
·
4GL Developer Workbench
·
Metadata Management
·
User Management and
Administration
·
ReportCaster Administration
·
Managed Reporting
Administration
·
Portal Design and Development
·
Deployment
·
Version Control (Source Safe)
Are you feeling secure?
Basic security concepts
 Authentication
 Who are you
 Are you a valid user
 Authorization
 What role are you
 Administrator, Developer, End User
 What can you do
 Use Report Assist, Use Reportcaster, Run Only user
 What do you have access to
 Which reports
 Which databases or files
 Which records
Are you feeling secure?
WebFOCUS Authentication options
 No authentication
 Anonymous users
 User authentication
 You supply a userid and password to gain access
 Web server authentication
 IWA, Kerberos, Siteminder
 3rd party Portals (Plumtree, Sharepoint, Oracle)
 WebFOCUS Reporting server authentication
 Operating system
 DBMS
 LDAP
 Custom
 Set up with the WebFOCUS Server Console
Are you feeling secure?
WF Server Console
Are you feeling secure?
WebFOCUS Managed Reporting Security
 Explicit
 Userid and password required
 Internal MR authentication
 Integrated
 Sign on previously and values passed to WebFOCUS
 External authentication
 Trusted
 No password required
 Credentials set by web server
Are you feeling secure?
Explicit Authentication
Are you feeling secure?
External Authentication
Are you feeling secure?
Trusted Authentication
WebFOCUS Managed Reporting Authentication
Web Access
Management
Lightweight Directory
Access Protocol
(LDAP)
WebFOCUS Reporting
Server
Operating System
CUSTOM
Relation Database
Management
System (RDBMS)
Are you feeling secure?
Managed Reporting Security Administration
 MRE Authorization
 MRE administrators set up environment
 Domains
 Assign logical names to application folders in MRE
 Business units, Types of data, test/production
 Users
 Create entries for valid user ids
 Assign privileges to each user or use a default Role
 Assign users ids to groups
WebFOCUS Security Model
WebFOCUS Managed Reporting Authorization
 Roles – Administrators, run only users, Analytical users, custom
 Privileges – schedule, share reports, report library
 Groups – Categories of users - associated to Domains
 Domains – Groups of reports - groups are related to Domains
 See the WebFOCUS Managed Reporting Administrator’s manual
WebFOCUS MRE Security Model
FINMGR
Accounting
Finance
User
Senior Managers
Plant Operations
Groups
Analytical
User
Role
Run Reports
Save My Reports
Assist Tools
Schedule
Report Library
Default
Privileges
Optional
Privileges
Domains
BI Dashboard - Authorization
Users, Groups and Domains
Accountant
ACCOUNTING
SENIOR MANAGERS
FINMGR
Human Resource
Manager
HR
Are you feeling secure?
Managed Reporting Security Administration
 Roles administration
Are you feeling secure?
Managed Reporting Security Administration
 Group administration
Are you feeling secure?
Managed Reporting Security Administration
 Domain administration
Are you feeling secure?
Managed Reporting Security Administration
 User administration
Managed Reporting Environment
aka MRE also CUS – Comprehensive User Services
BI Dashboard
Managed Reporting Environment (MRE)
Are you feeling secure?
Implementing Banner Security
 WebFOCUS Reporting Server set for DBMS Security
 All users are validated for having valid Oracle userid
 Set up an adapter connection to Oracle with password
passthru
 Change server security to DBMS mode pointing to the
adapter connection
 WebFOCUS Client set for WFRS security
 Tell the WF Client (MRE, Dashboard) to send the userid
and password entered to the WF server for validation
 Adminstrator userid must be a valid Oracle id
 Dashboard
 Public or default userid must be a valid Oracle id
Are you feeling secure?
Implementing Banner Security
 FAU integrated WF DBMS security and Banner ODS Object
security
 DART BOARD
 Creates dynamic reporting templates per user based
on Banner security definitions
 Utilizes Banner Objects and Banner Classes
 DART
 Dynamic Application Reporting Template
 BOARD
 Banner ODS Application Report Data
Are you feeling secure?
Implementing Banner Security
 DART - Dynamic Application Reporting Template
 Generation of measures (counts, totals, averages, minimum, max,












etc.)
drilldown operational reporting
pop-up field descriptions
standardized look, styling, and operation
crumb trails (documented filters, user id, date/time stamp)
graphs
preset selection of fields for reports
Creation of Ad Hoc reports
Applying business rules via the DEFINEs statement
Ready to customize predefined reports
Creation of key lists for subsequent reporting, matching, etc.
Dynamic Page breaks
Report options for PDF, Excel, and HTML formats
Are you feeling secure?
Implementing Banner Security
 BOARD - Banner ODS Application Report Data
 Integrates Banner ODS and Banner Security
 Controls logon authentication from one source
 Provides access to
 Reporting Templates
 LOV filters – List of Values specific per user
 Applies to Student, HR, Finance, Financial Aid and

AR modules
Access is through the WebFOCUS Dashboard
Are you feeling secure?
Implementing Banner Security
 Access to templates is based on a 7 position token stored in a
flat file









buspaw01.htm;PEAEMPL;Payroll Distribution;H;Payroll;IRM - BITS; payroll
rcast101.htm;OPEN;ReportCaster Schedules;G;ReportCaster;IRM - BITS;
Position 1 – name of the launch page stored in WebFOCUS MRE
Position 2 - security access value
 Open to all, Closed to all, Limited to this Banner Object
Position 3 – Title to be displayed on Dashboard
Position 4 - Relating Group
 C=Common, F=Finance, H=HR, G=General Utility, S=Student
Position 5 – Banner Business Concept
Position 6 - Developer Group/Name
Position 7 - Notes
Are you feeling secure?
Implementing Banner Security
Are you feeling secure?
Implementing Banner Security
List of Values Filters automatically generated
Are you feeling secure?
Implementing Banner Security
Questions?