Requirement:
Employee Detail Query subject contains sensitive data like employee salary,
vacation days, sick days, etc. we want to restrict user who logged in to see
data belongs to him or her only.
Approach: to
solve this, we need to create security filter in filter tab of this Query
subject. This filter will comprise of Parameter map, macros and session
parameters.
Staff key in
this Query Subject uniquely identifies each employee but it doesn’t match LDAP
user name. so we need to create Parameter Map name “security_map”. We can also
import list to populate list and values in parameter map. you can get this list
from LDAP directory server.
Now apply filter in Filter Tab of Employee Detail Q.S.
If you want to see session parameter values, go to Project
Menu and click on Session Parameters.
The completed SQL will look like this:
Now, confirm result by logging on as different users. Rdogra,
MBhatankar,kdirisala
No comments:
Post a Comment