If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

Pass-through SQL for cloud customers?

Started by Cognos91, 15 Jan 2019 11:40:05 AM

Previous topic - Next topic

Cognos91

Hi,
We are looking to implement data security for cloud customers to enable them to use pass-through SQL functionality (User Defined SQL).
We use a multi-tenanted database, and have currently locked down the feature for User Defined SQL for our cloud customers.
There is row level security implemented in the data model.
However, we are now exploring options to leverage User Defined SQL for our cloud customers. This means they will bypass the data model that secures the data per each tenant.

How do we implement data level security while enabling User-Defined SQL functionality for cloud customers?
Has anyone implemented this scenario?

Thanks,

bus_pass_man

Does this help answer your question?


https://www.ibm.com/support/knowledgecenter/en/SSEP7J_11.1.0/com.ibm.swg.ba.cognos.ca_mdlg.doc/t_ca_mdlg_secure_data.html

"Tables that are based on typed-in SQL bypass security filters. To avoid potential security risks, specify the ibmcognos.typeinsqldisabled property on the data server connection that your data module is based on. If an attempt is made to create an SQL-based table after this property is specified, the table is not created. If this property is specified after an SQL-based table was created, the query execution is stopped. For more information, see Cognos-specific connection parameters."