Analytics Software

Hello Guys,

All our users will be getting authenticated using LDAP. All the groups(4 groups) are created in the database and also the users are created in the DB and assigned to the respective groups.

The below table called D_Table will also be created in the DB

Sno Nurse District
1 Joe D1
2 Priya D2
3 Aswin D3
4 Sara D4

Here joe, priya, aswin, sara etc are users already created in the DB and groups are assigned. Now what my client is looking for is when joe logs in he should see the data

only related to D1 when Priya logs in she should see the data relate to D2 etc.

I can create groups in the rpd called D1,D2 etc and then create users and give permissions to the group. But since this is not the best way because if have many disticts it will be tedious to create so many groups such as D1, D2 etc.

I went throgh few articles and got to know that we can do using session variables and init blocks. My questions are

(1) We should join the table that has all the user groups and users with the above table(*D_Table*). Then should we bring any of these tables to the Physical layer.

(2) Since there will be a table which has all the distict id, districtinformation already in PL of obiee should we join that table with *(D_Table)*

(3) While creating the session variable what should be my sql statement.(I am not able to understand whether I shud call group id or user id a a variable or district number)

(4) Now how will I have to give the row lowel security in the rpd ie joe should see data only from D1 etc. Should I do it in presentation layer or BMM layer. Or should I go to groups and permissions and then equate the distict colums to valueof(nqsession.variable)

Can you guys please let me know. Also let me know if I have not provided enough information. I ahve not done something like this before so I have no clue how to go about doing it.

Thank You.

Edited by: 810820 on Nov 15, 2010 1:16 PM