Would anyone care to discuss the best way to accomplish Row and Cell Level Authorization using VS 2008, ASP.NET 2.0 and SQL Server 2005.
We are looking at a fairly complex system which displays multiple listings on one page. Each listing contains a variable number of columns from many different tables. Rows and columns from different tables may have different levels of authorization. There may be 10's of thousands of users. Each user may see and or edit any number of listings and any listing could potentially be available for read or write to any number of users.
Users authorize other users to view or edit listings. All users have the right to assign other users but are limited in the level of access they can provide to others.
From a speed and programming effort point of view, would it be best to use a single high level login to SQLServer and manage all authorization on the Web Server side or is it best to create all the security accounts on the SQLSever and use its build in facilities to manage the appropriate level of control required for this application.
From what i've read cell security s enforced on the client. If someone is able to gain access to a machine running the client (for example an application server or a web server) he is able to get cell values independently of the fact that those values will be defined as #N/A in the secured cell value property. The real value is travelling between theAnalysis Server and the application server. Is this true ? How can we effectively garantee true security ?
I've implemented and tested cell level security on the cube. It's testing certain level conditions, and returns #N/A (as normal) when the user is not supposed to see the cell value. Since I always use .FormattedValue in my reports, works fine in Report Services (and Excel and ProClarity, etc.)
Here's the problem:
When RS parameters encounter this situation, the parameter dataset "breaks" (The following system error occurred: Type mismatch.) This is happening, because the parameter fields (ParameterValue, ParameterCaption, ParameterLevel) are being replaced by #N/A, due to the cell level security. This is happening, because these are actually defined as members, and hence passing through cell level security.
What I need to do is find a way to have these specific members bypass the cell level security, so that the parameter datasets still work. (Failing that, a new way of specifying parameters in MSRS.)
I've tried the following a a cell level security rule, but it doesn't seem to work:
[Measures].CurrentMember is [Measures].[ParameterValue] or [Measures].CurrentMember is [Measures].[ParameterCaption] or [Measures].CurrentMember is [Measures].[ParameterLevel] or [Measures].[Is Visible]
I want to enforce a unique constraint on a column which must be encrypted in MSSQL 2005 using Cell Level Encyption (CLE).
CREATE MASTER KEY ENCRYPTION BY PASSWORD = 'itsaSECRET!!!3£3£3£!!!' CREATE CERTIFICATE ERCERT WITH SUBJECT = 'A cert for use by procs' CREATE SYMMETRIC KEY ERKEY WITH ALGORITHM = AES_256 ENCRYPTION BY CERTIFICATE ERCERT
[Code] ....
The output makes it obvious why the constraint has 'not' been enforced.
Hi, I'm working with MRS and I've got a table with a lot of entries. For each value in the table I'm trying to get the text colour to be set to 'red' when the value of the cell is less than 0. Otherwise remain black.
I can do this by setting the colour property cell by cell. But I have a lot of cells in the table. Is there a way to set the statement to apply to ALL cells in the table?
Basically I'm asking if there is a way to set the property in bulk instead of going through tediously cell by cell.
HI,I HAVE AN EXCEL SHEET WITH SOME DATA, I WANT TO IMPORT THAT DATA (CELLBY CELL WITH MANIPULATION) INTO THE SQL SERVER TABLES BY USING STOREDPROCEDURE(IF POSSIBLE).IF ANYBODY HAVE DONE SIMILER TYPE OF JOB OR KNOWING ABOUT IT, PLS. LETME KNOW.THANKS IN ADV.T.S.NEGI
I have posted this issue for a week, haven't got any reply yet, I posted it again and desperately need your help.
The article http://msdn2.microsoft.com/en-us/library/ms365343.aspx says: Model Item Security can be set for differnt security filters, but when I use SQL Server Management Studio to set Model Item Security, it seems "Permissions" property surpass "Model Item Security" property. -- My report server is using Custom Authentication.
For example, in "Permissions" property of the model, if I checked "Use these roles for each group or user account" without setting any user or group, no matter what users I added to "Model Item Security" with "Secure individual model items independently for this model" checked, NO one user can see the model on report manager and report builder;
in above situation, if I added "user1" and gave role such as "Browser" role to "user1" in "Permissions" property, if I checked "Secure individual model items independently for this model" in "Model Item Security" property, even I did NOT grant "user1" to root model and any entities under the model, the "user1" is able to access the model and all entities in report builder.
My question is on the same report model, how to set "AdminFilter" (empty security filter) for administrator permissions and set "GeneralFilter" (filtered on UserID) for general user based on their UserID?
The article also says:
"Security filters are always applied, even for users who have Content Manager or Administrator permissions to the model. To allow administrators or other users to see all rows of an entity on which row-level security is defined, you can create an empty security filter (which always returns True) and then use the filter to grant those users access to all the rows."
So I defined 2 filters "GeneralFilter" and "AdminFilter" for "Staff" entity for my report model "SSRSModel", I expect after I deployed the report model, the administrator users use report builder to build reports with all rows available, and the non-admin users can only see rows based on their UserID.
I can only get one result at a time but not both:
either the rows are filtered or not filtered at all, no matter how I set the "SecurityFilter" for the entity: I tried setting both "AdminFilter" and "GeneralFilter" for SecurityFilter at the same time, combination of "DefaultSecurityFilter" and "SecurityFilter", or one at a time.
Is there any possibility to schedule SQL job execution as Windows Security Group? I need to run powershell script through SQL job with one of this group member's permissions.
I have Sql Server Express installed on Vista (service pack 2)
I have Visual Studio 2005 with an application that I'm trying to access it with within a WCF service.
The login ID of the service is added to the database.
The database has remote access turned on.
The ID is granted access to all databases within the server.
The thread is being set with WindowsProvider and the services set their thread to WindowsProvider.
The dataserver is set with using Windows Authentication for security.
When I open my connection to the database, though, it reports the typically useless message that the connection is not allowed and that the server may not allow remote connections.
How to I get past this? I've done everything right.
I want to use an Active Directory security group that is a Distribution List for a new role assignment for an existing report. Can someone tell me if this is possible? I get an error each time I try:
The user or group name <DLName> is not recognized. (rsUnknownUserName)"
I need help with a simple query. We have 86 entries with the City of O'Fallon in our db. How do I do this with the apostrophe in O'Fallon? Below is just to give an idea of what I want. Thanks. SELECT * FROM Organization WHERE City=O'Fallon
Hello All, i am trying to create a normal ASP.NET application using VS2005. Yesterday i was adding tables.. entering data from within "View Table Data" tab, but today i am unable to do any data insertion or updating except by entering the insert or update statement by hand. When updating data of existing record or trying to add new data, it reports that "Cell is readonly!". I did not modify any settings or configuration and actually did nothing to set it to readonly! I am quite confused to be honest and writing sql statements by hand is kinda time consuming for me if i want to update a single field. What can i do to re-enable data modifications from VS2005 without reporting readonly? Thanks,Rakan
hi all im really have a problem in my project. i have server and client side each side contain SQL Server DB. and i have excel file on the server side this excel file conected with another server, this file changed data in continuosly each less than 1 sec by data feed.
now i need to read each changed data cell from this file to save it on server DB and Client DB (just changed data).
my problem :
u know changed event is not fired when change cell by data feed or not edit manually, just calc event is rised . but calc event do not specify the changed cell range (address).
so i do this to know changed cell range: when run the program saved all excel tabel into SQL server table. and then check row by row between excel and sql if any change , when i get any change, i update the excel row insted this DB row.
and rise event to send this row to client by socket over internet to update the row in client side too.
but i tell u that the excel file updated each less than 1 sec, and i noted that many changed excel data missed until checked row by row for whole excel sheet with DB tabel and updated change.
this is my problem ( please help me as soon as posible coz i have dead line to Delivered this program)
and if u recomended me for another techneque to be easy or quickly to solve this problem i will thaks so much for u)
In SQL 2000 I used to be able to open a table in Enterprise Manager and make changes or Update with Query Analyser. Now when I attempt this in SQL 2005 I am told that the Cell is Read Only.
How do I update this column as I cannot find a read-only or allow updates property anywhere?
I changed the join type and did some modifications to the query in the query designer. Then I executed the query. Resutls are shown in query designer. But it says Cell is read only. Therefore when I change the tap from data to preview , I can not view the report.
This happens only when I use generic query builder. Does anybody know how to change the read only option ?
I'm trying this code but nothing is being displayedSqlConnection conn = new SqlConnection(ConfigurationManager.AppSettings["STRING_CON"]); SqlDataAdapter da = new SqlDataAdapter("my_sproc", conn);DataTable dt = new DataTable(); DataRow dr; //Adding the columns to the datatabledt.Columns.Add("CategoryIdIn"); dt.Columns.Add("CategoryNameVc");foreach (DataGridItem item in gd_freq.Items) { dr = dt.NewRow(); dr[0] = item.Cells[0].Text; dr[1] = item.Cells[1].Text; dt.Rows.Add(dr); }//ForEach da.Fill(dt); gd_freq.DataSource = dt; gd_freq.DataBind();
Hi! Anyone knows how to select only certain data from one data field?
Lets say i have this field which captures Member Name and ID. The ID is in parantheses "()". I only want the Member name. How do I select this from the table?
E.G.: Field: Data MName: John Doe (123)
I need to select only "John Doe". Any help is deeply appreciated. Thank you!!
Query Declare @num1 char(5) Set @num1 = (SELECT ltrim(Substring(ltrim(number2), 8, CHARINDEX(' ', ltrim(number2)))) FROM Num2played) SELECT @num1 FROM Num2played
Error Subquery returned more than 1 value. This is not permitted when the subquery follows =, !=, <, <= , >, >= or when the subquery is used as an expression.
Any suggestions or fix?
Thank you. ========================================= The data above is in one colum. I would like to rearange the numbers in order. e.g. from "10 13 15 3 26" to "3 10 13 15 26".
Is there a way to mask the contents of a cell or column? I have a table that stores passwords and I would like to mask the password much like Access does with asterisks. I know I can restrict the column based on user but that creates other problems on the frontend.
I'm looking at a system where formulas have been added into fields in a table and I need to look at the field to see what formula to use when selecting eg: eg this + this, this / this etc.Here's a basic table I have knocked up to try different things...
CREATE TABLE #HeaderOrder( [HeaderCode] [varchar](10) NOT NULL, [HeaderCode2] [varchar](10) NOT NULL, [FormulaCode] [varchar](10) NOT NULL
I am trying to edit a long text cell in Enterprise Manager but when I select"<long text>" and try to delete it, I get an error saying "cannot edit thiscell".Could anyone tell me how to edit this cell?Thanks, Amanda
I have created a report that uses a fairly complex IIF statement to sum the data. That part works just fine. Now I need to format the font color so negative values show in red. Is there a way to reference the individual cell (by its textbox name maybe?) in the Expression Editor?
For example, if tb_Orders was the name of the textbox that sums the data, I'd like to write something like:
=switch(tb_Orders < 0, "Red")
I could just copy the IIF statement but I'd rather keep things simple. This way, if I need to change the formulas, I don't have to change all of the conditional formatting as well.
I'm currently working on a report which contains a number of matrix' with subtotals. Each matrix calculates a STDEVP which works just fine and the total shows the values I want.
However, I would like to change the font color of each cell based on the value compared to the total.
For example:
A 4.5 B 7.8 C 3.9 D 5.2 Total 5.7
With the values of A and C being less than the Total, I want to change their color to "Green" and the others to "Red".
I was hopeing I would be able to do something like this. =Iif(ReportItems!matrix1_std.value < xxxxxxxxx,"Green","Red")
Where ReportItems!matrix1_std.value is the values of A-D and xxxxxxxxx would be the "Total"
Is this in some way possible??
I found many expamples for changing the color etc of the totals cell but nothing which tells me how to change the layout of a cell based on the total value.