The SAS Output Delivery System and reporting techniques

Need Session USERNAME for restricting permissions

Accepted Solution Solved
Reply
Occasional Contributor
Posts: 19
Accepted Solution

Need Session USERNAME for restricting permissions

Hi,

I have created new reports needed for client and linked it to the reports tab in SAS AML frontend V5.1 .

At present i am unable to find any conditions in Management console to disable the reports tab based on user capabilites.

Hence i am trying to create a logic wherein the session username/userid is captured in the first page before the SAS stored process of second page is loaded and then the username/userid is checked if belonging to a group with sufficient privileges and then the net set of stored process executed.

Now once the control is transferred to stored process, the username becomes admin username as we are implementing token authentication.

i want to know if i can get the session username/userid in the first page itself in html/javascript so that i get the logged in user details before it is converted into token.

Kindly help me

Do provide your insights.

Thanks in advance


Accepted Solutions
Solution
‎06-25-2015 06:08 AM
PROC Star
Posts: 392

Re: Need Session USERNAME for restricting permissions

I am guessing you are checking the operating system user id? Perhaps you could show a code fragment where you are checking it. The operating system user id would be a shared identity when using SAS Token Authentication. When you say admin username are you talking about the spawned servers identity (often named sasrv)?

The SAS metadata identity should still be available to stored processes to query and use and should represent the identity of the person who authenticated to the SAS platform (rather than the operating system process owner of the SAS stored process server instance).

If you haven't already seen it, have a look in the SAS(R) 9.4 Stored Processes: Developer's Guide, Second Edition particularly the section Using Reserved Macro Variables. What do you get when you %put the following macro variables in your stored process?

  • &_AUTHTYP
  • &_METAPERSON
  • &_METAUSER
  • &_RMTUSER
  • &_SECUREUSERNAME
  • &_USERNAME

View solution in original post


All Replies
Super User
Posts: 5,260

Re: Need Session USERNAME for restricting permissions

Not sure if I follow you exactly, and bear in mind that most SAS users doesn't use AML.

I don't know if it helps, but you can restrict access to Stored Process in metadata.

Data never sleeps
Solution
‎06-25-2015 06:08 AM
PROC Star
Posts: 392

Re: Need Session USERNAME for restricting permissions

I am guessing you are checking the operating system user id? Perhaps you could show a code fragment where you are checking it. The operating system user id would be a shared identity when using SAS Token Authentication. When you say admin username are you talking about the spawned servers identity (often named sasrv)?

The SAS metadata identity should still be available to stored processes to query and use and should represent the identity of the person who authenticated to the SAS platform (rather than the operating system process owner of the SAS stored process server instance).

If you haven't already seen it, have a look in the SAS(R) 9.4 Stored Processes: Developer's Guide, Second Edition particularly the section Using Reserved Macro Variables. What do you get when you %put the following macro variables in your stored process?

  • &_AUTHTYP
  • &_METAPERSON
  • &_METAUSER
  • &_RMTUSER
  • &_SECUREUSERNAME
  • &_USERNAME
Occasional Contributor
Posts: 19

Re: Need Session USERNAME for restricting permissions

Thank you Paul,

the macro variables

  • &_METAPERSON
  • &_METAUSER

served my purpose. I was able to get the logged in user details with these macros .

thanks Smiley Happy

☑ This topic is solved.

Need further help from the community? Please ask a new question.

Discussion stats
  • 3 replies
  • 398 views
  • 0 likes
  • 3 in conversation