Your SAS programs, embedded in web apps and elsewhere

Defining user authorization for a stored process

Reply
Frequent Contributor
Frequent Contributor
Posts: 76

Defining user authorization for a stored process

I have defined a stored process that my customer runs as an "on demand production process" using AMO. Currently everyone that has AMO can see this "report". What I want to do is hide this from all individuals except the authorized individual. I have been able to cause the report to error out for unauthorized users but I would rather them not see the report at all.

Does anyone have any suggestions on how to set up the metadata authorization
to do this?

Thanks
Linda
New Contributor ATT
New Contributor
Posts: 3

Re: Defining user authorization for a stored process

Hi Linda,

You may want to have a look at the metadata security side of things. There is documentation on this area in:
http://support.sas.com/documentation/configuration/bisecag.pdf

You will be able to deny/ grant read metadata privileges to groups and hence prevent people from seeing the stored process.

You may want to also consider using operating system permissions to prevent people accessing the relevant .sas file as well. Metadata permissions may be sufficient however the metadata permissions should be seen to sit on top of other layers of permissions such as the operating system and database and hence should go hand in hand.

cheers,
Alan
Frequent Contributor
Posts: 120

Re: Defining user authorization for a stored process

I am using ACT and folders in BIP tree.
I have defined ACT for different type of users (groups) and assigned them to my folders.

All stored processes are put in folders and they inherrit authorization from the ACT.
Works fine and my only concern is to put the SP in the right folder...

//Fredrik
Ask a Question
Discussion stats
  • 2 replies
  • 206 views
  • 0 likes
  • 3 in conversation