cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
deleted_user
deleted_user
Not applicable

Stored Process for Portal but not for Enterprise Guide users

Posted 03-04-2010 11:49 AM (769 views)
Has anyone solved this puzzle?

I'd like to be able to create an SP to be run from the Portal that can report on secure data, and use Stored Process Server to get efficient execution (don't want each query to start its own workspace) but prevent Enterprise Guide users from running their own code on the same Stored Process Server and circumventing data security by running under the server identity.

If I secure the Logical Stored Process server in metadata I can prevent EG users from connecting to it ... but then if one of those users logs on to the Portal they can't run the canned Stored Process because the server is not available to them. If it's available to the Portal I can't see any way to stop the EG user running an SP there.

Is there some way to set up an SP server that the Portal can use, but which EG users can't see?

This is under 9.1.3 by the way, so a 9.2 method won't help (at least not for a while)

I wait in hope,

Steve
0 Likes
Reply
3 REPLIES 3
milts
Pyrite | Level 9 milts
Pyrite | Level 9

Re: Stored Process for Portal but not for Enterprise Guide users

Posted 03-06-2010 01:34 AM (749 views)  |   In reply to deleted_user
Hi Steve,

Are your EG users also your Portal users? If not, how about creating two groups in SMC? One for your Portal users and the other for your EG users? Then deny read of your SP to the EG group.

Milton
0 Likes
Reply
deleted_user
deleted_user
Not applicable

Re: Stored Process for Portal but not for Enterprise Guide users

Posted 03-06-2010 07:13 AM (749 views)  |   In reply to milts
Hi Milton,

Good idea, but the there is overlap between Portal users and EG users, so I can't segregate them that way.

I was wondering about setting up an SP server running under a different identity (rather than sassrv, something with a bit lower privilege that can't see the data by default) and then use a compiled macro to access the required hidden path, but only if the 'right' _PROGRAM value is present. Seems a bit convoluted, so I was hoping someone had found a better method before I try setting all that up.

Regards,
Steve
0 Likes
Reply
Cynthia_sas
SAS Super FREQ Cynthia_sas
SAS Super FREQ

Re: Stored Process for Portal but not for Enterprise Guide users

Posted 03-06-2010 10:42 AM (749 views)  |   In reply to deleted_user
Hi:
I'm not clear on whether it is even POSSIBLE to set up a Stored Process Server that would use an identity other than sassrv. To me, that would be a question for SAS Technical Support. This documentation suggests that it is possible to hide server definitions from certain users:
http://support.sas.com/documentation/cdl/en/bisecag/61133/HTML/default/a003280630.htm

It does not outline a way to bypass the use of sassrv or SAS General Servers group.

cynthia
0 Likes
Reply

sas-innovate-2024.png

Don't miss out on SAS Innovate - Register now for the FREE Livestream!

Can't make it to Vegas? No problem! Watch our general sessions LIVE or on-demand starting April 17th. Hear from SAS execs, best-selling author Adam Grant, Hot Ones host Sean Evans, top tech journalist Kara Swisher, AI expert Cassie Kozyrkov, and the mind-blowing dance crew iLuminate! Plus, get access to over 20 breakout sessions.

 

Register now!

How to Concatenate Values

Learn how use the CAT functions in SAS to join values from multiple variables into a single value.

Watch How to Concatenate Values on YouTube

Find more tutorials on the SAS Users YouTube channel.

Click image to register for webinarClick image to register for webinar

Classroom Training Available!

Select SAS Training centers are offering in-person courses. View upcoming courses for:

View all other training opportunities.

Discussion stats
  • 3 replies
  • ‎03-04-2010 11:49 AM
  • 770 views
  • 0 likes
  • 3 in conversation