Database Reference
In-Depth Information
Note that users have access to the All Member too: enabling the
Enable Visual
Totals
option will make sure the user only sees totals for the members that the user
has access to. Here's what the users
Chris
and
Marco
will see when they connect to
the cube through the role:
We can see that the two different users see different members on the Reseller
dimension. Both users can see the reseller
Roadway Bicycle Supply
but Marco
can't see
Requisite Part Supply
.
Dynamic security with stored procedures
The example we've just looked at uses data-driven security: it stores data on access
rights inside the cube itself. Sometimes though, we will be faced with more complex
requirements: we might, for example, have to call external authentication procedures
through web services. This is definitely something that cannot be handled using
MDX expressions alone.
In such cases, we can create a .NET assembly to handle the security logic and then
call the assembly from an MDX expression. A .NET function, when called from
inside Analysis Services, is called a Stored Procedure. Note that Analysis Services
stored procedures should not be confused with SQL Server stored procedures—
they're really just a way of creating custom MDX functions. Having the ability to
call .NET code from inside MDX will, though, let us use the full power of .NET
programming to define very complex security models.
Search WWH ::
Custom Search