This document discusses applying dynamic security in Mondrian. It describes a complex scenario of an international retailer with many stores and users that need access restricted to certain data. It proposes two solutions: 1) creating roles using ETL which has performance and timeliness issues, and 2) using a dynamic schema processor to modify the schema prior to use and restrict data through SQL views, providing better performance and an updated cube. The dynamic schema processor solution is recommended for this complex scenario.
Delhi 99530 vip 56974 Genuine Escort Service Call Girls in Kishangarh
Dynamic security in Mondrian using roles and a schema processor
1. Applying dynamic security in Mondrian
David Fombella Pombal
http://anonymousbi.wordpress.com
@Pentaho_Fan
2. Applying dynamic security in Mondrian 2
About me
Simple Scenario
Complex Scenario
Introduction
Solution 1: Roles created using ETL
Solution 2: Dynamic Security
Applying dynamic security in Mondrian
3. Applying dynamic security in Mondrian 3
About Me
Simple Scenario
Complex Scenario
Introduction
Solution 1: Roles created using ETL
Solution 2: Dynamic Security
Applying dynamic security in Mondrian
4. Applying dynamic security in Mondrian 4
David Fombella Pombal
BI Consultant, Technical Developmental Editor and
Pentaho Community Guy
About me
5. Applying dynamic security in Mondrian 5
About Me
Simple Scenario
Complex Scenario
Introduction
Solution 1: Roles created using ETL
Solution 2: Dynamic Security
Applying dynamic security in Mondrian
6. Applying dynamic security in Mondrian 6
Introduction
•Mondrian is an open source ROLAP server written in
Java
•Reads from JDBC data sources
•Implements the MDX language
•Supports the XML for Analysis and olap4j interface
specifications.
•Included in Pentaho suite
7. Applying dynamic security in Mondrian 7
Introduction
•Mondrian allows role based data access
•Each user is assigned one or more roles
•Data access rules are set on the schema file
8. Applying dynamic security in Mondrian 8
About Me
Simple Scenario
Complex Scenario
Introduction
Solution 1: Roles created using ETL
Solution 2: Dynamic Security
Applying dynamic security in Mondrian
9. Applying dynamic security in Mondrian 9
Simple Scenario
•President has access to full data
•Country manager has access to a specific country
•A few roles are required
•Roles are created and assigned manually
•Access rules are edited by hand in XML file
10. Applying dynamic security in Mondrian 10
About me
Simple Scenario
Complex Scenario
Introduction
Solution 1: Roles created using ETL
Solution 2: Dynamic Security
Applying dynamic security in Mondrian
11. Applying dynamic security in Mondrian 11
Complex Scenario
•Case in Hand: PentahoFan fictitious company
•International multi-channel retailer
•Collects sales data from all its stores
•Needs to limit data visibility per user/role
•Stores distributed over five continents
•4 categories of users : President, Continent Manager,
Country Manager and Store Manager
•Over 8000 stores
15. Applying dynamic security in Mondrian 15
Easy to use +
Open Source +
BI Solution =
Pentaho and
Mondrian!
Searching
16. Applying dynamic security in Mondrian 16
About me
Simple Scenario
Complex Scenario
Introduction
Solution 1: Roles created using ETL
Solution 2: Dynamic Security
Applying dynamic security in Mondrian
17. Applying dynamic security in Mondrian 17
Solution 1: Roles created using ETL
•Add Roles to a Mondrian schema template using a Kettle
Transformation
18. Applying dynamic security in Mondrian 18
Solution 1: Roles created using ETL
Problems:
•Performance issues
•ETL execution required if
a new store opens
•Cube up to date?
19. Applying dynamic security in Mondrian 19
About Me
Simple Scenario
Complex Scenario
Introduction
Solution 1: Roles created using ETL
Solution 2: Dynamic Security
Applying dynamic security in Mondrian
20. Applying dynamic security in Mondrian 20
Solution 2: Dynamic Security
Dynamic Schema Processor
•Restricting data using a dynamic schema processor
(DSP)
•Prior to Mondrian using the schema, the DSP can
modify the schema.