[Mondrian] RDBMS authorization
Matt Campbell
mkambol at gmail.com
Mon Jun 23 14:55:24 CDT 2008
In our application we rely heavily on RDBMS authorization rules to govern
row/column security. A single database may have many different roles, and a
particular db user will be mapped to one of these roles. Because of this,
we deploy several Mondrian catalogs per database instance, one for each
role, with a different jdbc connection string for each.
This feels sub-optimal to me, because the actual Mondrian schema is
identical in all of these cases. We may have 20 different catalogs whose
only difference is the username/password in the jdbc connection. I've been
wondering lately if we could somehow associate the database connection with
a particular Mondrian role, allowing us to collapse all of these catalogs
down to a single one. Both the member and cell cache would need to be
specific to each role.
Any thoughts on whether this would be reasonable enhancement?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.157946-web2.www.pentaho.org/pipermail/mondrian/attachments/20080623/54792a57/attachment.html
More information about the Mondrian
mailing list