Drill through overrides role security

Topics: Developer Forum
Aug 9, 2013 at 11:46 AM
I have users who are only allowed to browse certain accounts. However when using ASSP.GetCustomDrillthroughMDX the user is able to see information they don't have access to. Is there anyway to make sure the stored procedures use the proper security settings.

Thanks,
Tim LaBarge
Coordinator
Aug 9, 2013 at 11:18 PM
What impersonation setting have you configured for the ASSP assembly when you installed it on your server/database? It would have to be set to impersonate the current user in order for those credentials to be picked up by the drillthrough command.

Have you tried running a profiler trace while a user drills through to see which credentials are actually being used?
Aug 12, 2013 at 1:06 PM
Dgosbell thanks for your post after changing the settings to impersonate the current user I was still getting all records. I then ran a profiler trace and saw that the drill through was executing with the system account. I changed the permissions to Safe which caused the drill through to produced an error because of the ExecuteDrillthroughAndFixColumns function. After removing the ExecuteDrillthroughAndFixColumns function everything is working as intended.

Thanks Again!