Use custom authorisation on access to cube

Question

Is it possible to use our solution's existing authentication mechanism for determining access rights to a MS Analysis services cube?

We already have a system that manages usage policies and we would like to avoid duplicating this on the SQL Server.

Our authentication system is based on NetSqlAzMan and we could expose it as a web service, or a set of managed .NET assemblies (or just about anything if it got us the above functionality)...

Answer 1

If you mean Custom Authentication my answer is No. SSAS uses Windows Autentication and you should use it with its services or options (active directory, other integrated solutions etc).

If you mean Custom Authorization then my answer is Yes. Basically, you should follow the steps below;

• Create a .NET assembly that uses your NetSqlAzMan backed web services or whatever you have for integration.
• Register the assembly with Analysis Services
• Use the registered assembly's functions in the advanced Dimension Security section to restrict the dimension members by users.

Custom assembly in this context must be developed as high performant as possible because every MDX query will consult it for filtering the members.